| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Moved unused functions and merged ipa_selinux_common.c into
ipa_selinux.c
|
|
|
|
| |
If talloc_zero fails ENOMEM should be returned and no EIO
|
| |
|
|
|
|
|
|
|
|
| |
ldap_get_options can fail in time of ldap back end initialisation
and then sssd try to release uninitialised sdap_options.
Resolves:
https://fedorahosted.org/sssd/ticket/2147
|
| |
|
|
|
|
|
|
|
|
|
|
| |
cifs-idmap plugin is enabled by default, but required header file cifsidmap.h
needn't be available on other distributions. It was not clear that cifs-idmap
plugin is optional feature of sssd. With this patch, configure will recommend
to build sssd without cifs idmap plugin if cifsidmap.h is not available.
Resolves:
https://fedorahosted.org/sssd/ticket/2125
|
|
|
|
|
|
|
|
| |
sig_term() was never used as a real signal handler, but only called by tevent
signal handlers in the kerberos and ldap children.
Also the same code was duplicated with separate local guard variables in other
functions.
Unify orderly termination handling, between all these functions.
|
|
|
|
|
| |
SIGHUP handling is implemented later using a tevent handler so sig_hup() is
useless.
|
|
|
|
| |
Cleanup unused signal functions
|
| |
|
|
|
|
|
|
|
|
| |
LDAP_CFLAGS is never defined.
OPENLDAP_CFLAGS is set by src/external/ldap.m4.
This patch does:
sed -i 's/$(LDAP_CFLAGS)/$(OPENLDAP_CFLAGS)/' Makefile.am
|
|
|
|
|
|
| |
If openldap is not built with sasl support
libsss_ad.so will not be linked with libsasl2 although
sasl_client_init is called by function ad_sasl_initialize.
|
|
|
|
|
|
|
| |
Automake computes build dependencies of a program automatically but not
if prog_DEPENDENCIES is set. In this case only the dependencies given by
prog_DEPENDENCIES are used. If the automatically calculated dependencies
should be augmented EXTRA_prog_DEPENDENCIES should be used.
|
|
|
|
|
| |
If any function before failed, sss_idmap_free_sid() might have been
called with random data.
|
| |
|
|
|
|
|
|
|
| |
Added and documented option offline_timeout.
Resolves:
https://fedorahosted.org/sssd/ticket/1718
|
|
|
|
|
| |
resolves:
https://fedorahosted.org/sssd/ticket/1359
|
|
|
|
|
|
|
|
|
|
| |
Some groups could be skipped, but packet length was not trimmed.
This is a reason why valgrind reported access to uninitialised bytes.
Actually, it isn't a problem, because the first uint32 in body is number of
sended gids.
Resolves:
https://fedorahosted.org/sssd/ticket/2138
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2133
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2133
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2133
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2133
|
| |
|
| |
|
|
|
|
|
|
| |
Libraries MUST be specified in LDADD/LIBADD, not LDFLAGS, because
LDFLAGS appear earlier in the command line and library order is
significant.
|
|
|
|
| |
Changing style of including header files from outside of sssd tree - from "header.h" to <header.h>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Groups may contain members from different domains. We need
to make sure that we always choose correct domain for subdomain
users when looking up in sysdb.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
|
|
|
|
|
|
|
|
|
| |
Groups may contain members from different domains. We need
to make sure that we always choose correct domain for subdomain
users when looking up in sysdb.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
|
|
|
|
|
|
|
|
|
| |
Groups may contain members from different domains. We need
to make sure that we store subdomain users with correct
domain name.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
|
|
|
|
|
|
|
|
| |
This function will find sdap domain by comparing object dn
with domain base dn.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
|
|
|
|
|
|
|
|
|
| |
Groups may contain members from different domains. Remembering
base dn in domain object gives us the ability to simply lookup
correct domain by comparing object dn with domain base dn.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
|
|
|
|
|
|
|
|
|
|
| |
When getByID or getBySID comes from responder, the request doesn't
necessarily have to contain correct domain, since responder iterates
over all domains until it finds a match.
Every domain has its own ID range, so we can simply shortcut if
domain does not match and avoid LDAP round trip. Responder will
continue with next domain until it finds the correct one.
|
| |
|
| |
|
|
|
|
|
|
| |
If talloc_array return NULL we should return right error code from function
sdap_domain_subdom_add. It might happen that we could return either wrong error
code or uninitialized variable ret.
|
| |
|
|
|
|
|
| |
If sssd is compiled with disabled link_all_deplibs (debian) some test could not
be properly linked. This patch add missing libraries
|
|
|
|
|
|
| |
* Stop using --target (unneeded)
* Drop explicit use of --with-default-ccache* since we now pick it up
from libkrb5
|
| |
|