| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Glib fails if the NULL-terminator is included when a length is
specified.
|
| |
|
| |
|
| |
|
|
|
|
| |
This reverts commit c417f0b8cde38ff5cc10241383f1481e3440879c.
|
| |
|
|
|
|
|
| |
Includes several index updates necessary for major performance
improvements.
|
|
|
|
|
| |
Due to incorrectly written loop, SSSD would go into infitite loop if it
processed the same group on two different levels of membership.
|
| |
|
|
|
|
|
|
|
|
|
| |
There are several places (all error-handling) where sss_cmd_done()
is called with no response packet created. As a short-term
solution, we need to check whether the packet is NULL and simply
return EINVAL. client_send() (the consumer) will then forcibly
disconnect the client (which will return PAM_SYSTEM_ERR to the
client).
|
| |
|
|
|
|
|
|
|
|
| |
Utility functions for LDAP nested schema initgroups
Use fewer transactions during RFC2307bis initgroups
Use fewer transactions during IPA initgroups
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Mention cache_credentials and tweak the AD example to match the wiki page.
https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix off-by-one error in remove_socket_symlink()
https://fedorahosted.org/sssd/ticket/1043
Report on errno, not return code in create_socket_symlink
https://fedorahosted.org/sssd/ticket/1044
|
|
|
|
|
|
|
|
|
|
| |
HBAC: Do not save member/memberOf links
We can just trust the values from the FreeIPA server
HBAC: Use originalMember for identifying servicegroups
HBAC: Use originalMember for identifying hostgroups
|
| |
|
|
|
|
|
|
|
|
| |
Add option to follow symlinks to check_file()
Append PID to sbus server socket name, let clients use a symlink
https://fedorahosted.org/sssd/ticket/1034
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1024
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1014
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1013
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add sysdb interface to get name aliases
Add a sysdb_get_direct_parents function
Store name aliases for users, groups
Return users and groups based on alias
https://fedorahosted.org/sssd/ticket/926
Fix typo in sysdb_get_direct_parents
|
| |
|
| |
|
| |
|
|
|
|
| |
Coverity 10886
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1003
|
|
|
|
|
|
|
|
|
|
| |
We were incorrectly using DBUS_ERROR_TIMEOUT here. The correct
behaviour is to check for DBUS_ERROR_NO_REPLY. This way we will
properly handle the three-tries in the tasks_check_handler().
Additionally, we weren't properly handling failure counts
correctly, meaning we weren't restarting stuck services in a
timely manner.
|
|
|
|
|
|
|
|
|
|
| |
sss_ldap_err2string() - function created
https://fedorahosted.org/sssd/ticket/986
sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()
https://fedorahosted.org/sssd/ticket/986
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/985
|
| |
|
|
|
|
|
|
|
| |
Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.
https://fedorahosted.org/sssd/ticket/980
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/978
|
|
|
|
|
| |
We were trying to look up the wrong attribute for the name of the
hostgroup.
|
| |
|
|
|
|
|
|
| |
Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the
requested password policy cannot be found we return PAM_PERM_DENIED.
Additionally the log message says that the access is denied.
|
| |
|
|
|
|
|
|
| |
match RDN
https://fedorahosted.org/sssd/ticket/926
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/970
|
|
|
|
|
|
|
|
|
|
|
|
| |
There may be users in LDAP that have a valid but unwelcome shell
set in their account. This adds a blacklist of shells that should
always be replaced by the fallback_shell.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Prevent segfault if vetoed_shells are specified without allowed_shells
https://fedorahosted.org/sssd/ticket/954
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/951
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/916
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/928
|
|
|
|
|
|
|
|
|
|
| |
If a pam or nss module is dlcolse()d and unloaded we were leaking
the file descriptor used to communicate to sssd in the process.
Make sure the fucntion used to close the socket file descriptor is
called on dlclose()
Silence autoconf 2.28 warnings (Patch by Jakub Hrozek)
|