sssd.git/src/config, branch srvbackport sssd with jhrozek's patches LDAP: Add option to disable paging control 2013-05-02T17:44:31+00:00 Stephen Gallagher sgallagh@redhat.com 2012-01-16T21:27:01+00:00 f0dcd98f15f7803e77bdd551956875196504e717 Fixes https://fedorahosted.org/sssd/ticket/967 Conflicts: src/config/SSSDConfig.py src/config/etc/sssd.api.d/sssd-ipa.conf src/config/etc/sssd.api.d/sssd-ldap.conf src/man/sssd-ldap.5.xml src/providers/ipa/ipa_common.c src/providers/ipa/ipa_common.h src/providers/ldap/ldap_common.c src/providers/ldap/sdap.h 
Fixes https://fedorahosted.org/sssd/ticket/967

Conflicts:

	src/config/SSSDConfig.py
	src/config/etc/sssd.api.d/sssd-ipa.conf
	src/config/etc/sssd.api.d/sssd-ldap.conf
	src/man/sssd-ldap.5.xml
	src/providers/ipa/ipa_common.c
	src/providers/ipa/ipa_common.h
	src/providers/ldap/ldap_common.c
	src/providers/ldap/sdap.h
Add ipa_hbac_support_srchost option to IPA provider 2012-08-21T10:12:35+00:00 Jan Zeleny jzeleny@redhat.com 2011-11-04T17:16:47+00:00 49c06899c6b8e06fa0c371dbd8a16ead32c651d9 don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078 
don't fetch all host groups if this option is false
https://fedorahosted.org/sssd/ticket/1078
RESPONDERS: Make the fd_limit setting configurable 2012-06-22T19:37:42+00:00 Stephen Gallagher sgallagh@redhat.com 2012-02-17T17:14:39+00:00 dd60af1ca6f5887f12ff50532e2fde5f16c9d55b This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197 Conflicts: src/config/SSSDConfig.py src/config/SSSDConfigTest.py src/config/etc/sssd.api.conf 
This code will now attempt first to see if it has privilege to set
the value as specified, and if not it will fall back to the
previous behavior. So on systems with the CAP_SYS_RESOURCE
capability granted to SSSD, it will be able to ignore the
limits.conf hard limit.

https://fedorahosted.org/sssd/ticket/1197

Conflicts:
	src/config/SSSDConfig.py
	src/config/SSSDConfigTest.py
	src/config/etc/sssd.api.conf
Make the client idle timeout configurable 2012-06-18T18:39:07+00:00 Stephen Gallagher sgallagh@redhat.com 2012-06-18T15:23:04+00:00 2aa125200689eeb80f04b496acc5933bb09bee75 






Add missing options to sssd.api.conf
2011-09-20T14:46:23+00:00

Marko Myllynen
myllynen@redhat.com

2011-09-16T07:11:19+00:00

18f82da0e2127e886431779b711e8c53a59e5732












Add option to specify the kerberos replay cache dir
2011-09-02T13:58:29+00:00

Stephen Gallagher
sgallagh@redhat.com

2011-08-30T14:51:19+00:00

9d3d669cc353475cfe023c2a20cc51fd07428b82

Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.

https://fedorahosted.org/sssd/ticket/980





Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.

https://fedorahosted.org/sssd/ticket/980







Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON
2011-08-26T20:54:12+00:00

Jakub Hrozek
jhrozek@redhat.com

2011-08-26T08:54:09+00:00

4fe4e066b040f1da5805785533eb80cd83caf987

https://fedorahosted.org/sssd/ticket/978





https://fedorahosted.org/sssd/ticket/978







Add vetoed_shells option
2011-08-02T11:47:59+00:00

John Hodrien
J.H.Hodrien@leeds.ac.uk

2011-07-29T14:04:05+00:00

6daf03f2597d6a0177cac74dbfcdd502521cf2e2

There may be users in LDAP that have a valid but unwelcome shell
set in their account. This adds a blacklist of shells that should
always be replaced by the fallback_shell.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>





There may be users in LDAP that have a valid but unwelcome shell
set in their account. This adds a blacklist of shells that should
always be replaced by the fallback_shell.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>







Add ipa_hbac_treat_deny_as option
2011-08-01T16:18:33+00:00

Stephen Gallagher
sgallagh@redhat.com

2011-07-01T20:12:58+00:00

a2b1e0b4bce8281d7214329d6bc261cb8ca02784

By default, we will treat the presence of any DENY rule as denying
all users. This option will allow the admin to explicitly ignore
DENY rules during a transitional period.





By default, we will treat the presence of any DENY rule as denying
all users. This option will allow the admin to explicitly ignore
DENY rules during a transitional period.







Add ipa_hbac_refresh option
2011-08-01T16:18:33+00:00

Stephen Gallagher
sgallagh@redhat.com

2011-06-06T19:05:16+00:00

fba08ceb9fb8a71f0a86dfcf8902b09a84a70211

This option describes the time between refreshes of the HBAC rules
on the IPA server.





This option describes the time between refreshes of the HBAC rules
on the IPA server.