summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2012-03-08Detect cycle in the fail over on subsequent resolve requests onlyJakub Hrozek5-23/+28
2012-03-06Search netgroups by alias, tooJakub Hrozek2-3/+5
https://fedorahosted.org/sssd/ticket/1228
2012-03-06krb5_child: set debugging soonerJakub Hrozek2-23/+35
2012-03-06Only do one cycle when resolving a serverJakub Hrozek7-37/+105
https://fedorahosted.org/sssd/ticket/1214
2012-03-05Use proper errno codeJakub Hrozek1-1/+1
2012-03-05DP: Reorganize memory hierarchy of requestsStephen Gallagher1-24/+108
This function alters the memory hierarchy of the be_req to ensure memory safety during shutdown. It creates a spy on the be_cli object so that it will free the be_req if the client is freed. It is generally allocated atop the private data context for the appropriate back-end against which it is being filed. https://fedorahosted.org/sssd/ticket/1226
2012-03-05IPA: Fix segfault with srchost functionality enabledStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/1215
2012-03-02Hide --debug option in sss_debuglevelPavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/1224
2012-03-01IPA: Set the DNS discovery domain to match ipa_domainStephen Gallagher5-8/+17
https://fedorahosted.org/sssd/ticket/1217
2012-02-29Handle cases where UID is -1Stephen Gallagher1-6/+1
Also removes an unnecessary range check (since it's already handled by strtoint32() https://fedorahosted.org/sssd/ticket/1216
2012-02-29Remove sysdb_get_ctx_from_list()Sumit Bose10-91/+53
2012-02-29Keep sysdb context in domain info structSumit Bose9-51/+105
2012-02-28Include new manpages in translationsStephen Gallagher1-0/+6
2012-02-28Fix typo in autofs option descriptionStephen Gallagher1-1/+1
2012-02-27PAM: Don't send PAM_SYSTEM_INFO message if module unsetStephen Gallagher1-7/+3
We now have a session module that is only available for the IPA provider. We should not be logging noisily that other providers do not have the session provider configured. https://fedorahosted.org/sssd/ticket/1211
2012-02-27SSH: Update sss_ssh_knownhostsproxy manual pageJan Cholasta1-15/+4
2012-02-27SSH: Remove unused --file option of sss_ssh_knownhostsproxyJan Cholasta1-5/+0
2012-02-27SSH: Replace blocking getaddrinfo call in the responder with asynchronous ↵Jan Cholasta3-26/+56
resolver code
2012-02-27SSH: Use fchmod instead of chmod on known_hosts fileJan Cholasta1-8/+4
2012-02-27SSH: Add missing break statements to sss_ssh_format_pubkeyJan Cholasta1-0/+2
2012-02-27SSH: Add more debugging messagesJan Cholasta5-8/+38
2012-02-27SSH: Don't abort known_hosts update when host search failsJan Cholasta1-1/+1
2012-02-27AUTOFS: speed up the client by requesting multiple entries at onceJakub Hrozek3-78/+239
https://fedorahosted.org/sssd/ticket/1166
2012-02-27Eliminate build-time requirement for nscdStephen Gallagher2-11/+12
We will now use the autodetected location if available, or else fall back to a value provided by --with-nscd in configure and finally resort to a hard-coded default of /usr/sbin/nscd.
2012-02-26LDAP: Remove unnecessary filter sanitizeStephen Gallagher1-11/+5
The orig_dn here isn't being passed to a filter and therefore must not be santized, as the sanitization process would break DNs that contain (among other things) parentheses.
2012-02-26SSH: Manage global known_hosts file in the responderJan Cholasta3-78/+136
https://fedorahosted.org/sssd/ticket/1193
2012-02-26SSH: Continue connecting to SSH server even when SSSD is not running in ↵Jan Cholasta1-112/+85
sss_ssh_knownhostsproxy Additionally, don't drop the connection when the sss_ssh_knownhostsproxy process receives a signal. https://fedorahosted.org/sssd/ticket/1179 https://fedorahosted.org/sssd/ticket/1184
2012-02-26UTIL: Add function for atomic I/OJan Cholasta2-0/+44
2012-02-26SSH: Refactor responder and client common codeJan Cholasta6-166/+294
2012-02-26SSH: Save SSH host name aliasesJan Cholasta6-42/+120
2012-02-24Modifications to simplify list_missing_attrsJan Zeleny8-44/+21
2012-02-24Delete missing attributes from netgroups to be storedJan Zeleny6-4/+45
https://fedorahosted.org/sssd/ticket/1136
2012-02-24SELinux related attributes added to config APIJan Zeleny2-1/+11
2012-02-24IPA hosts refactoringJan Zeleny18-154/+156
2012-02-24LDAP: Only use paging control on requests for multiple entriesStephen Gallagher16-40/+100
The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-23AUTOFS: Search all search bases for automounter map entriesJakub Hrozek1-18/+86
https://fedorahosted.org/sssd/ticket/1168
2012-02-23AUTOFS: Invoke implicit setautomntent if neededJakub Hrozek2-45/+156
https://fedorahosted.org/sssd/ticket/1167
2012-02-23libnl: fix the path to phy80211 subdirectoryJakub Hrozek1-4/+20
2012-02-23Move sudo_dom_ctx.user to local variablePavel Březina2-8/+8
2012-02-23Honor case_sensitive option in sudo responderPavel Březina4-21/+100
https://fedorahosted.org/sssd/ticket/1205
2012-02-23LDAP: Properly assign orig_dnStephen Gallagher1-0/+1
This was only used for properly identifying debug messages.
2012-02-23Save errno value before calling DEBUGJakub Hrozek1-2/+4
2012-02-23pam_sss: keep selinux optionalSimo Sorce2-3/+6
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2012-02-23nss_group: Cache the result from sssd when the glibc provided buffer is too ↵Simo Sorce1-8/+145
small.
2012-02-23IPA: Add ipa_parse_search_base()Stephen Gallagher3-19/+72
Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151
2012-02-21Don't give memory context in confdb where not neededJan Zeleny17-55/+75
2012-02-21remove unused functionJakub Hrozek1-20/+0
2012-02-21End request if ldap_parse_result failsJakub Hrozek1-0/+3
2012-02-18Include the fd_limit configuration optionJakub Hrozek1-0/+1
2012-02-17RESPONDERS: Make the fd_limit setting configurableStephen Gallagher7-4/+63
This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197