summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2012-08-21Process all groups from a single nesting levelJakub Hrozek1-4/+14
https://bugzilla.redhat.com/show_bug.cgi?id=846664 If the first group was cached when processing the nested group membership, we would call tevent_req_done, effectivelly marking the whole nesting level as done.
2012-08-16Fix compilation error in Python murmurhash bindingsJakub Hrozek2-4/+10
The compilation produced an error due to missing declaration of uint32_t and a couple of warnings caused by different prototypes of argument parsing functions in older Python releases.
2012-08-16Only create the SELinux login file if there are mappings on the serverJakub Hrozek2-51/+78
https://fedorahosted.org/sssd/ticket/1455 In case there are no rules on the IPA server, we must simply avoid generating the login file. That would make us fall back to the system-wide default defined in /etc/selinux/targeted/seusers. The IPA default must be only used if there *are* rules on the server, but none matches.
2012-08-16Do not try to remove the temp login file if already renamedJakub Hrozek1-2/+3
write_selinux_string() would try to unlink the temporary file even after it was renamed. Failure to unlink the file would not be fatal, but would produce a confusing error message. Also don't use "0" for the default fd number, that's reserved for stdin. Using -1 is safer.
2012-08-16Build SELinux code in responder conditionallyJakub Hrozek1-0/+7
https://fedorahosted.org/sssd/ticket/1480
2012-08-15Fix LOCAL domain lookupsPavel Březina1-19/+22
https://fedorahosted.org/sssd/ticket/1436 Now subdomains are not evaluated for local domains.
2012-08-15Add python bindings for murmurhash3Sumit Bose2-0/+165
2012-08-15KRB5: Only return PAM error for unreachable kpasswd when performing chpassJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/1452
2012-08-15FO: Return EAGAIN if there are more servers to tryJakub Hrozek1-0/+9
The caller should issue a next request, which would just shortcut with ENOENT.
2012-08-15FO: Don't retry the same server if it's not workingJakub Hrozek1-2/+3
2012-08-15Duplicate detection in fail over did not work.Michal Zidek9-15/+69
https://fedorahosted.org/sssd/ticket/1472
2012-08-13sss_client: Group lookups should work even when fastcache cannot be initializedJakub Hrozek1-8/+2
https://fedorahosted.org/sssd/ticket/1415
2012-08-13Add autofs-related options to configAPIJakub Hrozek2-1/+12
https://fedorahosted.org/sssd/ticket/1478
2012-08-10MAN: Improve description of ldap_*_search_base optionsStephen Gallagher4-96/+63
It was ambiguous that these options supported the new multiple search base format, as well as the search filters.
2012-08-10When ldap_group_nesting_level was reached, the LDAP provider tried to link ↵Michal Zidek1-1/+45
group members with groups outside nesting limit. https://fedorahosted.org/sssd/ticket/1194
2012-08-10Document entry_cache_autofs_timeoutJakub Hrozek1-0/+14
2012-08-10remove duplicate sss_obfuscate reference in seealso manpage sectionNick Guay1-3/+0
2012-08-10MAN: Fix minor typo in ldap_search_base sectionStephen Gallagher1-1/+1
2012-08-09Don't use server after SRV data collapsedJakub Hrozek1-5/+8
2012-08-09SRV resolution for backup servers should not be permitted.Michal Zidek5-6/+37
https://fedorahosted.org/sssd/ticket/1463
2012-08-09Change default for ldap_idmap_range_min to 200000Jakub Hrozek4-4/+4
https://fedorahosted.org/sssd/ticket/1462
2012-08-09Abort PAM access phase if HBAC does not return PAM_SUCCESSJakub Hrozek1-0/+1
2012-08-09Backward GOTOs rewritten into do-while loops.Ondrej Kos2-245/+271
2012-08-09Change default value of ldap_sasl_string to host/hostname@REALM in man page.Michal Zidek1-1/+1
https://fedorahosted.org/sssd/ticket/1464
2012-08-08Replaced "id_max" & "id_min"Ondrej Kos1-4/+4
2012-08-08Allocate on top of a talloc context, not NULLJakub Hrozek1-0/+3
2012-08-07Always mark SRV servers as primaryJakub Hrozek1-0/+1
https://fedorahosted.org/sssd/ticket/1459
2012-08-07Remove SYSDB_SUDO_CACHE_OC from attribute listsPavel Březina2-2/+0
It is not an attribute.
2012-08-07Rename SYSDB_SUDO_CACHE_AT_OC to SYSDB_SUDO_CACHE_OCPavel Březina5-8/+8
It does not contain name of the object class attribute but the value itself. I renamed it to avoid confusion.
2012-08-07Remove redefinition of some SYSDB_* macrosPavel Březina1-10/+0
2012-08-07Subdomains: Send the DP reply in the correct formatJakub Hrozek1-14/+41
The DP was sending the reply in a format the responder did not expect, so the responder always failed to parse the message.
2012-08-07monitor: set debug level when unable to load configurationPavel Březina1-0/+6
https://fedorahosted.org/sssd/ticket/1345 When the monitor is unable to load configuration and non debug level is set (e.g. when sssd is started via 'service'), none message was saved into logs. This patch forces debug messages to be written in this scenario.
2012-08-07Failover: Return last tried server if it's still being triedJakub Hrozek1-2/+6
In the failover, we treat both KDC and LDAP on the IPA server as a single "port", numbered 0. This was done in order to make sure that the SSSD always talks to the same server for both LDAP and Kerberos. However, this clever hack breaks when the IPA provider needs to establish an GSSAPI encrypted LDAP connection because we're asking the fail over code to yield a server while no server has yet been marked as tried. This triggers a fail over for the KDC, so in effect, the TGT is received from second server. If the second server is not available for some reason, the whole provider goes offline. The fail over needs to detect that the server asked for is still being resolved and return the same pointer.
2012-08-07Add end of line to debug messagePavel Březina1-2/+2
2012-08-06IPA: Securely set umask for mkstemp in subdomain providerStephen Gallagher1-0/+3
https://fedorahosted.org/sssd/ticket/1457
2012-08-06SYSDB: Use ldb_msg_add_string for simple string additionsJakub Hrozek3-12/+12
2012-08-06IPA: Do not attempt to close the same file twiceStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/1456
2012-08-06shadow attributes can contain -1Pavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/1393
2012-08-06SYSDB: Check the return valueJakub Hrozek1-0/+1
2012-08-06Removed unused variable assignmentOndrej Kos1-2/+0
https://fedorahosted.org/sssd/ticket/1453
2012-08-05SSSDConfig: Fix nonfunctional SSSDDomain.remove_provider()Stephen Gallagher2-0/+10
Also adds a regression test to the unit test suite. https://fedorahosted.org/sssd/ticket/1388
2012-08-03Fix various typos in documentation.Yuri Chornoivan4-5/+5
2012-08-03Don't call fo_set_{server,port}_status for SRV serversJakub Hrozek1-2/+3
This bug was producing harmless, but annoying error messages.
2012-08-03Return value of fread in src/tools/sss_debuglevel.c no longer ignored.Michal Zidek1-1/+9
https://fedorahosted.org/sssd/ticket/1426
2012-08-01Update translations for 1.9.0 beta 6 releaseJakub Hrozek12-4172/+10100
2012-08-01Create a domain-realm mapping for krb5.conf to be includedJakub Hrozek1-0/+135
When new subdomains are discovered, the SSSD creates a file that includes the domain-realm mappings. This file can in turn be included in the krb5.conf using the includedir directive, such as: includedir /var/lib/sss/pubconf/realm_mappings
2012-08-01Add automatic periodic retrieval of subdomainsSimo Sorce1-1/+44
2012-08-01Add online callback to enumerate subdomainsSimo Sorce1-24/+49
2012-08-01Limit refreshes keeping track of last refresh timeSimo Sorce1-26/+46
2012-08-01Change refreshing of subdomainsSimo Sorce6-90/+185
This patch keeps a local copy of the subdomains in the ipa subdomains plugin context. This has 2 advantages: 1. allows to check if anything changed w/o always hitting the sysdb. 2. later will allows us to dump this information w/o having to retrieve it again. The timestamp also allows to avoid refreshing too often.
generated by cgit (git 2.34.1) at 2024-11-16 21:20:14 +0000