summaryrefslogtreecommitdiff
path: root/src/responder/nss/nsssrv_cmd.c
AgeCommit message (Collapse)AuthorFilesLines
2012-01-21RESPONDER: Extend sss_dp_account_send() to include extra dataStephen Gallagher1-4/+4
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend.
2012-01-09nsssrv: use sized_string in fill_grentSimo Sorce1-35/+48
2012-01-09nsssrv: use sized_string in fill_pwentSimo Sorce1-41/+56
2012-01-09nsssrv: add string manipulation helperSimo Sorce1-0/+11
the sized_string structure makes it easier to keep track of string lengths and makes passing around data more compat and readable.
2011-12-21Return user and group names lowercased in case insensitive domainsJakub Hrozek1-12/+32
2011-12-21sss_get_cased_name utility functionJakub Hrozek1-6/+3
2011-12-19Pass client context to sss_dp_get_account_sendJakub Hrozek1-1/+1
2011-12-16Use the case sensitivity flag in respondersJakub Hrozek1-12/+27
2011-12-16Responders: Split getting domain by name into separate functionJakub Hrozek1-16/+3
2011-12-07Pass the correct private data into Data Provider callbackJakub Hrozek1-1/+1
2011-12-05Ignore NULL-terminator when checking UTF8-validityStephen Gallagher1-3/+3
Glib fails if the NULL-terminator is included when a length is specified.
2011-11-29RESPONDER: Refactor DP requests into tevent_req styleStephen Gallagher1-50/+111
2011-11-18RESPONDER: Ensure that all input strings are valid UTF-8Stephen Gallagher1-0/+21
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny1-7/+7
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954
2011-07-29Add vetoed_shells optionJohn Hodrien1-1/+12
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-07-21Fix indexing of skipped groupsJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/928
2011-06-27fix typosSimo Sorce1-5/+5
2011-06-02Non-posix group processing - ldap provider and nss responderJan Zeleny1-3/+11
2011-05-31Fix typo in initgroups negative cache checkStephen Gallagher1-1/+1
2011-05-20Add new options to override shell valueJakub Hrozek1-1/+38
https://fedorahosted.org/sssd/ticket/742
2011-05-20Add a new option to override home directory valueJakub Hrozek1-1/+133
https://fedorahosted.org/sssd/ticket/551
2011-05-20Add a new option to override primary GID numberJakub Hrozek1-1/+9
https://fedorahosted.org/sssd/ticket/742
2011-04-15Fix regression where nonexistent entries were never added to the negative cacheStephen Gallagher1-21/+21
2011-04-15Fix a regression with the negative cache in multi-domain configurationsStephen Gallagher1-3/+18
2011-01-06Remove unused enumeration cache timeout checksSumit Bose1-30/+2
The existence of the getent_ctx is used to track the enumeration cache timeout.
2011-01-06Post enumeration tevent request if neededSumit Bose1-8/+41
2011-01-06Return groups and users from all domains during enumerationSumit Bose1-3/+5
2010-10-26Always use talloc_zero() to allocate cmdctxSumit Bose1-2/+2
2010-10-15sysdb interface for adding fake usersJakub Hrozek1-1/+1
2010-10-15sysdb interface for adding incomplete groupsJakub Hrozek1-1/+1
Useful for optimizing the initgroups operation.
2010-10-13Add netgroup support to the NSS responderStephen Gallagher1-2/+9
2010-10-13Split out some helper functions for the NSS responderStephen Gallagher1-83/+17
Create a new private header and make some functions available for other object files.
2010-10-13Require explicit setting of callback context for check_cacheStephen Gallagher1-7/+13
Previously, it was implicitly using the nss_dom_ctx, but there are situations where we would want to send a different private context
2010-09-22Initgroups on a non-cached user should go to the data providerStephen Gallagher1-1/+2
We were accidentally returning an error when sysdb_getpwnam() returned zero results internally in sysdb_initgroups(). The correct behavior here is to return EOK and a result object with zero entries.
2010-09-08Handle multiple simultaneous enumeration requestsStephen Gallagher1-289/+706
Previously, if a second enumeration request arrived while one was already being processed, each process would receive only a subset of the total number of available users or groups. This is because we were maintaining the response object as a global value in the NSS responder. The second request would come in, see that the data set was already populated, and start reading from wherever the cursor was currently pointed. With this patch, we now move the cursor to the client context instead of the global NSS context. Additionally, this patch completely rewrites the approach to enumerations in the tevent_req style. This makes it much easier to follow in the code. In order to ensure that a slow or malicious client cannot hold onto a reference for the setent result object indefinitely, we set an expiration on the object. We use the enum_cache_timeout here, since that is an appropriate value. If the timeout fires during the normal operation of the get*ent() loop of a client program, we will save the current values of the read index so that we can resume as soon as the object has been refreshed by an implicit setent call. Instead of deleting the enumeration result object immediately after the last in-progress client has read it, we'll keep the object around for the lifetime of enum_cache_timeout. This way, additional clients making enumeration requests can still access the results in-memory.
2010-09-08Dead assignments cleanup in NSS responderJan Zeleny1-5/+7
Various dead assignments were deleted, some return value inspections were added. Ticket: #588
2010-06-17Refactor the negative cacheStephen Gallagher1-13/+14
Rename functions from nss_ncache_* to sss_ncache_* Move negative cache to responder/common and rename as negcache.c/h
2010-06-17Ensure that all domains are checked for users/groupsStephen Gallagher1-3/+15
There was a bug in the negative cache checks (probably a leftover from when filter_users was global-only) that meant that if a user was filtered out of a domain, the remaining domains would not be checked for that user. (Same for groups/initgroups)
2010-04-12sysdb: convert sysdb_initgroupsSimo Sorce1-222/+117
2010-04-12Adjust fill_pwent and fill_grentSimo Sorce1-13/+13
fill_pwent should return the number of users actually processed. Otherwise in case of a recoverable error we may end up skipping a large chunk of users. fill_grent doesn't need to distinguish between number of entries and number of groups to process since we started adding memberuid. Remove remnants that are not useful anymore.
2010-04-12sysdb: convert sysdb_enumgrentSimo Sorce1-161/+106
2010-04-12sysdb: convert sysdb_enumpwentSimo Sorce1-172/+116
2010-04-12sysdb: convert sysdb_getgrgidSimo Sorce1-193/+109
2010-04-12sysdb: convert sysdb_getgrnamSimo Sorce1-223/+134
2010-04-12sysdb: convert sysdb_getpwuidSimo Sorce1-198/+107
2010-04-12sysdb: convert sysdb_getpwnamSimo Sorce1-229/+190
2010-03-08Fixed alignment problems in nss client/serverGeorge McCollister1-6/+5
I fixed a handful of alignment problems in sss_client and nss responder. Enumerating group and passwd with getgrent and getpwent now works correctly on ARM. Signed-off-by: George McCollister <georgem@novatech-llc.com>
2010-03-04Add forgotten \n in DEBUG statementsMartin Nagy1-2/+2
Logs from confdb with missing '\n' in the DEBUG statements annoyed me so I decided to fix them. I also made a quick grep through the code and found other places so I fixed them too.
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+3182
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-07-06 03:09:29 +0000