sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2011-04-27	Add ldap_page_size configuration option	Stephen Gallagher	1	-0/+14

2011-04-25	Allow new option to specify principal for FAST	Jan Zeleny	1	-0/+9
	https://fedorahosted.org/sssd/ticket/700
2011-04-19	Add user and group search LDAP filter options	Jakub Hrozek	1	-0/+37
	https://fedorahosted.org/sssd/ticket/647
2011-03-24	Add host access control support	Pierre Ossman	1	-0/+24
	https://fedorahosted.org/sssd/ticket/746
2011-03-09	Update translation sources	Stephen Gallagher	6	-5108/+3296

2011-03-09	Add new translations from Transifex	Stephen Gallagher	4	-1/+16148

2011-02-28	Use realm for basedn instead of IPA domain	Jakub Hrozek	1	-0/+15
	https://fedorahosted.org/sssd/ticket/807
2011-02-17	Fix for generating lists of translated man pages	Sumit Bose	1	-6/+6
	In some automatic build environments the lists of translated man pages were not generated properly because ls put multiple file names into a single single.
2011-02-03	updating sss_obfuscate man page accordingly	Gowrishankar Rajaiyan	1	-2/+1

2011-01-27	Updating uk translation	Yuri Chornoivan	1	-88/+118
	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-01-25	Update man.stamp when the potfile or po4a.cfg is updated	Stephen Gallagher	1	-1/+1

2011-01-24	Update translation files for string freeze	Stephen Gallagher	3	-850/+1313
	Earlier patch for strings was incomplete
2011-01-21	Updating translation files for string freeze	Stephen Gallagher	1	-197/+212

2011-01-21	Updating uk manpage translation	Yuri Chornoivan	1	-355/+496
	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-01-20	Add ldap_tls_{cert,key,cipher_suite} config options	Tyson Whitehead	1	-0/+41
	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-01-19	Add pam_pwd_expiration_warning config option	Sumit Bose	1	-0/+18

2011-01-19	Add ipa_hbac_search_base config option	Sumit Bose	1	-0/+13

2011-01-19	Add LDAP expire policy base RHDS/IPA attribute	Sumit Bose	1	-0/+20
	The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
2011-01-19	Add LDAP expire policy based on AD attributes	Sumit Bose	1	-0/+35
	The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
2011-01-17	Fix usability of sss_obfuscate command	Stephen Gallagher	1	-2/+2

2011-01-17	Update manpage translations for ldap_enumeration_search_timeout	Stephen Gallagher	3	-333/+391

2011-01-17	Add ldap_search_enumeration_timeout config option	Sumit Bose	1	-5/+23

2011-01-14	Regenerate manpage po[t] files	Stephen Gallagher	3	-2955/+5262
	Fixed several typos
2011-01-14	Fix manpage typos	Yuri Chornoivan	4	-9/+9

2011-01-14	Add uk translation for manpages	Yuri Chornoivan	2	-1/+4386

2010-12-23	Build and install translated man pages by default	Sumit Bose	1	-23/+31

2010-12-22	Update the ID cache for any PAM request	Stephen Gallagher	1	-0/+22
	Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
2010-12-22	Add Czech translation	Jakub Hrozek	3	-0/+8428
	Translated a couple of strings from manpages into Czech. Makes the manpage translation patch testable.
2010-12-22	Make manual pages translatable	Jakub Hrozek	3	-1/+183
	Utilizes PO4A to extract translatable strings from Docbook XML sources and allows translators to submit ordinary .PO files. PO4A then generates translated Docbook documents that can be used to generate translated end user documentation. https://fedorahosted.org/sssd/ticket/297
2010-12-21	Add authorizedService support	Stephen Gallagher	1	-0/+26
	https://fedorahosted.org/sssd/ticket/670
2010-12-17	Start first enumeration immediately	Stephen Gallagher	1	-0/+5
	Previously, we would wait for ten seconds before starting an enumeration. However, this meant that on the first startup (before we had run our first enumeration) there was a ten-second window where clients would immediately get back a response with no entries instead of blocking until the enumeration completed. With this patch, SSSD will now run an enumeration immediately upon startup. Further startups will retain the ten-second delay so as not to slow down system bootups. https://fedorahosted.org/sssd/ticket/616
2010-12-13	Add group support to the simple access provider	Stephen Gallagher	1	-13/+43
	This patch adds simple_allow_groups and simple_deny_groups options to the simple access provider. It makes it possible to grant or deny access based on a user's group memberships within the domain. This patch makes one minor change to previous functionality: now all deny rules will supersede allow rules. Previously, if both simple_allow_users and simple_deny_users were set with the same value, the allow would win. https://fedorahosted.org/sssd/ticket/440
2010-12-08	Fix a typo in sssd-krb5 man page	Marko Myllynen	1	-1/+1

2010-12-07	Replace krb5_kdcip by krb5_server in LDAP provider	Sumit Bose	1	-1/+7

2010-12-07	Add support for FAST in krb5 provider	Sumit Bose	1	-0/+35

2010-12-06	Add ldap_chpass_uri config option	Sumit Bose	1	-0/+34

2010-12-06	Add new account expired rule to LDAP access provider	Sumit Bose	1	-1/+54
	Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
2010-12-03	Allow krb5 lifetime values without a unit	Sumit Bose	1	-0/+8

2010-12-03	Add support for automatic Kerberos ticket renewal	Sumit Bose	1	-0/+18

2010-12-03	Add krb5_lifetime option	Sumit Bose	1	-0/+32

2010-12-03	Add krb5_renewable_lifetime option	Sumit Bose	1	-0/+32

2010-12-01	Allow protocol fallback for SRV queries	Jakub Hrozek	3	-0/+17
	https://fedorahosted.org/sssd/ticket/691
2010-11-22	Add SIGUSR2 to reset offline status	Sumit Bose	1	-0/+9

2010-11-22	Add signal documentation to sssd(8)	Stephen Gallagher	1	-0/+35
	https://fedorahosted.org/sssd/ticket/665
2010-11-19	Fix man page	Sumit Bose	1	-2/+2
	Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication.
2010-11-15	Introduce pam_verbosity config option	Sumit Bose	1	-0/+31
	Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
2010-11-15	Properly document ldap_purge_cache_timeout	Stephen Gallagher	1	-0/+19
	Also allow it to be disabled entirely
2010-11-05	Review comments for namingContexts patches	Sumit Bose	1	-9/+3

2010-11-04	Make ldap_search_base a non-mandatory option	Sumit Bose	1	-3/+20

2010-11-04	Call krb5_child to check access permissions	Sumit Bose	1	-0/+8