| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
| |
This adds a big test case for invoking a handler with all supported
basic arguments, and constructing a reply with the same. Lots of
tedious code, but worth it to make sure things work well.
(cherry picked from commit 1203e462650f035b0df2304075d60b9a99e36715)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Type safe method handlers allow methods not to have to do tedious
unwrapping and wrapping of DBus method call messages or replies.
Arguments of the following DBus types are supported in type-safe
method handlers. In addition arrays of these are supported.
y: uint8_t
b: bool (but no arrays, yet)
n: int16_t
q: uint16_t
i: int32_t
u: uint32_t
x: int64_t
t: uint64_t
d: double
s: char * (utf8 string)
o: char * (object path)
As an exception, arrays of booleans are not supported, but could be
added later. Other more complex types could be added later if desired.
If a method has other argument types, then it must be marked as having
a raw handler (see below).
Internally each method can have a type specific invoker function which
unpacks the incoming arguments and invokes the method handler with the
correct arguments.
Each method also has a finish which accepts the type-safe out arguments
(ie: return values) and builds the reply message. Like other request
'finish' functions, these free the request talloc context, and are to
be used in place of sbus_request_finish() or friends.
Raw method handlers parse their own method arguments, and prepare their
own reply (ideally using sbus_request_finish() helpers). They can also
do strange things like have variable arguments. To mark a DBus method
as having a raw method handler use the following annotation:
<annotation name="org.freedesktop.sssd.RawHandler" value="true"/>
Raw methods do not have invokers or finish functions.
I've left all of the internal peer to peer communication using raw
method handlers. No code changes here.
(cherry picked from commit dff909d473f43a6bd0f0286fa2d279c0ebe945c6)
|
|
|
|
|
|
|
| |
Also fixes a warning about uninitialized 'method' as the 'method'
variable was unused and not set previously when introspecting.
(cherry picked from commit 7a9a6ee1b5f5479c3a6958401f9b34c571c3b6bf)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2234
This patch generates the introspection data from the sbus interface meta
structure. The generated XML conforms to
http://dbus.freedesktop.org/doc/dbus-specification.html#introspection-format
The XML description of the interface also always includes the
org.freedesktop.DBus.Introspectable interface, which this patch also allows
in the policy settings.
(cherry picked from commit 42c28b9424b6ef8a0021b124773e171dd5defadd)
|
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
LDAP server can contain template for home directory instead of plain string.
This patch adds new expand option "%H", which will be replaced with value
from configuration option homedir_substring (from sssd.conf)
Resolves:
https://fedorahosted.org/sssd/ticket/1853
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Function expand_homedir_template had lot of parameters.
After adding new expand option, all function call should be rewritten,
(usually argument NULL will be added)
This patch wraps all necessary arguments to structure.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
|
|
|
|
|
|
| |
sss_parse_name now supports NULL as output parameters so existing calls passing
arguments which were never read were substituted by NULL.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Variable with type 'const char *' can be used as output argument in function
sss_parse_name, but there will be warning.
warning: passing 'const char **' to parameter of type 'char **'
discards qualifiers in nested pointer types
[-Wincompatible-pointer-types-discards-qualifiers]
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
|
|
|
|
|
|
|
| |
The code of sss_parse_name_for_domains is really complex and hard to
read. This patch adds a unit test to be able to see the function being
used.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
user_map_cnt was initialized when all the traditional back ends are
initialized. However, for the server mode, we simply copy the defaults
and the count was left zeroed, which led to crashes.
Down the road, we should consider tying the map and the attribute count
together (see ticket #2336)
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit 35d420c5d4609b6e999920e38a9b2ec40a0e1ac4)
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2073
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2073
This commit adds a new option ldap_user_extra_attrs that is unset by
default. When set, the option contains a list of LDAP attributes the LDAP
provider would download and store in addition to the usual set.
The list can either contain LDAP attribute names only, or colon-separated
tuples of LDAP attribute and SSSD cache attribute name. In case only LDAP
attribute name is specified, the attribute is saved to the cache verbatim.
Using a custom SSSD attribute name might be required by environments that
configure several SSSD domains with different LDAP schemas.
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The sdap_copy_opts function copied all the arguments except for the
sentinel.
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit fcb8e3f1f49bb34c409d8dbd75889eb72be05517)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test ipa_ldap_opt has undefined symbols from libldap and liblber,
but it was not directly linked with openldap libraries.
sh-4.2$ nm --undefined-only .libs/ipa_ldap_opt-tests | grep -E "ldap|ber"
U ber_free
U ldap_err2string
It causes linker failure on systems with disabled link_all_deplibs (debian)
/usr/bin/ld: src/providers/ldap/ipa_ldap_opt_tests-sdap.o: undefined reference
to symbol 'ber_free'
/usr/bin/ld: note: 'ber_free' is defined in DSO /lib64/liblber-2.4.so.2 so try
adding it to the linker command line
/lib64/liblber-2.4.so.2: could not read symbols: Invalid operation
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit d12c95d840ed5de7f34e21002943c48e711a33f4)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The responders were copying code to parse input and on encountering an
uknown domain, send the discover subdomain request. This patch adds a
reusable request that can always be called in responders and in case the
name can be parsed, just shortcut.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 7caf7ed4f2eae1ec1c0717b4ee6ce78bdacd5926)
Conflicts:
Makefile.am
|
|
|
|
|
|
|
|
|
| |
Splitting the module would allow responders that test the Data Provider
requests to use the mock_rctx/mock_cctx functions without duplicate
definitions.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit c440c424443517b12afa8d56f989d92ca6ba56a3)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This would allow to call create_dom_test_ctx from tests that expect to
be able to parse input with a regular expression just like a responder
would do with an input from a client.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit e4b4b669e0c1ef5ec3be04768edf2565a7bac5a1)
Conflicts:
src/tests/common.h
|
|
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
There is no need for client socket in IFP responder,
since it uses D-Bus for communication with clients.
Resolves:
https://fedorahosted.org/sssd/ticket/2290
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 0a6fa194bad18f417dc8542d3b8f654f898375c5)
|
|
|
|
|
|
|
|
|
|
|
| |
Related:
https://fedorahosted.org/sssd/ticket/2072
Adds the possibility for the InfoPipe responder to connect to the system bus.
At the moment, only a dummy method "Ping" is provided. The method only
accepts a single string parameter that has to be 'ping'.
(cherry picked from commit 8214510f125879c3b1d247f2ce981ee20b5375d1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Related:
https://fedorahosted.org/sssd/ticket/2072
This commit only adds the responder and the needed plumbing. No DBus
related code is in yet.
(cherry picked from commit cb4d5b588e704114b7090678752d33512baa718e)
Conflicts:
src/conf_macros.m4
src/confdb/confdb.h
|
|
|
|
| |
(cherry picked from commit 03fb48fdaa7ed95ecb38ecc43a6d221ff2cfd950)
|
|
|
|
| |
(cherry picked from commit 9de5878d247b77b8f520a57727cd55f42e179caa)
|
|
|
|
| |
(cherry picked from commit a573d112013e44373f03b98f653fede0feee9fdc)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/tests/sbus_codegen_tests-sbus_codegen_tests.o: In function `eject_handler':
tests/sbus_codegen_tests.c:229: undefined reference to `ck_assert_uint_eq'
tests/sbus_codegen_tests.c:235: undefined reference to `ck_assert_uint_eq'
tests/sbus_codegen_tests.c:239: undefined reference to `ck_assert_uint_eq'
src/tests/sbus_codegen_tests-sbus_codegen_tests.o: In function `test_marshal_basic_types':
src/tests/sbus_codegen_tests.c:446: undefined reference to `ck_assert_uint_eq'
src/tests/sbus_codegen_tests.c:449: undefined reference to `ck_assert_uint_eq'
src/tests/sbus_codegen_tests-sbus_codegen_tests.o:
src/tests/sbus_codegen_tests.c:451: more undefined references to `ck_assert_uint_eq' follow
collect2: ld returned 1 exit status
make[3]: *** [sbus_codegen_tests] Error 1
Macro ck_assert_uint_eq was added in check-0.9.10
Resolves:
https://fedorahosted.org/sssd/ticket/2319
Reviewed-by: Michal Židek <mzidek@redhat.com>
(cherry picked from commit 1a94716209e40a9ccaedc7e70f9de961d1cced48)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some DBus types returned from dbus_message_get_args() require memory
to be released when done. We automatically attach these to the talloc
struct sbus_request memory context in this function.
This accepts varargs similar to dbus_message_get_args(), which are
rather awkward. However instead of reworking them completely, future
generated marshalling code will replace most uses of these varargs.
If parsing the dbus message fails, then it responds to the DBus caller
with an appropriate error such as o.f.D.Error.InvalidArgs. In these
cases (ie: when it returns FALSE) the sbus_request is finished.
Migrated some, but not all, uses of dbus_message_get_args() to the
new function. Some instances have uncommon semantics such as terminating
the connection upon failure to parse a message.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 06b7bc8ca2e005ed510210d3b8dee16afbabbcc9)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This starts a DBus server with some handlers, and runs some method
calls against it.
Note that we don't use the codegen in the sbus_tests, as we sorta
want to test this non-codegen related functionality on its own before
we run the sbus_codegen_tests.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit f5e47e1d65f80ffdb1893feab18583a74d661214)
Conflicts:
Makefile.am
|
|
|
|
|
|
|
|
|
|
|
| |
I'd like to use this during testing. We should check that the
socket ownership is the same as the process, rather than limiting
it to root.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit e35bff1cf25048a0dcafd6d8fdba60da82e88338)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most importantly, stop using per connection private data. This doesn't
scale when you have more than one thing exporting or exported on a
connection.
Remove struct sbus_interface and expand sbus_conn_add_interface()
function. Remove various struct sbus_interface args to connection
initialization functions and make callers use sbus_conn_add_interface()
directly. The old method was optimized for exporting one interface
on a connection. We'll have connections that export zero, one or more
interfaces.
To export an interface on a DBus server, call sbus_conn_add_interface()
from within the sbus_server_conn_init_fn. To export an interface on
a DBus client, call sbus_conn_add_interface() after sbus_new_connection()
returns.
As before struct sbus_interface represents an object exported via DBus.
However it is now talloc allocated. One can set instance data on the
struct sbus_interface. This instance data is passed to the various
handlers and used in their implementation.
However, we now have type safe interface exporting in the various
high level sss_process_init() sss_monitor_init() and so on.
Introspection support was not in use, and is now gone until we
implement it using the metadata (future patch).
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 07e941c1bbdc752142bbd3b838c540bc7ecd0ed7)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct sbus_request represents a request from a dbus client
being handled by a dbus server implementation. The struct
contains the message, connection and method (and in the
future teh property) which is being requested.
In the future it will contain caller information as well.
sbus_request is a talloc memory context, and is a good place to
attach any allocations and memory specific to the request.
Each handler accepts an sbus_request. If a handler returns
EOK, it is assumed that the handler will finish the request.
Any of the sbus_request_*finish() methods can be used to
complete the request and send back a reply.
sbus_request_return_and_finish() uses the same argument
varargs syntax as dbus_message_append_args(), which isn't
a great syntax. Document it a bit, but don't try to redesign:
The marshalling work (will follow this patch set) will remove
the need to use varargs for most DBus implementation code.
This patch migrates the monitor and data provider dbus code
to use sbus_request, but does not try to rework the talloc
context's to use it.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit d9577dbd92555b0755881e37724019ef9c578404)
Conflicts:
src/sbus/sssd_dbus.h
|
|
|
|
|
|
|
|
|
|
|
|
| |
Disabling use of Token-Groups is mandatory if expansion of nested groups is not
desired (ldap_group_nesting_level = 0) for AD provider.
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 69994add9cd4e57d40b3b7a0b1783ef2d0aa974c)
|
|
|
|
|
|
|
|
|
|
|
| |
Make ldap_group_nesting_level = 0 to ignore group nesting entirely.
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit c30f1d05d6c75080fbe8ea9868f291e7a331ad44)
|
|
|
|
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 3c1899348804713b49ba9c1f2bc782892c47c2fa)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows us to remove duplicated information, and have the
compiler check that when an method name is changed or removed
the callers are updated.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit b668c77874c6fed325471bdcf5954979a0d734e2)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is not strictly necessary, but avoids duplicating data
in mulitple places, and makes the interface definitions
benefit dbus callers (a little).
After applying this commit you may need to 'make clean' as
the codegen has changed.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit c2cc119de8eac712c040b3993f41c967ff2278de)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previous commits added support for interface metadata and
handler vtables. This commit ports sbus_dbus_connection to
use them.
Port the internal uses of dbus to use the new scheme in a
very minimal way. Further cleanup is possible here.
This commit provides basic definitions of the internal
dbus interfaces. The interfaces aren't fully defined, as the
handlers will continue to unpack manually, and often overload
DBus methods with different arguments (which is rather
unorthodox, but not the end of the world).
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit 769347ad4d35d43488eb98f980143495b0db415d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an incorrect use of DBus, where we use a single interface
name with completely different sets of methods.
Easily fixed.
Once the vtable stuff is in use then this would be automatically
detected and fail to build.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit 3e7d7af1953410f3f009bf3b2e481a46fb80de83)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Each interface is a vtable structure derived from
sbus_vtable, in the sense that it has an sbus_vtable
struct as its first argument. This lets us upcast the
interface vtable structure to an sbus_vtable and dispatch
to it dynamically and cleanly.
The interface metadata contains information about which
vtable offset in the interface metadata should be dispatched
to for a given function. This is a common scheme, not only
among dbus implementations, but also compiled languages.
Currently all the vtable functions are of type
sbus_msg_handler_fn. These are the handlers we are familiar
with and perform raw processing of the message. Later commits
will introduce type safe handlers that levelage compile checking
and automatic argument packing/unpacking.
Although this may seem contrived now, the remainder of the
dbus infrastructure work will build on this, including
ofd.Properties, ofd.ObjectManager, ofd.Introspect, compiler
checked type safe unpacking/packing, etc.
The codegen now generates vtable structures for each interface
along-side the metadata, and fills in vtable offsets
appropriately.
It is obviously still possible to hand-craft such vtables and
metadata if needed for a special case.
Once again examples output can be found at:
src/tests/sbus_codegen_tests_generated.h
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit fcd8093c58638dc7c4f9cddfc97f273b94ce2ead)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These metadata structures hold the information about all the
details of a DBus interface. They are typically generated from
the canonical XML form of the DBus interface, although they
may also be hand crafted.
Add some handy functions for looking up methods, props, signals,
in the metadata of an interface. Currently lookups are just done
by looking through an array. If performance becomes an issue (ie:
very large interfaces) it would be really easy to sort things
and use bsearch().
Later commits will include some definitions using this metadata
and related functions.
DBus interfaces are defined here:
http://dbus.freedesktop.org/doc/dbus-specification.html#introspection-format
The introspection data format has become the standard way to represent a
DBus interface. For many examples see /usr/share/dbus-1/interfaces/ on a
typical linux machine.
A word about annotations. These are extra flags or values that can be
assigned to anything. So far, the codegen supports this annotation:
org.freedesktop.DBus.GLib.CSymbol
- An annotation specified in the specification that tells us what C symbol
to generate for a given interface or method. By default the codegen will
build up a symbol name from the DBus name.
It is possible to confuse the code generator into producing invalid
C code (with strange method names, for example), but the C compiler
catches such silliness right away.
Add tests testing basic features of the codegen and poking through
the metadata it creates. Also test the metadata lookup functions.
Generated code is checked in for easy discovery.
An example of the XML interface definitions can be found at:
src/tests/sbus_codegen_tests.xml
And an example of the generated header can be found here:
src/tests/sbus_codegen_tests_generated.h
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit b699c4d7f85a5404be1d1ee9450331aea869b886)
Conflicts:
Makefile.am
|
|
|
|
|
|
|
|
|
|
|
| |
Remove premature call of tevent_req_done() from sdap_get_initgr_done().
Request is correctly marked as done at sdap_get_initgr_pgid().
Resolves:
https://fedorahosted.org/sssd/ticket/2334
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit fc731b54cd74e6732f1e33c7cc4ed49cab0f7c90)
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2114
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 6973f38e624e757587b14f1dbabc3466492d1dac)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Validation of xml files failed with new version of libxml2 (CVE-2014-0191)
make[2]: Entering directory `/builddir/build/BUILD/sssd-1.9.2/src/man'
/usr/bin/xmllint --catalogs --postvalid --nonet --xinclude --noout sss_usermod.8.xml
sss_usermod.8.xml:4: element reference: validity error : No declaration for element reference
sss_usermod.8.xml:5: element title: validity error : No declaration for element title
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit b772ceb6e5cdda62aa98d4fc61f4800b9779b74a)
|
|
|
|
|
|
|
|
|
|
|
|
| |
If initialisation fails in function _sss_setautomntent, context will not be
initialized and automount client will crash.
The function _sss_endautomntent should not try to dereference NULL pointer.
Resolves:
https://fedorahosted.org/sssd/ticket/2288
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 01f0d708fddfd50bdbb36a63737dcdc2c2fbd28d)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The return value of function sss_autofs_make_request was not checked.
(returned value was SSS_STATUS_UNAVAIL)
Unfotunatelly, errnop was zero; buffer "repbuf" was not initialised
and automount crashed in sss_autofs plugin.
Resolves:
https://fedorahosted.org/sssd/ticket/2288
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 71bcdde36bcfd8cb797777062208a85bf6337dec)
|
|
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
|
|
|
|
|
| |
If openldap is not built with sasl support
libsss_ad.so will not be linked with libsasl2 although
sasl_client_init is called by function ad_sasl_initialize.
(cherry picked from commit c3889e5a101a075defe533d81f5296d5e680f639)
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds some more log messages to functionality of storing groups into
sysdb. As these functions are low level and failures are often handled on
higher levels the commonly chosen level is SSSDBG_TRACE_LIBS.
Related:
https://fedorahosted.org/sssd/ticket/2239
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Samba 4 libraries are necessary for building {ad, ipa} provider,
but samba4 needn't be available on older distributions.
This patch add possibility to build SSSD without {ad, ipa} provider
and thus without Samba 4 libraries.
The script configure have new argument --with-samba with default value yes.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2322
When the AD subdomains code looked up the root domain subsequently
(after the domain list was already populated), the non-root domains
might have been removed along with their respective tasks, because the
root domain lookup only ever matched a single root domain.
This could cause havoc especially during login when different lookups
for different domains might be going on during user group refresh.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit 66e1502f956ee71de6cd51c37f7752f8aa14f5f5)
|