| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2013-06-28 | Replace new_subdomain() with find_subdomain_by_name() | Sumit Bose | 1 | -2/+2 | |
| new_subdomain() will create a new domain object and should not be used anymore in the priovder code directly. Instead a reference to the domain from the common domain object should be used. | |||||
| 2013-03-13 | Fix initialization of multiple variables | Ondrej Kos | 1 | -1/+1 | |
| 2013-02-10 | Add realm info to sss_domain_info | Simo Sorce | 1 | -1/+1 | |
| 2013-01-21 | Add be_req_get_be_ctx() helper. | Simo Sorce | 1 | -9/+7 | |
| In preparation for making be_req opaque | |||||
| 2013-01-21 | Remove domain from be_req structure | Simo Sorce | 1 | -5/+5 | |
| 2013-01-21 | Remove hbac_ctx_be() | Simo Sorce | 1 | -1/+1 | |
| 2013-01-21 | Remove hbac_ctx_sysdb() | Simo Sorce | 1 | -5/+4 | |
| 2013-01-21 | Remove sysdb arg from [ipa_]hbac_sysdb_save() | Simo Sorce | 1 | -22/+16 | |
| Also make ipa_hbac_save_list() static | |||||
| 2013-01-21 | Remove sysdb arg from hbac_*host_attrs_to_rule() | Simo Sorce | 1 | -2/+0 | |
| 2013-01-21 | Remove sysdb arg from hbac_service_attrs_to_rule() | Simo Sorce | 1 | -1/+0 | |
| 2013-01-21 | Remove sysdb argument from hbac_user_attrs_to_rule() | Simo Sorce | 1 | -1/+0 | |
| 2013-01-15 | Add domain arg to sysdb_search_users() | Simo Sorce | 1 | -0/+1 | |
| 2013-01-15 | Add domain argument to sysdb_search_custom() | Simo Sorce | 1 | -0/+3 | |
| Also changes sysdb_search_custom_by_name() | |||||
| 2013-01-15 | Add domain argument to sysdb_store_custom() | Simo Sorce | 1 | -1/+1 | |
| 2013-01-15 | Add domain to sysdb_search_user_by_name() | Simo Sorce | 1 | -3/+6 | |
| Also remove unused sysdb_search_domuser_by_name() | |||||
| 2013-01-15 | Make sysdb_custom_subtree_dn() require a domain. | Simo Sorce | 1 | -1/+1 | |
| 2013-01-15 | Make sysdb_custom_dn() require a domain. | Simo Sorce | 1 | -2/+4 | |
| 2012-11-19 | Do not save HBAC rules in subdomain subtree | Sumit Bose | 1 | -3/+16 | |
| Currently the sysdb context is pointed to the subdomain subtree containing user the user to be checked at the beginning of a HBAC request. As a result all HBAC rules and related data is save in the subdomain tree as well. But since the HBAC rules of the configured domain apply to all users it is sufficient to save them once in the subtree of the configured domain. Since most of the sysdb operations during a HBAC request are related to the HBAC rules and related data this patch does not change the default sysdb context but only create a special context to look up subdomain users. | |||||
| 2012-09-24 | SYSDB: Remove unnecessary domain parameter from several sysdb calls | Jakub Hrozek | 1 | -5/+3 | |
| The domain can be read from the sysdb object. Removing the domain string makes the API more self-contained. | |||||
| 2012-08-23 | Unify usage of sysdb transactions | Michal Zidek | 1 | -2/+8 | |
| Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c). | |||||
| 2012-01-06 | HBAC: create empty groups with one NULL element | Jakub Hrozek | 1 | -16/+15 | |
| https://fedorahosted.org/sssd/ticket/1130 | |||||
| 2011-11-29 | Add ipa_hbac_support_srchost option to IPA provider | Jan Zeleny | 1 | -0/+3 | |
| don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078 | |||||
| 2011-11-22 | Cleanup: Remove unused parameters | Jakub Hrozek | 1 | -7/+1 | |
| 2011-10-17 | Add a missing break | Jakub Hrozek | 1 | -0/+1 | |
| 2011-10-14 | HBAC: Use originalMember for identifying hostgroups | Stephen Gallagher | 1 | -45/+51 | |
| 2011-10-14 | HBAC: Use originalMember for identifying servicegroups | Stephen Gallagher | 1 | -41/+55 | |
| 2011-10-14 | HBAC: Do not save member/memberOf links | Stephen Gallagher | 1 | -120/+0 | |
| We can just trust the values from the FreeIPA server | |||||
| 2011-09-28 | HBAC: fix typos preventing proper hostgroup evaluation | Stephen Gallagher | 1 | -3/+3 | |
| 2011-09-28 | Multiline macro cleanup | Jakub Hrozek | 1 | -1/+1 | |
| This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again. | |||||
| 2011-08-26 | HBAC: Handle saving groups that have no members | Stephen Gallagher | 1 | -7/+21 | |
| 2011-08-15 | sysdb refactoring: memory context deleted | Jan Zeleny | 1 | -2/+2 | |
| This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well. | |||||
| 2011-08-15 | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 1 | -7/+5 | |
| The patch also updates code using modified functions. Tests have also been adjusted. | |||||
| 2011-07-29 | Fix incorrect NULL check in ipa_hbac_common.c | Stephen Gallagher | 1 | -1/+1 | |
| https://fedorahosted.org/sssd/ticket/936 | |||||
| 2011-07-08 | Treat NULL or empty rhost as unknown | Stephen Gallagher | 1 | -9/+21 | |
| Previously, we were assuming this meant it was coming from the localhost, but this is not a safe assumption. We will now treat it as unknown and it will fail to match any rule that requires a specified srchost or group of srchosts. | |||||
| 2011-07-08 | Add helper functions for looking up HBAC rule components | Stephen Gallagher | 1 | -0/+871 | |
 |
index : sssd | |
| System Security Services Daemon | ben |
| summaryrefslogtreecommitdiff |