summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Manpage generationJakub Hrozek2009-05-148-3/+243
| | | | | | | | | Provides a set of make rules for generating UNIX manual pages from DocBook 4.5 source as well as sample manpage for sss_useradd. Automatic generation of manual pages during "make" process is tunable with config parameter "--with-manpages". To rebuild the man pages separately, use the "make doc" target. Before building, the manpages are validated using a DTD schema.
* Enable building a single libsssd_utils.so from commonStephen Gallagher2009-05-143-6/+38
|
* Enable modular build of common SSSD librariesStephen Gallagher2009-05-1414-10/+55
| | | | | | Allow configuration and build of individual SSSD utility libraries from their own subdirectories. Building all utilities is still possible recursively from the common root.
* Update configure rules for LDB and POPTStephen Gallagher2009-05-142-4/+9
| | | | | | We need to ensure that configure fails with an error if the popt development libraries are not present or if ldb module support is not available.
* More useful error message when adding user/group that already existsJakub Hrozek2009-05-142-2/+18
| | | | Fixes: RHBZ #498462
* Check for valid ID range, domains overlapJakub Hrozek2009-05-141-0/+36
|
* added check for NULL valuesSumit Bose2009-05-143-9/+8
| | | | | - allow unspecified value in struct pam_data to be NULL - check if domain structure is initialized in pam_reply
* Fix warnings in monitor.c and confdb.cStephen Gallagher2009-05-122-7/+13
|
* Separate confdb API from confdb setupStephen Gallagher2009-05-118-374/+458
| | | | | | | Refactoring the confdb so that the setup code can be linked separately from the access API. This is being done so that our plugins do not need to link against the collection and ini_config libraries.
* added syslog support to pam_sssSumit Bose2009-05-081-5/+40
|
* cleanup and fixes for pam_sssSumit Bose2009-05-081-190/+352
| | | | | | | | | | | - if PAM_USER==root return PAM_USER_UNKNOWN - pam_sss now can handle to following options: - use_first_pass: forces the module to use a previous stacked modules password and will never prompt the user - use_authtok: when password changing enforce the module to set the new password to the one provided by a previously stacked password module - forward_pass: store the passwords collected by the module as pam items for modules called later in the stack
* Chdir to / when daemonizingJakub Hrozek2009-05-081-0/+11
|
* Use tevent for shutdown signals, remove old pidfile, make sssd single-instance.Jakub Hrozek2009-05-082-1/+79
| | | | | | | | Use tevent signal handling facilities for handlong SIGTERM and SIGINT in the monitor. Remove pidfile on SIGTERM and SIGINT. Make sssd single-instance by checking if we suceeded in signaling the process in the pidfile.
* redirect stderr to /dev/null in initscriptJakub Hrozek2009-05-081-1/+1
|
* Fix some more return paths using uninitalized retSimo Sorce2009-05-061-3/+3
|
* Fixes for porting SSSD to Debian-based platformsStephen Gallagher2009-05-045-5/+7
|
* Fix configuration corruption issueStephen Gallagher2009-04-291-2/+20
| | | | | | | | | | In the event that the configuration was corrupt the first time the SSSD is started, it would write in the special data for attributes and indexes, but it would fail before writing the version. Subsequent reloads (even with correct configuration files) would fail, since they would try again to write the attributes and indexes and fail since they were already present.
* Fix IndentationSimo Sorce2009-04-291-88/+89
|
* reuse authtok which is already in the pam stackSumit Bose2009-04-291-2/+22
|
* Fix use of uninitialized return variableSimo Sorce2009-04-291-5/+5
|
* Add debug param to the tools, fix lock/unlock in sss_usermodJakub Hrozek2009-04-286-3/+31
|
* Invoke shadow-utils in sss_ toolsJakub Hrozek2009-04-2811-48/+643
| | | | | Make shadow-utils base path configurable Use default values for params, allow configuring them
* handle other pam calls when offlineSumit Bose2009-04-281-0/+10
|
* Use different attribute for cached passwords change timeSumit Bose2009-04-281-2/+2
|
* enable offline handling for native LDAP backendSumit Bose2009-04-281-4/+48
|
* change PAM timeout the match NSS timeSumit Bose2009-04-282-3/+1
|
* Use different attribute for cached passwordsSimo Sorce2009-04-272-3/+5
| | | | | | | This fixes a bug with legacy backends where the cached password would be cleared on a user update. Using a different attribute we make sure a userPassword coming from the remote backend does not interfere with a cachedPassword (and vice versa).
* Update sss_client configure.ac tooSimo Sorce2009-04-271-1/+1
|
* Release version 0.3.3sssd-0_3_3Stephen Gallagher2009-04-273-3/+3
|
* Eliminate segfault on NSS and PAM responder startup.Stephen Gallagher2009-04-271-0/+4
| | | | | | | | If the data provider is not yet available when NSS and PAM start, they will generate a segmentation fault when trying to configure their automatic reconnection to the Data Provider. I've now added code in sss_dp_init() to detect whether the dp_ctx is NULL and return EIO.
* Stress testJakub Hrozek2009-04-273-1/+333
|
* enable uid/gid generation againSumit Bose2009-04-271-3/+6
|
* handle pam acct_mgmt, setcred and open/close_session before user bind in ↵Sumit Bose2009-04-271-0/+17
| | | | ldap backend
* fix for pam proxy chauthtokSumit Bose2009-04-274-9/+22
| | | | | | | | | | When a user from a domain served by the proxy backend changes his password with passwd the passwd command asks for the old password, but it is not validated by the pam_chauthtok call in the proxy backend, because it is running as root. If the request is coming the unpriviledged socket we now call pam_authenticate explicitly before pam_chauthtok.
* removed length of unused element from packet size calculationSumit Bose2009-04-231-1/+1
| | | | | | The domain name is no longer send as an element on its own, but if set as a member of the response array. If the user was not found pd->domain is NULL and strlen will seg-fault.
* fixes for user and group creation in LOCAL domainSumit Bose2009-04-232-1/+20
| | | | | - added range check for supplied UIDs and GIDs - initialize pc_gid to 0 to trigger gid generation
* allow to forward the authtok to other pam modulesSumit Bose2009-04-231-0/+16
| | | | | | | | Other pam modules which are called after pam_sss might want to reuse the given password so that the user is not bothered with multiple password prompt. When pam_sss is configured with the option 'forward_pass' it will use pam_set_item to safe the password for other pam modules.
* fix for a seq fault when pam_reply_delay is called.Sumit Bose2009-04-221-2/+2
| | | | see https://fedorahosted.org/sssd/ticket/25
* add dynamic hash table data structure implementationJohn Dennis2009-04-228-2/+1903
| | | | | | | | | | | | | | | | | | | | | | Apply suggested fixes by Simo after code review * return statements no longer use () unless it's an expression * remove all use of assert() in library * use bool,true,false instead of int,TRUE,FALSE * add check for NULL hash table in public entry points * example code in header file now a seperate file * assure consistent use of unsigned long data type * add more debugging support * break out generation of integer key into convert_key() function * table parameters now tunable rather than hardcoded * table can now accept custom alloc()/free() functions * add function create_table_ex() to pass extra table parameters * remove MUL(), DIV(), MOD() macros * hash statistics now separate struct which can be queried * test program now accepts tuning parameters, iteration count; has better error checking and reporting fix min/max load factor comman line args in test program
* Add a release script to help building tarballsSimo Sorce2009-04-201-0/+8
| | | | It needs a gpg key for signing the tarball.
* sssd 0.3.2sssd-0_3_2Jakub Hrozek2009-04-204-4/+7
|
* INI parser. Fix for line numbers.Dmitri Pal2009-04-171-1/+4
| | | | | | Realized that I need to differentiate sections and attributes. To do this the line numbers for sections will be negative.
* INI parser. Adding comments to avoid confusion.Dmitri Pal2009-04-171-0/+2
| | | | | | There was a confusion about the functions that were recently added. They are incomplete. New added comments make it clear.
* INI parser. Removing inlines.Dmitri Pal2009-04-171-17/+17
| | | | There is controversy about the inlines so they are removed.
* Force user check and discover user's domainSimo Sorce2009-04-176-297/+593
| | | | | | | | | | | Force a user lookup against the users domain provider. If a user domain is not specified search though all non fully qualifying domains. Perform authentication against the corrent domain auth backend, based on the user's domain found in the lookup if one was not specified. Also move the NSS-DP functions in COMMON-DP as they are reused by the PAM responder too now.
* INI parser. Cleanup. Prep for INI validation.Dmitri Pal2009-04-163-189/+460
| | | | | | | | | | | | | This patch addresses several issues: a) Cleaning unit test to match coding standard b) Replace tabs with spaces - I do not know where they came but there were some. c) Allowing to read file and keep aside a collection of K-V pairs where key is the key in the INI file and value is the line number on which line the key apears. d) There will be different kinds of errors so error printing function was abstracted. g) Placeholders for other printing functions have been introduced.
* Avoid unnecessary reloads of config.ldbSimo Sorce2009-04-161-4/+37
| | | | | | Add code to check if the file has changed since the last update was performed. Avoid dumping and reloading the config ldb if the modification time of the configuration file has not changed at all.
* Fix by_id enumeration with multiple domainsSimo Sorce2009-04-161-0/+10
| | | | | | We need to stop parsing domains as soon as a caaandidate is found and let the callback search additional domains if the id is not found. Should fix ticket #21
* INI parser. Better error handling if something bad happens.Dmitri Pal2009-04-151-6/+21
| | | | | | Tried to use the INI interface and saw that the list of parsing errors can be not NULL but the actual data is cleaned.
* Fixing memory issues in ini and collectionDmitri Pal2009-04-143-15/+40
| | | | | | | The read_line() function used an internal buffer allocated on stack as temporary storage for a line read from file, then returned it. read_line() now gets a buffer from the caller. Fixed memory leaks in INI and Collection found by valgrind.
generated by cgit (git 2.34.1) at 2024-06-18 01:53:59 +0000