sssd.git/src/config, branch nonroot sssd with jhrozek's patches AD/IPA: add krb5_confd_path configuration option 2014-11-25T12:28:39+00:00 Sumit Bose sbose@redhat.com 2014-11-21T17:07:10+00:00 4fa184e2c60b377fd71e0115a618bd68dc73627d With this new parameter the directory where Kerberos configuration snippets are created can be specified. Fixes https://fedorahosted.org/sssd/ticket/2473 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
With this new parameter the directory where Kerberos configuration
snippets are created can be specified.

Fixes https://fedorahosted.org/sssd/ticket/2473

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Revert "LDAP: Remove unused option ldap_group_uuid" 2014-11-06T18:25:16+00:00 Sumit Bose sbose@redhat.com 2014-11-05T16:38:05+00:00 69a88c4757dd24b1857954de7d043af1e5590b7f This reverts commit b5242c146cc0ca96e2b898a74fb060efda15bc77. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
This reverts commit b5242c146cc0ca96e2b898a74fb060efda15bc77.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Revert "LDAP: Remove unused option ldap_user_uuid" 2014-11-06T18:25:09+00:00 Sumit Bose sbose@redhat.com 2014-11-05T16:35:45+00:00 1dfa1e2968ce2031deb6da7c28b09ce1b5ba56f2 This reverts commit dfb2960ab251f609466fa660449703835c97f99a. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
This reverts commit dfb2960ab251f609466fa660449703835c97f99a.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
SSSD: Load a user to run a service as from configuration 2014-10-22T13:44:13+00:00 Jakub Hrozek jhrozek@redhat.com 2014-08-05T11:52:48+00:00 a10ac1d0a7210def232205a48c53a075930e82f6 Related: https://fedorahosted.org/sssd/ticket/2370 Adds a option, user to run as, that is specified in the [sssd] section. When this option is specified, SSSD will run as this user and his private group. When these are not specified, SSSD will run as the configure-time user and group (usually root). Currently all services and providers are started as root. There is a temporary svc_supported_as_nonroot() function that returns true for a service if that service runs and was tested as nonroot and false otherwise. Currently this function always returns false, but will be amended in future patches. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Related:
    https://fedorahosted.org/sssd/ticket/2370

Adds a option, user to run as, that is specified in the [sssd] section. When
this option is specified, SSSD will run as this user and his private
group. When these are not specified, SSSD will run as the configure-time
user and group (usually root).

Currently all services and providers are started as root. There is a
temporary svc_supported_as_nonroot() function that returns true for a
service if that service runs and was tested as nonroot and false
otherwise. Currently this function always returns false, but will be
amended in future patches.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
IPA: add view support and get view name 2014-10-16T15:55:56+00:00 Sumit Bose sbose@redhat.com 2014-09-16T13:26:24+00:00 08ab0d4ede41a1749e0bc26f78a37a4d10c20db8 Related to https://fedorahosted.org/sssd/ticket/2375 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
Related to https://fedorahosted.org/sssd/ticket/2375

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
sssd.api.conf: Declare case_sensitive as string 2014-10-01T15:23:43+00:00 Michal Zidek mzidek@redhat.com 2014-10-01T10:34:17+00:00 b6e1f016e300fa5bd33bfedc1e57f9f83de19e79 Fixes: https://fedorahosted.org/sssd/ticket/2452 Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Fixes:
https://fedorahosted.org/sssd/ticket/2452

Reviewed-by: Pavel Reichl <preichl@redhat.com>
PAM: new options pam_trusted_users & pam_public_domains 2014-09-29T16:27:07+00:00 Pavel Reichl preichl@redhat.com 2014-09-25T13:52:31+00:00 830ded27453015080a54d6ba85fd4999ee7e9af1 pam_public_domains option is a list of numerical UIDs or user names that are trusted. pam_public_domains option is a list of domains accessible even for untrusted users. Based on: https://fedorahosted.org/sssd/wiki/DesignDocs/RestrictDomainsInPAM Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
pam_public_domains option is a list of numerical UIDs or user names
that are trusted.

pam_public_domains option is a list of domains accessible even for
untrusted users.

Based on:
https://fedorahosted.org/sssd/wiki/DesignDocs/RestrictDomainsInPAM

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
AD-GPO: config changes for gpo_map_* options 2014-09-08T15:39:53+00:00 Yassir Elley yelley@redhat.com 2014-09-05T22:45:12+00:00 f2b40ec8a4158fec75873828e4980965abbe7f66 Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
SSS_CACHE: Allow sss_cache tool to flush SSH hosts cache 2014-09-05T09:40:39+00:00 William B william@adelaide.edu.au 2014-07-21T09:13:25+00:00 3ac7c4fe618ede980a4df8d90341ef1fd0f1f62f Resolves: https://fedorahosted.org/sssd/ticket/2358 Signed-off-by: Jan Cholasta <jcholast@redhat.com> Reviewed-by: Jan Cholasta <jcholast@redhat.com> Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Resolves:
https://fedorahosted.org/sssd/ticket/2358

Signed-off-by: Jan Cholasta <jcholast@redhat.com>

Reviewed-by: Jan Cholasta <jcholast@redhat.com>
Reviewed-by: Pavel Reichl <preichl@redhat.com>
SDAP: new option - DN to ppolicy on LDAP 2014-08-27T12:25:05+00:00 Pavel Reichl preichl@redhat.com 2014-08-06T15:05:53+00:00 5668d294a39326f7024cbf24333e33ee970caf2d To check value of pwdLockout attribute on LDAP server, DN of ppolicy must be set. Resolves: https://fedorahosted.org/sssd/ticket/2364 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
To check value of pwdLockout attribute on LDAP server, DN of ppolicy
must be set.

Resolves:
https://fedorahosted.org/sssd/ticket/2364

Reviewed-by: Pavel Březina <pbrezina@redhat.com>