Age | Commit message (Collapse) | Author | Files | Lines |
|
https://fedorahosted.org/sssd/ticket/836
|
|
https://fedorahosted.org/sssd/ticket/1013
|
|
This is mostly a cosmetic patch.
The purpose of wrapping a multi-line macro in a do { } while(0) is to
make the macro usable as a regular statement, not a compound statement.
When the while(0) is terminated with a semicolon, the do { } while(0);
block becomes a compound statement again.
|
|
https://fedorahosted.org/sssd/ticket/950
|
|
Removed:
SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED)
Added new macro:
CONVERT_AND_SET_DEBUG_LEVEL(new_value)
Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0
so DEBUG macro could be reduced by one condition. Anyway, it has a minor
effect, every time you want to load debug_level from command line parameters,
you have to use following pattern:
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) { ... }
CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
|
|
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
|
|
This patch deletes memory context parameter in those places in sysdb
where it is not necessary. The code using modified functions has been
updated. Tests updated as well.
|
|
The patch also updates code using modified functions. Tests have also
been adjusted.
|
|
This is much more selinux friendly as it allows policy makers to call
nscd_domtrans to transition to nscd_t instead of giving more access to
the system via the corcmd_exec_bin macro.
Modified-by: Simo Sorce <ssorce@redhat.com>
Signed-off-by: Simo Sorce <ssorce@redhat.com>
|
|
|
|
https://fedorahosted.org/sssd/ticket/865
|
|
|
|
There is a python bug (http://bugs.python.org/issue11236) where
getpass.getpass() does not throw KeyboardInterrupt on ctrl+c. This
workaround is the closest we can get: if we detect the control
character in the string that we read, we'll cancel.
|
|
|
|
|
|
|
|
It doesn't make sense to set a "default" domain. We should require
that the domain always be specified.
|
|
|
|
Coverity 10082 and 100083
|
|
semanage_commit() returns -1 on error, and can return a positive
value on success.
https://bugzilla.redhat.com/show_bug.cgi?id=649037
|
|
Fixes: #585
|
|
A tool to add obfuscated passwords into the SSSD config file
|
|
https://fedorahosted.org/sssd/ticket/515
|
|
Ticket #515
|
|
The local domain has the magic private groups option set
unconditionally. Therefore, it does not make any sense to let user
configure the primary GID. As a side-effect, this fixes #522.
|
|
https://fedorahosted.org/sssd/ticket/528
|
|
We need to guarantee at all times that reads and writes complete
successfully. This means that they must be checked for returning
EINTR and EAGAIN, and all writes must be wrapped in a loop to
ensure that they do not truncate their output.
|
|
Switch statement missing a break causes unintended implicit setting of
'm' options in sss_useradd.
Fixes: #512
|
|
|
|
|
|
Since the sysdb is now synchronous and creates its own event context we
don't need an explicit event context anymore in the tools.
|
|
I tried to convert this code as mechanically as possible from the
previously existing code. I am not sure it works right, and it will
probably recurse infinetly as circular group memberships are
admitted in sysdb. The original code had the same issues.
This code should be probably discarded and redone from scratch.
|
|
This commit completes the migration to a synchronous sysdb
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Adds a new option -Z to sss_useradd and sss_usermod. This option allows
user to specify the SELinux login context for the user. On deleting the
user with sss_userdel, the login mapping is deleted, so subsequent
adding of the same user would result in the default login context unless
-Z is specified again.
MLS security is not supported as of this patch.
|
|
Fix whitespace errors
|
|
sss_userdel now warns if the deleted user was logged in at the time of
deletion.
Also adds a new parameter --kick to userdel that kills all user
processes before actually deleting ther user.
Fixes: #229
|
|
Fixes: #231
|
|
This patch removes some tab-indentations from pamsrv.c, too.
|