summaryrefslogtreecommitdiff
path: root/src/external
AgeCommit message (Collapse)AuthorFilesLines
2010-04-16Use SO_PEERCRED on the PAM socketSumit Bose1-0/+12
This is the second attempt to let the PAM client and the PAM responder exchange their credentials, i.e. uid, gid and pid. Because this approach does not require any message interchange between the client and the server the protocol version number is not changed. On the client side the connection is terminated it the responder is not run by root. On the server side the effective uid and gid and the pid of the client are available for future use. The following additional changes are made by this patch: - the checks of the ownership and the permissions on the PAM sockets are enhanced - internal error codes are introduced on the client side to generate more specific log messages if an error occurs
2010-04-16Revert "Add better checks on PAM socket"Sumit Bose1-12/+0
This reverts commit 5a88e963744e5da453e88b5c36499f04712df097.
2010-04-08SELinux login managementJakub Hrozek1-0/+12
Adds a new option -Z to sss_useradd and sss_usermod. This option allows user to specify the SELinux login context for the user. On deleting the user with sss_userdel, the login mapping is deleted, so subsequent adding of the same user would result in the default login context unless -Z is specified again. MLS security is not supported as of this patch.
2010-03-15Flush NSCD cache after modifying local databaseJakub Hrozek1-0/+9
Fixes: #221
2010-03-11Add better checks on PAM socketSumit Bose1-0/+12
- check if the public socket belongs to root and has 0666 permissions - use a SCM_CREDENTIALS message if available
2010-02-18Rename server/ directory to src/Stephen Gallagher20-0/+609
Also update BUILD.txt