sssd.git/src/responder/pam, branch nonroot sssd with jhrozek's patches PAM: Move is_uid_trusted from pam_ctx to preq 2014-11-25T17:48:34+00:00 Jakub Hrozek jhrozek@redhat.com 2014-11-23T20:07:58+00:00 ff7481ff6f75d92470cff56632ad06ff7f10e895 Keeping a per-request flag in a global structure is really dangerous. Reviewed-by: Sumit Bose <sbose@redhat.com> 
Keeping a per-request flag in a global structure is really dangerous.

Reviewed-by: Sumit Bose <sbose@redhat.com>
PAM: Check for trusted domain before sending the request to BE 2014-11-25T17:48:11+00:00 Jakub Hrozek jhrozek@redhat.com 2014-11-23T18:43:04+00:00 fb106682e0277955e203ad074a368ddeb121fed3 https://fedorahosted.org/sssd/ticket/2501 Moving the checks to one place has the advantage of not duplicating security decisions. Previously, the checks were scattered all over the responder code, making testing hard. The disadvantage is that we actually check for the presence of the user, which might trigger some back end lookups. But I think the benefits overweight the disadvantage. Also only check the requested domains from a trusted client. An untrusted client should simply have no say in what domains he wants to talk to, it should ignore the 'domains' option. Reviewed-by: Sumit Bose <sbose@redhat.com> 
https://fedorahosted.org/sssd/ticket/2501

Moving the checks to one place has the advantage of not duplicating
security decisions. Previously, the checks were scattered all over the
responder code, making testing hard.

The disadvantage is that we actually check for the presence of the user,
which might trigger some back end lookups. But I think the benefits
overweight the disadvantage.

Also only check the requested domains from a trusted client. An untrusted
client should simply have no say in what domains he wants to talk to, it
should ignore the 'domains' option.

Reviewed-by: Sumit Bose <sbose@redhat.com>
PAM: Make pam_forwarder_parse_data static 2014-11-24T20:22:48+00:00 Jakub Hrozek jhrozek@redhat.com 2014-11-22T16:59:28+00:00 ca92e649ed6501c225782f59914a2c506026c10c Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
RESPONDERS: Set default value for umask 2014-10-29T09:41:06+00:00 Pavel Reichl preichl@redhat.com 2014-10-24T11:42:50+00:00 458f5245dd5130d12666cce6faf8ef1ec7f80169 Resolves: https://fedorahosted.org/sssd/ticket/2468 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
Resolves: https://fedorahosted.org/sssd/ticket/2468

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
PAM: Run pam responder as nonroot 2014-10-22T13:44:44+00:00 Michal Zidek mzidek@redhat.com 2014-10-09T15:25:34+00:00 4e1892cdfcc5300d6632200c38ba67f2783d15f2 Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
PAM: Create pipe file descriptors before privileges are dropped 2014-10-22T13:44:42+00:00 Michal Zidek mzidek@redhat.com 2014-10-15T16:15:53+00:00 b547bd685cb71bb450b0c86487767f02e66f6cea Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
responders: Do not initialize pipe fd if already present 2014-10-22T13:44:39+00:00 Michal Zidek mzidek@redhat.com 2014-10-15T16:01:55+00:00 8bccd95e275fae760a991da394235e4e70e57bbd Allow to skip initialization of pipe file descriptor if the responder context already has one. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Allow to skip initialization of pipe file descriptor
if the responder context already has one.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
SSSD: Add the options to specify a UID and GID to run as 2014-10-20T19:43:40+00:00 Jakub Hrozek jhrozek@redhat.com 2014-10-06T14:28:13+00:00 ac40d2f2b2b2fc35c95389f5e28febd580bd2b7a Adds new command line options --uid and --gid to all SSSD servers, making it possible to switch to another user ID if needed. So far all code still runs as root. Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Adds new command line options --uid and --gid to all SSSD servers,
making it possible to switch to another user ID if needed.

So far all code still runs as root.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
pam: make pam responder aware if views 2014-10-20T14:15:29+00:00 Sumit Bose sbose@redhat.com 2014-10-15T10:59:08+00:00 c2788a00c49b14fc56690af93dc1ac60d6ee6c70 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
pam: sub-domain authentication fix 2014-10-01T15:29:17+00:00 Sumit Bose sbose@redhat.com 2014-10-01T13:22:45+00:00 95ef1bd1c06163492e285fa9d8e2fa81f99d39d2 With a recent patch sysdb_getpwnam() was replaced by sysdb_get_user_by_name() in the PAM responder. Unfortunately both behave differently with respect to sub-domain users. As a consequence the PAM responder was not able to resolve users from sub-domains. This patch reverts this change and uses sysdb_getpwnam() again. Reviewed-by: Alexander Bokovoy <abokovoy@redhat.com> 
With a recent patch sysdb_getpwnam() was replaced by
sysdb_get_user_by_name() in the PAM responder. Unfortunately both behave
differently with respect to sub-domain users. As a consequence the PAM
responder was not able to resolve users from sub-domains. This patch
reverts this change and uses sysdb_getpwnam() again.

Reviewed-by: Alexander Bokovoy <abokovoy@redhat.com>