Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2013-03-20 | Return error code from ipa_subdom_store | Jakub Hrozek | 1 | -5/+13 | |
2013-03-20 | ldap: Fallback option for rfc2307 schema | Simo Sorce | 1 | -0/+1 | |
Add option to fallback to fetch local users if rfc2307is being used. This is useful for cases where people added local users as LDAP members and rely on these group memberships to be maintained on the local host. Disabled by default as it violates identity domain separation. Ticket: https://fedorahosted.org/sssd/ticket/1020 | |||||
2013-03-19 | Convert sdap_access to new error codes | Simo Sorce | 1 | -10/+11 | |
Also simplify sdap_access_send to avoid completely fake _send() routines. | |||||
2013-03-19 | Make the SELinux refresh time configurable. | Michal Zidek | 3 | -2/+5 | |
Option ipa_selinux_refresh is added to basic ipa options. | |||||
2013-03-19 | Reuse cached SELinux mappings. | Michal Zidek | 2 | -3/+29 | |
Reuse cached SELinux maps when they are requested within time interval (in this patch it is hardcoded to be 5 seconds). https://fedorahosted.org/sssd/ticket/1744 | |||||
2013-03-19 | Move SELinux processing to provider. | Michal Zidek | 2 | -31/+388 | |
The SELinux processing was distributed between provider and pam responder which resulted in hard to maintain code. This patch moves the logic to provider. IT ALSO REQUIRES CHANGE IN THE SELINUX POLICY, because the provider also writes the content of selinux login file to disk (which was done by responder before). https://fedorahosted.org/sssd/ticket/1743 | |||||
2013-03-19 | Use common error facility instead of sdap_result | Simo Sorce | 2 | -31/+27 | |
Simplifies and consolidates error reporting for ldap authentication paths. Adds 3 new error codes: ERR_CHPASS_DENIED - Used when password constraints deny password changes ERR_ACCOUNT_EXPIRED - Account is expired ERR_PASSWORD_EXPIRED - Password is expired | |||||
2013-03-18 | Decrease krb5_auth_timeout default | Ondrej Kos | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1738 | |||||
2013-03-13 | Fix initialization of multiple variables | Ondrej Kos | 2 | -2/+2 | |
2013-03-06 | Updated Doxygen configuration to 1.8.1 | Thorsten Scherf | 1 | -134/+478 | |
https://fedorahosted.org/sssd/ticket/1819 | |||||
2013-02-14 | subdomains: replace invalid characters with underscore in krb5 mapping file name | Pavel Březina | 1 | -1/+26 | |
https://fedorahosted.org/sssd/ticket/1795 Only alpha-numeric chars, dashes and underscores are allowed in krb5 include directory. | |||||
2013-02-12 | Filter out multicast addresses from IPA DNS updates | Jakub Hrozek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1804 | |||||
2013-02-10 | Introduce IS_SUBDOMAIN() macro | Simo Sorce | 1 | -2/+2 | |
Fixes https://fedorahosted.org/sssd/ticket/1766 | |||||
2013-02-10 | Change the way domains are linked. | Simo Sorce | 1 | -107/+45 | |
- Use a double-linked list for domains and subdomains. - Never remove a subdomain, simply mark it as disabled if it becomes unused. - Rework the way subdomains are refreshed. Now sysdb_update_subdomains() actually updates the current subdomains and marks as disabled the ones not found in the sysdb or add new ones found. It never removes them. Removal of missing domains from sysdb is deferred to the providers, which will perform it at refresh time, for the ipa provider that is done by ipa_subdomains_write_mappings() now. sysdb_update_subdomains() is then used to update the memory hierarchy of the subdomains. - Removes sysdb_get_subdomains() - Removes copy_subdomain() - Add sysdb_subdomain_delete() | |||||
2013-02-10 | Remove sysdb_subdom completely | Simo Sorce | 1 | -52/+58 | |
struct sss_domain_info is always used to represent domains now. Adjust tests accordingly. | |||||
2013-02-10 | Refactor sysdb_master_domain_add_info() | Simo Sorce | 1 | -24/+6 | |
2013-02-10 | Update main domain info in place | Simo Sorce | 1 | -5/+4 | |
2013-02-10 | Avoid sysdb_subdom in sysdb_get_subdomains() | Simo Sorce | 1 | -3/+1 | |
2013-02-10 | Add realm info to sss_domain_info | Simo Sorce | 2 | -3/+4 | |
2013-02-10 | NSS: Add original homedir to home directory template options | Stephen Gallagher | 1 | -0/+1 | |
https://fedorahosted.org/sssd/ticket/1805 | |||||
2013-01-25 | Possible null derefence in ipa_subdomains.c. | Michal Zidek | 1 | -0/+4 | |
Found by coverity. https://fedorahosted.org/sssd/ticket/1790 | |||||
2013-01-21 | Add be_req_get_data() helper funciton. | Simo Sorce | 5 | -9/+11 | |
In preparation for making struct be_req opaque. | |||||
2013-01-21 | Add be_req_get_be_ctx() helper. | Simo Sorce | 7 | -53/+61 | |
In preparation for making be_req opaque | |||||
2013-01-21 | Add be_req_create() helper | Simo Sorce | 1 | -3/+2 | |
2013-01-21 | Introduce be_req_terminate() helper | Simo Sorce | 4 | -34/+24 | |
Call it everywhere instead of directly dereferencing be_req->fn This is in preparation of making be_req opaque. | |||||
2013-01-21 | Remove domain from be_req structure | Simo Sorce | 4 | -60/+45 | |
2013-01-21 | Pass domain not be_req to access check functions | Simo Sorce | 1 | -1/+1 | |
2013-01-21 | Do not pass NULL to ipa_subdomain_retrieve() | Simo Sorce | 1 | -18/+20 | |
2013-01-21 | Move hbac_ctx_is_offline() | Simo Sorce | 2 | -7/+6 | |
2013-01-21 | Remove hbac_ctx_sdap_id_[ctx|op]() | Simo Sorce | 2 | -18/+6 | |
2013-01-21 | Remove hbac_ctx_ev() | Simo Sorce | 2 | -10/+3 | |
2013-01-21 | Remove hbac_ctx_be() | Simo Sorce | 3 | -12/+4 | |
2013-01-21 | Remove hbac_ctx_sysdb() | Simo Sorce | 2 | -12/+4 | |
2013-01-21 | Remove sysdb argument from hbac_get_cached_rules() | Simo Sorce | 3 | -9/+6 | |
2013-01-21 | Remove sysdb arg from [ipa_]hbac_sysdb_save() | Simo Sorce | 3 | -36/+25 | |
Also make ipa_hbac_save_list() static | |||||
2013-01-21 | Remove sysdb arg from ipa_hbac_service_info_send() | Simo Sorce | 3 | -5/+0 | |
2013-01-21 | Remove sysdb arg from hbac_*host_attrs_to_rule() | Simo Sorce | 3 | -11/+4 | |
2013-01-21 | Remove sysdb arg from hbac_service_attrs_to_rule() | Simo Sorce | 3 | -5/+2 | |
2013-01-21 | Remove sysdb argument from hbac_user_attrs_to_rule() | Simo Sorce | 3 | -6/+4 | |
2013-01-21 | Remove unused structure | Simo Sorce | 1 | -6/+0 | |
2013-01-21 | Remove sysdb argument from ipa_host_info_send() | Simo Sorce | 5 | -9/+3 | |
2013-01-21 | Remove sysdb as a be request structure member | Simo Sorce | 3 | -7/+7 | |
The sysdb context is already available through the 'domain' context. | |||||
2013-01-21 | Remove sysdb as a be context structure member | Simo Sorce | 5 | -13/+13 | |
The sysdb context is already available through the 'domain' structure. | |||||
2013-01-15 | Add domain to some subdomain functions | Simo Sorce | 1 | -2/+7 | |
2013-01-15 | Add domain arguments to sysdb ssh functions | Simo Sorce | 1 | -1/+2 | |
2013-01-15 | Add domain argument to sysdb selinux functions | Simo Sorce | 3 | -4/+9 | |
2013-01-15 | Add domain arg to sysdb_search/delete_netgroup() | Simo Sorce | 1 | -1/+1 | |
2013-01-15 | Add domain argument to sysdb_search_groups() | Simo Sorce | 1 | -1/+1 | |
2013-01-15 | Add domain arg to sysdb_search_users() | Simo Sorce | 3 | -1/+5 | |
2013-01-15 | Add domain argument to sysdb_search_custom() | Simo Sorce | 7 | -8/+22 | |
Also changes sysdb_search_custom_by_name() |