summaryrefslogtreecommitdiff
path: root/src/responder/nss/nsssrv_cmd.c
AgeCommit message (Collapse)AuthorFilesLines
2012-07-20NSS: Add override_shell optionStephen Gallagher1-2/+12
If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087
2012-06-21Fix re_expression matching with subdomainsJan Zeleny1-36/+98
This patch fixes an issue which resulted in a need to initialize responder with data from local domain, otherwise it would not correctly detect requests for subdomains. Similar situation can occur if new subdomain is added at runtime. The solution is to ask for a list of subdomains in case there is a candidate domain identified in the process of matching re_expressions with given name.
2012-06-12Make re_expression and full_name_format per domain optionsStef Walter1-9/+13
* Allows different user/domain qualified names for different domains. For example Domain\User or user@domain. * The global re_expression and full_name_format options remain as defaults for the domains. * Subdomains get the re_expression and full_name_format of their parent domain. https://bugzilla.redhat.com/show_bug.cgi?id=811663
2012-05-31Ghost members - various small changesJan Zeleny1-1/+1
2012-05-31Ghost members - NSS responder changesJan Zeleny1-89/+147
Since there are two attributes storing information about user memberships of the group we have to include both of them in results. This will apply only for objects that have ghost members (i.e. they contain the SYSDB_GHOST attribute). If an object has this attribute, values of this attribute are not projected to the memberuid attribute.
2012-05-24NSS: Fix segfault when mmap cache cannot be initializedStephen Gallagher1-2/+2
2012-05-15Use sized_string correctly in FQDN domainsJakub Hrozek1-2/+2
2012-05-15NSS: keep a pointer to body after body is reallocatedJakub Hrozek1-0/+3
2012-05-10Send the correct enumeration requestJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1329
2012-05-09NSS: Add default_shell optionStephen Gallagher1-1/+7
This option will allow administrators to set a default shell to be used if a user does not have one set in the identity provider. https://fedorahosted.org/sssd/ticket/1289
2012-05-09NSS: Add fallback_homedir optionStephen Gallagher1-2/+21
This option is similar to override_homedir, except that it will take effect only for users that do not have an explicit home directory specified in LDAP. https://fedorahosted.org/sssd/ticket/1250
2012-05-02NSS: fix returning group from cacheJakub Hrozek1-1/+1
2012-05-02NSS: Check return code of sss_mmap_cache_gr_storeJakub Hrozek1-0/+5
2012-04-24NSS: Only return data from initgroups onceJakub Hrozek1-3/+10
Do not let nss_cmd_initgroups_search() return data itself, but let the caller return data. This is more intuitive and more consistent with the rest of the nss_cmd_*_search() functions. Also fixes a typo - nss_cmd_initgroups_cb used to call getpw_send_reply instead of initgr_send_reply.
2012-04-24Lowercase group members in case-insensitive domainsJakub Hrozek1-1/+7
https://fedorahosted.org/sssd/ticket/1312
2012-04-24Moved expand_homedir_template() from NSS responder to utility codeJan Zeleny1-108/+1
2012-04-24Check sub-domains in nss_cmd_get{pwuid|grgid}_search()Sumit Bose1-4/+26
2012-04-24Ask for subdomains in responder in the first request after startupJan Zeleny1-0/+30
2012-04-24Retrieve subdomains if there is a request for fully qualified userJan Zeleny1-3/+132
2012-04-24Modified responder_get_domain()Jan Zeleny1-3/+3
Now it checks for subdomains as well as for the domain itself
2012-04-18Prevent printing NULL from DEBUG messagesJakub Hrozek1-3/+6
2012-03-19nsssrv: add handling of memory cache group mapSimo Sorce1-3/+13
2012-03-19nsssrv: add handling of memory cache passwd mapSimo Sorce1-3/+17
2012-02-29Remove sysdb_get_ctx_from_list()Sumit Bose1-14/+14
2012-02-13Avoid uninitialized value comparisonStephen Gallagher1-0/+3
Coverity #12526
2012-02-13Allocate setent structure on state, not on the client contextJakub Hrozek1-4/+4
https://fedorahosted.org/sssd/ticket/1189
2012-02-13Remove setent structure when callback is calledJakub Hrozek1-9/+4
2012-02-10Fix group enumerationJakub Hrozek1-0/+2
Also adds some more debugging and fixes a code style issue. https://fedorahosted.org/sssd/ticket/1182
2012-02-05Split the logic to check cache expiration into separate functionJakub Hrozek1-43/+17
2012-02-05RESPONDERS: Refactor setent_req_listJakub Hrozek1-51/+24
Makes the setent_add_ref() and setent_notify_*() functions more generic to be reusable by the autofs responder.
2012-02-02RESPONDERS: Provide a common sss_cmd_send_error functionJakub Hrozek1-13/+1
The common function could be reused in new responders
2012-01-31Refactor nss_cmd_send_emptyJakub Hrozek1-34/+3
2012-01-27NSS: Add getservbyname and getservbyport support to the NSS ResponderStephen Gallagher1-0/+6
2012-01-23Move sized_string declaration to utilsStephen Gallagher1-11/+0
2012-01-23DP: Fix bugs in sss_dp_get_account_intStephen Gallagher1-0/+1
The conversion to the tevent_req style introduced numerous bugs related to memory management of the various client requests. In some circumstances, this could cause memory corruption and segmentation faults in the NSS responder. This patch makes the following changes: 1) Rename the internal lookup from subreq to sidereq, to indicate that it is not a sub-request of the current lookup (and therefore is not cancelled if the current request is). 2) Change the handling of the callback loops since they call tevent_req_[done|error], which results in them being freed (and therefore removed from the cb_list. This was the source of the memory corruption that would occasionally result in dereferencing an unreadable request. 3) Remove the unnecessary sss_dp_get_account_int_recv() function and change sss_dp_get_account_done() so that it only frees the sidereq. All of the waiting processes have already been signaled with the final results from sss_dp_get_account_int_done()
2012-01-21RESPONDER: Extend sss_dp_account_send() to include extra dataStephen Gallagher1-4/+4
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend.
2012-01-09nsssrv: use sized_string in fill_grentSimo Sorce1-35/+48
2012-01-09nsssrv: use sized_string in fill_pwentSimo Sorce1-41/+56
2012-01-09nsssrv: add string manipulation helperSimo Sorce1-0/+11
the sized_string structure makes it easier to keep track of string lengths and makes passing around data more compat and readable.
2011-12-21Return user and group names lowercased in case insensitive domainsJakub Hrozek1-12/+32
2011-12-21sss_get_cased_name utility functionJakub Hrozek1-6/+3
2011-12-19Pass client context to sss_dp_get_account_sendJakub Hrozek1-1/+1
2011-12-16Use the case sensitivity flag in respondersJakub Hrozek1-12/+27
2011-12-16Responders: Split getting domain by name into separate functionJakub Hrozek1-16/+3
2011-12-07Pass the correct private data into Data Provider callbackJakub Hrozek1-1/+1
2011-12-05Ignore NULL-terminator when checking UTF8-validityStephen Gallagher1-3/+3
Glib fails if the NULL-terminator is included when a length is specified.
2011-11-29RESPONDER: Refactor DP requests into tevent_req styleStephen Gallagher1-50/+111
2011-11-18RESPONDER: Ensure that all input strings are valid UTF-8Stephen Gallagher1-0/+21
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny1-7/+7
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954