Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-07-20 | NSS: Add override_shell option | Stephen Gallagher | 1 | -2/+12 | |
If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087 | |||||
2012-06-21 | Fix re_expression matching with subdomains | Jan Zeleny | 1 | -36/+98 | |
This patch fixes an issue which resulted in a need to initialize responder with data from local domain, otherwise it would not correctly detect requests for subdomains. Similar situation can occur if new subdomain is added at runtime. The solution is to ask for a list of subdomains in case there is a candidate domain identified in the process of matching re_expressions with given name. | |||||
2012-06-12 | Make re_expression and full_name_format per domain options | Stef Walter | 1 | -9/+13 | |
* Allows different user/domain qualified names for different domains. For example Domain\User or user@domain. * The global re_expression and full_name_format options remain as defaults for the domains. * Subdomains get the re_expression and full_name_format of their parent domain. https://bugzilla.redhat.com/show_bug.cgi?id=811663 | |||||
2012-05-31 | Ghost members - various small changes | Jan Zeleny | 1 | -1/+1 | |
2012-05-31 | Ghost members - NSS responder changes | Jan Zeleny | 1 | -89/+147 | |
Since there are two attributes storing information about user memberships of the group we have to include both of them in results. This will apply only for objects that have ghost members (i.e. they contain the SYSDB_GHOST attribute). If an object has this attribute, values of this attribute are not projected to the memberuid attribute. | |||||
2012-05-24 | NSS: Fix segfault when mmap cache cannot be initialized | Stephen Gallagher | 1 | -2/+2 | |
2012-05-15 | Use sized_string correctly in FQDN domains | Jakub Hrozek | 1 | -2/+2 | |
2012-05-15 | NSS: keep a pointer to body after body is reallocated | Jakub Hrozek | 1 | -0/+3 | |
2012-05-10 | Send the correct enumeration request | Jakub Hrozek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1329 | |||||
2012-05-09 | NSS: Add default_shell option | Stephen Gallagher | 1 | -1/+7 | |
This option will allow administrators to set a default shell to be used if a user does not have one set in the identity provider. https://fedorahosted.org/sssd/ticket/1289 | |||||
2012-05-09 | NSS: Add fallback_homedir option | Stephen Gallagher | 1 | -2/+21 | |
This option is similar to override_homedir, except that it will take effect only for users that do not have an explicit home directory specified in LDAP. https://fedorahosted.org/sssd/ticket/1250 | |||||
2012-05-02 | NSS: fix returning group from cache | Jakub Hrozek | 1 | -1/+1 | |
2012-05-02 | NSS: Check return code of sss_mmap_cache_gr_store | Jakub Hrozek | 1 | -0/+5 | |
2012-04-24 | NSS: Only return data from initgroups once | Jakub Hrozek | 1 | -3/+10 | |
Do not let nss_cmd_initgroups_search() return data itself, but let the caller return data. This is more intuitive and more consistent with the rest of the nss_cmd_*_search() functions. Also fixes a typo - nss_cmd_initgroups_cb used to call getpw_send_reply instead of initgr_send_reply. | |||||
2012-04-24 | Lowercase group members in case-insensitive domains | Jakub Hrozek | 1 | -1/+7 | |
https://fedorahosted.org/sssd/ticket/1312 | |||||
2012-04-24 | Moved expand_homedir_template() from NSS responder to utility code | Jan Zeleny | 1 | -108/+1 | |
2012-04-24 | Check sub-domains in nss_cmd_get{pwuid|grgid}_search() | Sumit Bose | 1 | -4/+26 | |
2012-04-24 | Ask for subdomains in responder in the first request after startup | Jan Zeleny | 1 | -0/+30 | |
2012-04-24 | Retrieve subdomains if there is a request for fully qualified user | Jan Zeleny | 1 | -3/+132 | |
2012-04-24 | Modified responder_get_domain() | Jan Zeleny | 1 | -3/+3 | |
Now it checks for subdomains as well as for the domain itself | |||||
2012-04-18 | Prevent printing NULL from DEBUG messages | Jakub Hrozek | 1 | -3/+6 | |
2012-03-19 | nsssrv: add handling of memory cache group map | Simo Sorce | 1 | -3/+13 | |
2012-03-19 | nsssrv: add handling of memory cache passwd map | Simo Sorce | 1 | -3/+17 | |
2012-02-29 | Remove sysdb_get_ctx_from_list() | Sumit Bose | 1 | -14/+14 | |
2012-02-13 | Avoid uninitialized value comparison | Stephen Gallagher | 1 | -0/+3 | |
Coverity #12526 | |||||
2012-02-13 | Allocate setent structure on state, not on the client context | Jakub Hrozek | 1 | -4/+4 | |
https://fedorahosted.org/sssd/ticket/1189 | |||||
2012-02-13 | Remove setent structure when callback is called | Jakub Hrozek | 1 | -9/+4 | |
2012-02-10 | Fix group enumeration | Jakub Hrozek | 1 | -0/+2 | |
Also adds some more debugging and fixes a code style issue. https://fedorahosted.org/sssd/ticket/1182 | |||||
2012-02-05 | Split the logic to check cache expiration into separate function | Jakub Hrozek | 1 | -43/+17 | |
2012-02-05 | RESPONDERS: Refactor setent_req_list | Jakub Hrozek | 1 | -51/+24 | |
Makes the setent_add_ref() and setent_notify_*() functions more generic to be reusable by the autofs responder. | |||||
2012-02-02 | RESPONDERS: Provide a common sss_cmd_send_error function | Jakub Hrozek | 1 | -13/+1 | |
The common function could be reused in new responders | |||||
2012-01-31 | Refactor nss_cmd_send_empty | Jakub Hrozek | 1 | -34/+3 | |
2012-01-27 | NSS: Add getservbyname and getservbyport support to the NSS Responder | Stephen Gallagher | 1 | -0/+6 | |
2012-01-23 | Move sized_string declaration to utils | Stephen Gallagher | 1 | -11/+0 | |
2012-01-23 | DP: Fix bugs in sss_dp_get_account_int | Stephen Gallagher | 1 | -0/+1 | |
The conversion to the tevent_req style introduced numerous bugs related to memory management of the various client requests. In some circumstances, this could cause memory corruption and segmentation faults in the NSS responder. This patch makes the following changes: 1) Rename the internal lookup from subreq to sidereq, to indicate that it is not a sub-request of the current lookup (and therefore is not cancelled if the current request is). 2) Change the handling of the callback loops since they call tevent_req_[done|error], which results in them being freed (and therefore removed from the cb_list. This was the source of the memory corruption that would occasionally result in dereferencing an unreadable request. 3) Remove the unnecessary sss_dp_get_account_int_recv() function and change sss_dp_get_account_done() so that it only frees the sidereq. All of the waiting processes have already been signaled with the final results from sss_dp_get_account_int_done() | |||||
2012-01-21 | RESPONDER: Extend sss_dp_account_send() to include extra data | Stephen Gallagher | 1 | -4/+4 | |
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend. | |||||
2012-01-09 | nsssrv: use sized_string in fill_grent | Simo Sorce | 1 | -35/+48 | |
2012-01-09 | nsssrv: use sized_string in fill_pwent | Simo Sorce | 1 | -41/+56 | |
2012-01-09 | nsssrv: add string manipulation helper | Simo Sorce | 1 | -0/+11 | |
the sized_string structure makes it easier to keep track of string lengths and makes passing around data more compat and readable. | |||||
2011-12-21 | Return user and group names lowercased in case insensitive domains | Jakub Hrozek | 1 | -12/+32 | |
2011-12-21 | sss_get_cased_name utility function | Jakub Hrozek | 1 | -6/+3 | |
2011-12-19 | Pass client context to sss_dp_get_account_send | Jakub Hrozek | 1 | -1/+1 | |
2011-12-16 | Use the case sensitivity flag in responders | Jakub Hrozek | 1 | -12/+27 | |
2011-12-16 | Responders: Split getting domain by name into separate function | Jakub Hrozek | 1 | -16/+3 | |
2011-12-07 | Pass the correct private data into Data Provider callback | Jakub Hrozek | 1 | -1/+1 | |
2011-12-05 | Ignore NULL-terminator when checking UTF8-validity | Stephen Gallagher | 1 | -3/+3 | |
Glib fails if the NULL-terminator is included when a length is specified. | |||||
2011-11-29 | RESPONDER: Refactor DP requests into tevent_req style | Stephen Gallagher | 1 | -50/+111 | |
2011-11-18 | RESPONDER: Ensure that all input strings are valid UTF-8 | Stephen Gallagher | 1 | -0/+21 | |
2011-08-15 | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 1 | -7/+7 | |
The patch also updates code using modified functions. Tests have also been adjusted. | |||||
2011-08-08 | Prevent segfault if vetoed_shells are specified without allowed_shells | Jakub Hrozek | 1 | -16/+19 | |
https://fedorahosted.org/sssd/ticket/954 |