summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix release script to handle version numbers with multiple digitsStephen Gallagher2010-02-251-1/+1
|
* Update translations for releasesssd-1_0_99Stephen Gallagher2010-02-2510-667/+795
|
* Fix check for values of expiration limitsJakub Hrozek2010-02-252-3/+3
| | | | | There were inconsistencies between what sssd.conf manpage said and what the code enforces.
* Remove a check that was left behindJakub Hrozek2010-02-251-7/+1
| | | | | When refactoring talloc_asprintf calls a check was left behind that cased the backend to go offline immediately.
* Better cleanup task handlingJakub Hrozek2010-02-2311-39/+263
| | | | | | | | | | | | | | | | Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
* Store lastLogin attribute when authenticating onlineJakub Hrozek2010-02-231-0/+5
|
* Revert "Change default for enumeration to TRUE"Stephen Gallagher2010-02-232-2/+2
| | | | This reverts commit 75a9f18ad8ac6e885ac34cdeebc4d8f8734713f8.
* Include hour in 'make prerelease-rpms'Stephen Gallagher2010-02-231-2/+2
|
* Do not check entries during cleanup taskJakub Hrozek2010-02-233-82/+60
| | | | | | | Do not attempt to validate expired entries in cache, just delete them. Also increase the cache timeouts. Fixes: #331
* Do not schedule enumeration after a cleanupJakub Hrozek2010-02-231-2/+2
|
* Handle expired passwords like other PAM modulesSumit Bose2010-02-234-21/+53
| | | | | | | | | | | | | So far we handled expired password during authentication. Other PAM modules typically detect expired password during account management and return PAM_NEW_AUTHTOK_REQD if the password is expired and should be changed. The PAM library then calls the change password routines. To meet these standards pam_sss is change accordingly. As a result it is now possible to update an expired password via ssh if sssd is running with PasswordAuthentication=yes. One drawback due to limitations of PAM is that the user now has to type his current password again before setting a new one.
* Fix file permissions of config.ldbSumit Bose2010-02-231-0/+4
|
* Check and set permissions on SBUS socketsSumit Bose2010-02-237-25/+141
|
* Restrict family lookupsJakub Hrozek2010-02-2212-34/+172
| | | | | | | Adds a new option that tells resolver which address family to prefer or use exclusively. Fixes: #404
* Remove Kerberos options from confdb.hJakub Hrozek2010-02-221-8/+0
| | | | | Kerberos-specific options are pulled using dp_get_opts() and defined in Kerberos subtree. There is no need to keep these in confdb.
* Remove unnecessary domain parameter from PAM requestsStephen Gallagher2010-02-222-28/+5
| | | | | | If we're sending a message to the backend, we already know which domain the request is targeting. Carrying this information is not useful and confuses the interface.
* Remove unnecessary "domain" parameter from DP registrationStephen Gallagher2010-02-226-10/+7
| | | | | | This was a holdover from when the DP and the providers were unique processes. The NSS and PAM registrations do not need to send the domain, as it is not ambiguous which one they are talking to.
* Add documentation for PAM response messagesSumit Bose2010-02-194-20/+273
|
* Remove unneeded items from struct pam_dataSumit Bose2010-02-198-89/+71
|
* Update PL translationPiotr Drąg2010-02-191-5/+5
|
* Disable rpath support in the linkerStephen Gallagher2010-02-191-1/+2
| | | | The Fedora Package Guidelines forbid the use of rpaths
* Send Kerberos environment after password changeSumit Bose2010-02-191-1/+1
|
* Fix two typosSumit Bose2010-02-191-2/+2
|
* Updating ES translationDomingo Becker2010-02-191-11/+12
|
* Fix bad mergeStephen Gallagher2010-02-184-1/+3
| | | | | | | | Merging ba8937d83675c7d69808d1d3df8f823afdc5ce2a left the COPYING and COPYING.LESSER files in the now-defunct sss_client directory. This patch moves them into the right location and fixes the spec file to look for them correctly.
* Fix licensing issues for sss_clientStephen Gallagher2010-02-188-32/+914
|
* Properly license libdhashStephen Gallagher2010-02-184-0/+88
|
* Fix licensing issues in SSSDStephen Gallagher2010-02-183-0/+72
|
* License libpath_utils under LGPLStephen Gallagher2010-02-182-7/+38
|
* Build all manpages from a single locationStephen Gallagher2010-02-182-1/+1
|
* Rename server/ directory to src/Stephen Gallagher2010-02-18243-23/+12
| | | | Also update BUILD.txt
* Remove unneeded files from sss_clientStephen Gallagher2010-02-1822-4031/+0
|
* Merge sss_client and sss_daemon translations togetherStephen Gallagher2010-02-1812-13/+1103
|
* Eliminate separate build tree for sss_clientStephen Gallagher2010-02-1842-7/+69
|
* Use macros to hide memcpy callsJakub Hrozek2010-02-185-149/+71
| | | | | The memcpy calls introduced in the memalign patches are ugly. This patch hides them behind a set of macros.
* Supress warnings with -O2Jakub Hrozek2010-02-185-12/+10
|
* Add test for number of options in IPA and LDAP backendsJakub Hrozek2010-02-164-6/+75
|
* Synchronize IPA and LDAP optionsJakub Hrozek2010-02-161-2/+4
|
* Remove replaceSumit Bose2010-02-1671-14732/+3
|
* Make PAM responses more compatible with D-BUS specStephen Gallagher2010-02-152-34/+108
| | | | | | | | | | Previously, the PAM responses could contain an arbitrary number of arguments. This is not acceptable by the D-BUS protocol, as there is no way to introspect it. This patch converts the response objects to be an array of D-BUS structs. It also fixes two potential memory leaks by not unref'ing the reply object if we get an error.
* Make attr_type an integerStephen Gallagher2010-02-152-20/+14
| | | | | | Previously it was a string being passed and converted into an integer. It will be more efficient this way (and simpler for other implementers)
* Add doxygen docs for ConfDBStephen Gallagher2010-02-155-14/+1761
|
* Add check for broken LDAP connection callbacksSumit Bose2010-02-122-2/+12
|
* sss_groupshow: separate member lists by commaJakub Hrozek2010-02-121-3/+6
| | | | Fixes: #398
* Remove ELAPI from the SSSD repositoryStephen Gallagher2010-02-1240-8421/+3
| | | | | ELAPI now lives in its own project at https://fedorahosted.org/ELAPI
* gitignore additionsJakub Hrozek2010-02-121-0/+3
|
* Make change password errors more transparentSumit Bose2010-02-129-24/+228
|
* Don't pass a variable as format to talloc_asprintf()Martin Nagy2010-02-122-2/+2
| | | | This practice is not recommended and can also be dangerous.
* sss_groupshow improvementsJakub Hrozek2010-02-102-104/+698
| | | | | | | | | This patch fixes the following issues: * man page issues (#395) * show info on MPGs (#396) * recursively print indirect members (#397) * the list of groupnames is comma separated (#398) * output inconsistencies (#399)
* Make collection_queue.h and collection_stack.h into public headersStephen Gallagher2010-02-102-3/+5
|
generated by cgit (git 2.34.1) at 2024-05-08 03:51:40 +0000