sssd.git/src/tools, branch 1.9.2-88 sssd with jhrozek's patches TOOLS: Use file descriptor to avoid races when creating a home directory 2013-01-23T14:24:43+00:00 Jakub Hrozek jhrozek@redhat.com 2013-01-20T19:27:05+00:00 4c0369c679535a2dd5a02e2c6527139582ac3c8b When creating a home directory, the destination tree can be modified in various ways while it is being constructed because directory permissions are set before populating the directory. This can lead to file creation and permission changes outside the target directory tree, using hard links. This security problem was assigned CVE-2013-0219 https://fedorahosted.org/sssd/ticket/1782 
When creating a home directory, the destination tree can be modified in
various ways while it is being constructed because directory permissions
are set before populating the directory. This can lead to file creation
and permission changes outside the target directory tree, using hard links.

This security problem was assigned CVE-2013-0219

https://fedorahosted.org/sssd/ticket/1782
TOOLS: Use openat/unlinkat when removing the homedir 2013-01-23T14:24:39+00:00 Jakub Hrozek jhrozek@redhat.com 2012-12-12T18:02:33+00:00 a59248d58dddb4e46a3407e525f4f2816708e975 The removal of a home directory is sensitive to concurrent modification of the directory tree being removed and can unlink files outside the directory tree. This security issue was assigned CVE-2013-0219 https://fedorahosted.org/sssd/ticket/1782 
The removal of a home directory is sensitive to concurrent modification
of the directory tree being removed and can unlink files outside the
directory tree.

This security issue was assigned CVE-2013-0219

https://fedorahosted.org/sssd/ticket/1782
TOOLS: invalidate parent groups in memory cache, too 2013-01-21T15:26:28+00:00 Jakub Hrozek jhrozek@redhat.com 2013-01-21T12:23:30+00:00 45c1f3c6e3d6b2c9cf209a7b134e69e65ae7f636 https://fedorahosted.org/sssd/ticket/1775 
https://fedorahosted.org/sssd/ticket/1775
TOOLS: Refresh memcache after changes to local users and groups 2013-01-15T19:55:53+00:00 Jakub Hrozek jhrozek@redhat.com 2013-01-15T11:36:24+00:00 024d6981d5f0f66cdf528c234b82e5856d917e92 






TOOLS: Provide a convenience function to refresh a list of groups
2013-01-15T19:55:50+00:00

Jakub Hrozek
jhrozek@redhat.com

2013-01-15T11:35:58+00:00

7435bbb00feef2dde93532e62e40baa694348532












TOOLS: Split querying nss responder into a separate function
2013-01-15T19:55:47+00:00

Jakub Hrozek
jhrozek@redhat.com

2013-01-15T10:40:19+00:00

53aefebdca2ec9151aff87ae21ee4203eaa9a03a

The tools query the responder in order to sync the memcache after
performing changes to the local database. The functions will be reused
by other tools so I split them into a separate functions.





The tools query the responder in order to sync the memcache after
performing changes to the local database. The functions will be reused
by other tools so I split them into a separate functions.







TOOLS: move memcache related functions to tools_mc_utils.c
2013-01-15T19:55:42+00:00

Jakub Hrozek
jhrozek@redhat.com

2013-01-15T08:20:47+00:00

dd1dbf1e10a864f4ec0796aae3a6f272104b098e

The upcoming patches will link only users of this file with client libs,
so it's better to have it separate.

There is no functional change in this patch





The upcoming patches will link only users of this file with client libs,
so it's better to have it separate.

There is no functional change in this patch







Fix invalidating autofs maps
2013-01-15T19:55:39+00:00

Simo Sorce
simo@redhat.com

2013-01-13T13:31:29+00:00

deb17c493e6f82f0396b0df72e2b60565c2db9cb












sss_cache: fqdn not accepted
2013-01-04T16:15:43+00:00

Michal Zidek
mzidek@redhat.com

2012-11-05T15:53:46+00:00

5ddf09948236f3cca6bf4f3d2f3cebfbcc132ddc

sss_cache did not accept fully quaified domain names.

https://fedorahosted.org/sssd/ticket/1620





sss_cache did not accept fully quaified domain names.

https://fedorahosted.org/sssd/ticket/1620







sss_cache: Small refactor.
2013-01-04T16:15:40+00:00

Michal Zidek
mzidek@redhat.com

2012-11-20T12:52:12+00:00

7d226411fe3f18765f475adc513660f2201a3334

The logic that checks if sssd_nss is running and then
sends SIGHUP to monitor or removes the caches was moved
to a function sss_memcache_clear_all() and made public in
tools_util.h.





The logic that checks if sssd_nss is running and then
sends SIGHUP to monitor or removes the caches was moved
to a function sss_memcache_clear_all() and made public in
tools_util.h.