summaryrefslogtreecommitdiff
path: root/src/responder/nss/nsssrv.c
AgeCommit message (Collapse)AuthorFilesLines
2012-03-08Use the correct hash table for pending requestsSimo Sorce1-1/+1
The function that handled pending requests on reconnect was checking an orphaned global variable that was never used, redenring the whole function uselsess. This fixes a very nasty bug that was causing requests for which we never received an answer for (for example because the backend failed and was restarted) to be never removed and therefore causing a black hole effect for any other request of the same type. Fixes: https://fedorahosted.org/sssd/ticket/1229
2012-02-21Don't give memory context in confdb where not neededJan Zeleny1-6/+6
2012-02-17RESPONDERS: Make the fd_limit setting configurableStephen Gallagher1-1/+12
This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197
2012-02-17RESPONDERS: Allow increasing the file-descriptor limitStephen Gallagher1-0/+4
This patch will increase the file descriptor limit to 8k or the limits.conf maximum, whichever is lesser. https://fedorahosted.org/sssd/ticket/1197
2012-02-04NSS: Use sss_hash_create instead of destructorJakub Hrozek1-13/+1
2012-01-04nsssrv: remove unused macroSimo Sorce1-2/+0
2011-11-22Cleanup: Remove unused parametersJakub Hrozek1-2/+1
2011-09-21Enable the midpoint cache update by defaultStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/918
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina1-1/+4
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - conversionPavel Březina1-0/+2
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-08-08Remove unused temporary contextJakub Hrozek1-5/+0
2011-07-29Add vetoed_shells optionJohn Hodrien1-0/+4
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-05-20Add new options to override shell valueJakub Hrozek1-0/+82
https://fedorahosted.org/sssd/ticket/742
2011-05-20Add a new option to override home directory valueJakub Hrozek1-0/+5
https://fedorahosted.org/sssd/ticket/551
2011-05-20Add a new option to override primary GID numberJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/742
2011-05-06Allow changing the log level without restartStephen Gallagher1-1/+1
We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
2011-05-06Do not leak netgroups hash tableJakub Hrozek1-0/+12
2010-10-26Remove all nss requests after a reconnectSumit Bose1-1/+5
Currently we do not handle the open nss request after a reconnect and wait until they timeout (which is a couple of minutes!). This patch adds a handler that terminates all requests after a reconnect. Then responder will return matching cache entries or nothing.
2010-10-13Add netgroup support to the NSS responderStephen Gallagher1-0/+8
2010-06-17Move setup of filter_users and filter_groups to negcache.cStephen Gallagher1-187/+5
Creates a new function - sss_ncache_prepopulate() - that can be shared with other responders, such as PAM.
2010-06-17Refactor the negative cacheStephen Gallagher1-8/+8
Rename functions from nss_ncache_* to sss_ncache_* Move negative cache to responder/common and rename as negcache.c/h
2010-03-25Fix warnings from -Wmissing-field-initializersSumit Bose1-1/+1
This patch removes some tab-indentations from pamsrv.c, too.
2010-03-08Make filter_users and filter_groups also per-domainJakub Hrozek1-13/+109
Fixes: #290
2010-03-08Reopen logs when SIGHUP is caughtJakub Hrozek1-0/+1
Upon receiving SIGHUP, the monitor signals all services to reopen their debug logs. It is also possible to signal individual services to reopen their particular files. Fixes: #332
2010-03-04Eliminate monitor reconfigStephen Gallagher1-14/+0
We disabled live reconfiguration a long time ago with the intent of fixing it so that it wasn't completely broken, but we've decided that live updates are too delicate to handle all cases gracefully. For the forseeable future, we will rely on process restart for updating the configuration. Furthermore, we had not completely disabled live updates. It would still attempt to run if we sent a SIGHUP. This has also been eliminated.
2010-02-22Remove unnecessary "domain" parameter from DP registrationStephen Gallagher1-1/+1
This was a holdover from when the DP and the providers were unique processes. The NSS and PAM registrations do not need to send the domain, as it is not ambiguous which one they are talking to.
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+367
Also update BUILD.txt