Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Include the auth_utils.h header in the distributionsssd-1_8_6 | Jakub Hrozek | 2013-01-29 | 1 | -0/+1 |
| | |||||
* | TOOLS: Use file descriptor to avoid races when creating a home directory | Ondrej Kos | 2013-01-29 | 1 | -1/+3 |
| | | | | | | | | | | | | | When creating a home directory, the destination tree can be modified in various ways while it is being constructed because directory permissions are set before populating the directory. This can lead to file creation and permission changes outside the target directory tree, using hard links. This security problem was assigned CVE-2013-0219 https://fedorahosted.org/sssd/ticket/1782 | ||||
* | link sss_ssh_authorizedkeys and sss_ssh_knownhostsproxy with -lpthread | Timo Aaltonen | 2013-01-29 | 1 | -0/+2 |
| | | | | | | | | There used to be an overlinked dependency that's gone now, so to fix a build error add CLIENT_LIBS to sss_ssh_knownhostsproxy_LDFLAGS. v2: Fix sss_ssh_authorizedkeys linking as well. | ||||
* | Use PTHREAD_MUTEX_ROBUST to avoid deadlock in the client | Jakub Hrozek | 2012-09-07 | 1 | -1/+10 |
| | | | | https://fedorahosted.org/sssd/ticket/1460 | ||||
* | build: resolve link failure | Jan Engelhardt | 2012-05-11 | 1 | -0/+1 |
| | | | | | | | | | | | libtool: link: gcc -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Werror-implicit-function-declaration -fno-strict-aliasing -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -Wl,--version-script -Wl,./src/providers/sssd_be.exports -o sssd_be src/providers/data_provider_be.o src/providers/data_provider_fo.o src/providers/data_provider_opts.o src/providers/data_provider_callbacks.o src/providers/fail_over.o src/resolv/async_resolv.o -Wl,--export-dynamic -lpam -lcares ./.libs/libsss_util.a -ltevent -ltalloc -lpopt -lldb -ldbus-1 -lpcre -lini_config -lcollection -ldhash -llber -lldap -ltdb -lunistring -lcrypto /usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: src/providers/data_provider_be.o: undefined reference to symbol 'dlsym@@GLIBC_2.2.5' /usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: note: 'dlsym@@GLIBC_2.2.5' is defined in DSO /lib64/libdl.so.2 so try adding it to the linker command line /lib64/libdl.so.2: could not read symbols: Invalid operation collect2: error: ld returned 1 exit status make[2]: *** [sssd_be] Error 1 Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | ||||
* | SSH: Allow clients to explicitly specify host alias | Jan Cholasta | 2012-03-15 | 1 | -3/+1 |
| | | | | | This change removes the need to canonicalize host names on the responder side - the relevant code was removed. | ||||
* | IPA: Check nsAccountLock during PAM_ACCT_MGMT | Stephen Gallagher | 2012-03-09 | 1 | -0/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1227 | ||||
* | Properly terminate GIT_CHECKOUT | Stephen Gallagher | 2012-03-08 | 1 | -0/+1 |
| | | | | | Accidentally removed the endif in the patch removing 'make experimental-rpms' | ||||
* | Build experimental features by default in RPMs | Stephen Gallagher | 2012-03-08 | 1 | -13/+0 |
| | |||||
* | Fix the script path | Jan Zeleny | 2012-03-01 | 1 | -1/+1 |
| | |||||
* | Fix typo in script name | Stephen Gallagher | 2012-02-29 | 1 | -1/+1 |
| | |||||
* | Include the debug_level upgrade tool in the tarball | Stephen Gallagher | 2012-02-28 | 1 | -0/+1 |
| | |||||
* | SSH: Replace blocking getaddrinfo call in the responder with asynchronous ↵ | Jan Cholasta | 2012-02-27 | 1 | -1/+3 |
| | | | | resolver code | ||||
* | SSH: Refactor responder and client common code | Jan Cholasta | 2012-02-27 | 1 | -4/+7 |
| | |||||
* | pam_sss: keep selinux optional | Simo Sorce | 2012-02-23 | 1 | -1/+1 |
| | | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | ||||
* | AUTOFS: IPA provider | Jakub Hrozek | 2012-02-07 | 1 | -1/+2 |
| | |||||
* | Make sudo installation path configurable, install into libdir by default | Jakub Hrozek | 2012-02-07 | 1 | -1/+1 |
| | |||||
* | SSH: OpenSSH known_hosts client | Jan Cholasta | 2012-02-07 | 1 | -1/+10 |
| | |||||
* | SSH: OpenSSH authorized_keys client | Jan Cholasta | 2012-02-07 | 1 | -0/+16 |
| | |||||
* | SSH: Common client code | Jan Cholasta | 2012-02-07 | 1 | -1/+3 |
| | |||||
* | SSH: Responder | Jan Cholasta | 2012-02-07 | 1 | -0/+15 |
| | |||||
* | IPA: Add host info handler | Jan Cholasta | 2012-02-07 | 1 | -0/+8 |
| | |||||
* | UTIL: Provide base64 encoding and decoding functions | Jan Cholasta | 2012-02-07 | 1 | -2/+4 |
| | |||||
* | Session target in IPA provider | Jan Zeleny | 2012-02-06 | 1 | -0/+6 |
| | |||||
* | Separate the host-retrieval code from IPA HBAC to common IPA code | Jan Zeleny | 2012-02-06 | 1 | -0/+2 |
| | |||||
* | SELinux support in PAM module | Jan Zeleny | 2012-02-06 | 1 | -0/+1 |
| | |||||
* | Added some SELinux-related sysdb routines | Jan Zeleny | 2012-02-06 | 1 | -0/+2 |
| | |||||
* | Added some SELinux-related utility functions | Jan Zeleny | 2012-02-06 | 1 | -1/+3 |
| | |||||
* | Add support for generic IPA config retrieval | Jan Zeleny | 2012-02-06 | 1 | -0/+2 |
| | |||||
* | Implemented support for multiple search bases in HBAC rules and services | Jan Zeleny | 2012-02-06 | 1 | -0/+1 |
| | |||||
* | AUTOFS: LDAP provider | Jakub Hrozek | 2012-02-05 | 1 | -0/+9 |
| | |||||
* | AUTOFS: responder | Jakub Hrozek | 2012-02-05 | 1 | -0/+15 |
| | |||||
* | AUTOFS: a command-line test client | Jakub Hrozek | 2012-02-05 | 1 | -0/+11 |
| | | | | | | | | A very simply binary that can be used to test getting data from the library via SSSD in pretty much the same way SSSD would. A required positional parameter specifies the map name and the tool would print out all the key/value pairs using _sss_getautomntent_r(). You can also specify -n to query a specific key using _sss_getautomntbyname_r(). | ||||
* | AUTOFS: a client library | Jakub Hrozek | 2012-02-05 | 1 | -1/+23 |
| | | | | | | | | | | | | | | | This is the library the autofs client is using. automounter dlopen()s the library so there is no header file, no pkgconfig file and the library is in the libsss_autofs package, not in -devel. The library provides the following interface: * _sss_setautomntent() - select the map for processing * _sss_getautomntent_r() - iterates through key/value pairs in the selected map. The key is usually the mount point, the value is mount information (server:/export) * _sss_getautomntbyname_r() - returns value for a specific key. * _sss_endautomntent() deselect a map, clean up | ||||
* | AUTOFS: sysdb interface | Jakub Hrozek | 2012-02-05 | 1 | -0/+2 |
| | |||||
* | Build all experimental features during 'make distcheck' | Stephen Gallagher | 2012-02-04 | 1 | -1/+2 |
| | |||||
* | SUDO Integration - in-memory cache in responder | Pavel Březina | 2012-02-04 | 1 | -0/+1 |
| | | | | | | New sudo responder option: cache_timeout https://fedorahosted.org/sssd/ticket/1111 | ||||
* | IPA: Add support for services lookups (non-enum) | Stephen Gallagher | 2012-01-31 | 1 | -0/+2 |
| | |||||
* | LDAP: Add support for service lookups (non-enum) | Stephen Gallagher | 2012-01-31 | 1 | -0/+2 |
| | |||||
* | SUDO: Provide documentation for the SUDO API | Jakub Hrozek | 2012-01-30 | 1 | -2/+5 |
| | |||||
* | SSSDConfigAPI: Move sssd.api.* to /usr/share/sssd | Stephen Gallagher | 2012-01-30 | 1 | -2/+4 |
| | | | | https://fedorahosted.org/sssd/ticket/1158 | ||||
* | PROXY: add support for service lookups (non-enumeration) | Stephen Gallagher | 2012-01-27 | 1 | -0/+1 |
| | |||||
* | NSS: Add getservbyname and getservbyport support to the NSS Responder | Stephen Gallagher | 2012-01-27 | 1 | -0/+2 |
| | |||||
* | NSS: Add client support for services (non-enumeration) | Stephen Gallagher | 2012-01-27 | 1 | -0/+1 |
| | |||||
* | SYSDB: Add sysdb routines for manipulating service entries | Stephen Gallagher | 2012-01-27 | 1 | -0/+2 |
| | |||||
* | SUDO: include the sources in the IPA provider, too | Jakub Hrozek | 2012-01-18 | 1 | -0/+6 |
| | |||||
* | Add a new Makefile target to build RPMs with the experimental flag | Jakub Hrozek | 2012-01-17 | 1 | -4/+16 |
| | |||||
* | Export libsss_sudo as a separate package | Jakub Hrozek | 2012-01-17 | 1 | -7/+29 |
| | |||||
* | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 2012-01-17 | 1 | -0/+2 |
| | | | | | | | | https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | ||||
* | util: add murmurhash3 hash function | Simo Sorce | 2012-01-09 | 1 | -1/+3 |
| |