summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* tests: ncache_hit must be an int to test UPNsJakub Hrozek2015-03-121-9/+9
| | | | | | | | In order to detect faulty cases where negcache would be checked twice, we need to convert the ncache_hit to integer and check exact amounts of hits. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* tests: convert all unit tests to cmocka 1.0 or laterJakub Hrozek2015-03-1135-663/+769
| | | | | | All tests now use the cmocka-1.0-compatible API. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* RPM: BuildRequire libcmocka >= 1.0Jakub Hrozek2015-03-111-1/+1
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* build: Only run cmocka tests if cmocka 1.0 or newer is availableJakub Hrozek2015-03-111-2/+2
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* MAN: default_domain_suffix with use_fully_qualified_names.Michal Zidek2015-03-111-2/+6
| | | | | | https://fedorahosted.org/sssd/ticket/2569 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Use FQDN if default domain was setMichal Zidek2015-03-113-4/+35
| | | | | | https://fedorahosted.org/sssd/ticket/2569 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* ldap_child: fix coverity warningPavel Reichl2015-03-111-2/+12
| | | | | | | In ldap_child_get_tgt_sync() variable 'ret' got overriden in done section without ever before being read. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Log reason in debug message why ldb_modify failedLukas Slebodnik2015-03-118-10/+68
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* KRB5: More debugging for create_ccache()Jakub Hrozek2015-03-101-13/+41
| | | | | | | | It was difficult to find where the problem was without advanced techniques like strace. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* PAC: Fix memory leakLukas Slebodnik2015-03-091-0/+1
| | | | | | Reported by clang static analyser. Reviewed-by: Sumit Bose <sbose@redhat.com>
* sysdb: use sysdb_user/group_dnPavel Březina2015-03-094-38/+18
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: get rid of callback pointersPavel Březina2015-03-091-67/+31
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: support groupsPavel Březina2015-03-085-0/+63
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2346 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: support usersPavel Březina2015-03-085-0/+62
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2346 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: add sdap_refresh_initPavel Březina2015-03-085-30/+33
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: refactor netgroups refreshPavel Březina2015-03-081-32/+77
| | | | | | | This is a preparation to support other object types without introducing duplicated code. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sdap_handle_acct_req_send: remove be_reqPavel Březina2015-03-084-17/+13
| | | | | | | | | | | be_req was used only as a talloc context for subreq. This memory context was replace by state of the parent request which is more suitable for tevent coding style. This change will allow us to use this function in be_refresh where none be_req is available. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_refresh: refresh all domains in backendPavel Březina2015-03-084-37/+66
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* SDAP: fix minor neglect in is_account_locked()Pavel Reichl2015-03-061-0/+2
| | | | | | | | | | It would be better to return explicit error code, although access is still denied and error message printed. Relates: https://fedorahosted.org/sssd/ticket/2534 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* ldap_child: initialized ccname_file_dummySumit Bose2015-03-061-1/+1
| | | | | | | | | | ccname_file_dummy is used in the done-block which is called before ccname_file_dummy is set to a value. This patch initializes ccname_file_dummy to NULL. Related to https://fedorahosted.org/sssd/ticket/2592 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* SDAP: Lock out ssh keys when account naturally expiresPavel Reichl2015-03-055-94/+254
| | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2534 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* UTIL: convert GeneralizedTime to unix timePavel Reichl2015-03-056-3/+121
| | | | | | | | New utility function *sss_utc_to_time_t* to convert GeneralizedTime to unix time. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* selinux: Delete existing user mapping on empty defaultJakub Hrozek2015-03-042-7/+17
| | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/2587 The case of SELinux default user mapping being an empty string is valid, it should translate into "pick the default context on the target machine". In case the context is empty, we need to delete the per-user mapping from the SELinux database to make sure the default is used. Reviewed-by: Michal Židek <mzidek@redhat.com> Reviewed-by: Pavel Reichl <preichl@redhat.com>
* LDAP: unlink ccname_file_dummy if there is an errorDaniel Hjorth2015-03-041-1/+11
| | | | | | | | | | | https://fedorahosted.org/sssd/ticket/2592 If there is an error after ccname_file_dummy is created but before it is renamed then the file isn't removed. This can cause a lot of files to be created and take up inodes in a filesystem. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com>
* SDAP: enable change phase of pw expire policy checkPavel Reichl2015-03-037-1/+119
| | | | | | | | | | | | | Implement new option which does checking password expiration policy in accounting phase. This allows SSSD to issue shadow expiration warning even if alternate authentication method is used. Resolves: https://fedorahosted.org/sssd/ticket/2167 Reviewed-by: Sumit Bose <sbose@redhat.com>
* SDAP: refactor pwexpire policyPavel Reichl2015-03-033-32/+91
| | | | | | | | | Move part of pwexpire policy code to a separate function. Relates to: https://fedorahosted.org/sssd/ticket/2167 Reviewed-by: Sumit Bose <sbose@redhat.com>
* FO: Use SRV TTL in fail over codeJakub Hrozek2015-03-0311-9/+666
| | | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/1884 Removes the hardcoded SRV TTL timeout and uses TTL from the DNS instead. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* resolv: Use the same default timeout for SRV queries as previouslyJakub Hrozek2015-03-032-1/+7
| | | | | | | | | | | When we changed the resolver code to use the TTL values from the DNS queries instead of harcoded ones, we changed the default value by accident. Add a separate SRV TTL that is backwards-compatible with the old harcoded value. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* Remove useless assignment to function parameterLukas Slebodnik2015-03-023-3/+0
| | | | | | | | | | | | | Reported by: cppcheck void free_fun(struct info *info) free(info->name); free(info); info = NULL; ^^^^^^^^^^^ Assignment to function parameter has no effect outside the function. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* SDAP: log expired accounts at lower severity levelPavel Reichl2015-03-021-4/+16
| | | | | | | Attempts to log into expired accounts were logged as SSSDBG_CRIT_FAILURE which is misleading as no real failures were happening. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* IPA: Remove unused argument from ipa_id_get_group_uuidsLukas Slebodnik2015-03-021-2/+0
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* Remove unused argument from be_nsupdate_create_fwd_msgLukas Slebodnik2015-03-023-3/+1
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* BUILD: Uninstall also symbolic links to python bindingsLukas Slebodnik2015-03-021-8/+16
| | | | | | | | | | | | | | | | | | | | | | Make uninstall did not remove symbolic links and make distcheck did not detect it. As a result of this bug another make install failed. cd /usr/lib64/python2.7/site-packages && \ ln -s _py2sss.so pysss.so ; \ ln -s _py2hbac.so pyhbac.so ; \ ln -s _py2sss_murmur.so pysss_murmur.so ; \ ln -s _py2sss_nss_idmap.so pysss_nss_idmap.so ln: failed to create symbolic link ‘pysss.so’: File exists ln: failed to create symbolic link ‘pyhbac.so’: File exists ln: failed to create symbolic link ‘pysss_murmur.so’: File exists ln: failed to create symbolic link ‘pysss_nss_idmap.so’: File exists Makefile:19361: recipe for target 'install-exec-hook' failed make[4]: *** [install-exec-hook] Error 1 This patch also use argument "-f" with command ln which remove existing destination files before creating symbolic link Reviewed-by: Pavel Reichl <preichl@redhat.com>
* BUILD: fix chmake not to generate warningPavel Reichl2015-03-021-1/+2
| | | | | | | | | | | | | Generated warning: /usr/include/features.h:328:4: warning: warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp] warning _FORTIFY_SOURCE requires compiling with optimization (-O) Macro _FORTIFY_SOURCE requiers to be compiled with optimization. But the problem with bash function chmake is that it turns off optimization. To avoid generating warning chmake should undefine macro _FORTIFY_SOURCE. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* PROXY: add missing space in debug messagePavel Reichl2015-02-271-2/+2
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* PAM: check return value of confdb_get_stringPavel Reichl2015-02-271-0/+6
| | | | | | Coverity found this neglect. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* PAM: print the pam status as string, tooJakub Hrozek2015-02-254-6/+12
| | | | | | | | On several places, let's add a pam_strerror() call so that it's easier to debug user problems. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
* SPEC: Build python3 bindings on available platformsLukas Slebodnik2015-02-255-13/+154
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2574 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* SPEC: Replace python_ macros with python2_Lukas Slebodnik2015-02-251-14/+20
| | | | Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* TESTS: Run python tests with all supported python versionsLukas Slebodnik2015-02-257-5/+48
| | | | | | | This patch add simple bash wrappers for python tests. They are executed either with python2 or python3. Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* BUILD: Add possibility to build python{2,3} bindingsLukas Slebodnik2015-02-256-65/+267
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2574 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* SPEC: Move python bindings to separate packagesLukas Slebodnik2015-02-251-2/+33
| | | | | | | Some pyhton bindings pysss and pysss_murmur was in package sssd-common. Therefore package sssd-common had python as a dependency. Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* SPEC: Use new convention for python packagesLukas Slebodnik2015-02-251-8/+12
| | | | Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* BUILD: Use python-config for detection *FLAGSLukas Slebodnik2015-02-252-33/+36
| | | | | | | | The script python-config was not available in older versions of python. This patch simplify detection of python CFLAGS and LDFLAGS and increase minimal required version of python to 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_unicode_from_stringLukas Slebodnik2015-02-254-24/+10
| | | | | | The function PyUnicode_FromString is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove compatibility macro PyModule_AddIntMacroLukas Slebodnik2015-02-252-6/+1
| | | | | | The macro PyModule_AddIntMacro is defined in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_checkLukas Slebodnik2015-02-254-15/+2
| | | | | | The macro PySet_Check is defined in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_addLukas Slebodnik2015-02-254-21/+3
| | | | | | The function PySet_Add is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_newLukas Slebodnik2015-02-254-14/+3
| | | | | | The function PySet_New is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* BUILD: Remove detection of type Py_ssize_tLukas Slebodnik2015-02-252-19/+0
| | | | | | The type Py_ssize_t is defined in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
generated by cgit (git 2.34.1) at 2024-10-02 13:16:00 +0000