summaryrefslogtreecommitdiffstats
path: root/server/confdb
Commit message (Collapse)AuthorAgeFilesLines
* Fix accidentally forcing MPGs on for all domainsStephen Gallagher2009-08-211-1/+1
|
* Make the LOCAL provider always use MagicPrivateGroupsStephen Gallagher2009-08-201-1/+2
| | | | Also updates the manpage for sssd.conf to denote this
* fix return value of confdb_get_domainsSumit Bose2009-08-181-0/+1
| | | | | | If the last configured domain is broken confdb_get_domains returns the return value of confdb_get_domain even if there are valid domains available.
* Monitor resolv.conf for changesStephen Gallagher2009-07-201-2/+0
| | | | | | | | | | | | | | | | | | | This patch updates the monitor_config_file() functions so that they can monitor any number of files and invoke a specified callback whenever they are modified. When inotify is available, we will add an additional watch descriptor to the inotify file descriptor. When inotify is not available, the polling function will simply loop to check each file in the monitor list. When changes are discovered in resolv.conf, the monitor will send a "resInit" signal to all of its known children. They are only required to handle this function if they need updated DNS information. Services that do not implement resInit should return DBUS_ERROR_UNKNOWN_METHOD (rather than timing out) with no ill effects.
* Improvements to config file updatesStephen Gallagher2009-07-201-1/+2
| | | | | | | | | | | | | | | 1) Some text editors will create a new file and move it into place on top of the existing file. When this happens, the kernel issues an IN_IGNORE inotify event and automatically removes the watch descriptor for that file. We'll handle the event and create a new watch descriptor for the new file. We will attempt to rewatch the file six times at five-second intervals. 2) Some scripts may append new data to the config file in several steps (such as calling echo "foo" >> sssd.conf several times). In order to handle these scripts safely, we'll defer processing of inotify events for one second after the first is detected. This should be ample time for the remainder of the script to complete.
* Adding wrappers to free data in INI API.Dmitri Pal2009-07-021-3/+3
| | | | See ticket #37 in sssd track.
* Fix segfault in update_monitor_configStephen Gallagher2009-06-191-0/+4
| | | | | | | We were stealing the memory context of only the first value in the linked-list of domains (and also services). This patch adds a memory context to hold the lists so that can be stolen along with all of the entries.
* Treat a missing provider entry as a config errorStephen Gallagher2009-06-081-2/+7
|
* Suppress "rootdse" error messages from the confdbStephen Gallagher2009-06-011-3/+4
|
* Suppress "rootdse" error messages.Stephen Gallagher2009-05-281-0/+6
| | | | | | | We will trap all LDB debug messages and pipe them into our internal DEBUG() function. LDB FATAL messages will still be printed by default, WARNING and TRACE functions will be at debug level 3 and 9, respectively.
* Silence warningsSimo Sorce2009-05-261-2/+2
|
* Fix warnings in monitor.c and confdb.cStephen Gallagher2009-05-121-1/+1
|
* Separate confdb API from confdb setupStephen Gallagher2009-05-115-371/+453
| | | | | | | Refactoring the confdb so that the setup code can be linked separately from the access API. This is being done so that our plugins do not need to link against the collection and ini_config libraries.
* Fixes for porting SSSD to Debian-based platformsStephen Gallagher2009-05-042-1/+2
|
* Avoid unnecessary reloads of config.ldbSimo Sorce2009-04-161-4/+37
| | | | | | Add code to check if the file has changed since the last update was performed. Avoid dumping and reloading the config ldb if the modification time of the configuration file has not changed at all.
* Add common function to retrieve comma sep. listsSimo Sorce2009-04-142-45/+162
| | | | | | Also convert all places where we were using custom code to parse config arguments. And fix a copy&paste error in nss_get_config
* Make reconnection to the Data Provider a global settingStephen Gallagher2009-04-141-0/+2
| | | | | | | Previously, every DP client was allowed to set its own "retries" option. This option was ambiguous, and useless. All DP clients will now use a global option set in the services config called "reconnection_retries"
* Always pass full domain infoSimo Sorce2009-04-132-73/+115
| | | | | Change sysdb to always passwd sss_domain_info, not just the domain name. This way domain specific options can always be honored at the db level.
* Allow configuration of the SSSD through /etc/sssd/sssd.confStephen Gallagher2009-04-133-98/+270
| | | | | | | | | | | | | | | | | | | The SSSD now links with the ini_config and collection libraries in the common directory. The monitor will track changes to the /etc/sssd/sssd.conf file using inotify on platforms that support it, or polled every 5 seconds on platforms that do not. At startup or modification of the conf file, the monitor will purge the existing confdb and reread it completely from the conf file, to ensure that there are no lingering entries. It does this in a transaction, so there should be no race condition with the client services. A new option has been added to the startup options for the SSSD. It is now possible to specify an alternate config file with the -c <file> at the command line.
* Remove obsolete optionSimo Sorce2009-04-081-1/+0
|
* Fix missing entry from first-start configStephen Gallagher2009-04-081-0/+1
| | | | | | Since we switched to allowing domains to be configured but inactive, we need to include the default set (just LOCAL) into the first-start config.
* Change the way we retrieve domainsSimo Sorce2009-04-082-79/+75
| | | | | | | | | | | | | To be able to correctly filter out duplicate names when multiple non-fully qualified domains are in use we need to be able to specify the domains order. This is now accomplished by the configuration paramets 'domains' in the config/domains entry. 'domains' is a comma separated list of domain names. This paramter allows also to have disbaled domains in the configuration without requiring to completely delete them. The domains list is now kept in a linked list of sss_domain_info objects. The first domain is also the "default" domain.
* fixed two issues in the initial configurationSumit Bose2009-03-302-2/+1
| | | | | - value array is not terminated properly - infopipe service is added dynamically
* Simplify default configurationSimo Sorce2009-03-203-111/+92
| | | | | | | | | | Make confdb load a base ldif like sysdb to initialize the db, makes it simpler to understand at first sight what is the default configuration. Make the parameter "command" optional. Derive the default command from available information. Make the debug level a global by default so that enabling debug for all components is as easy as passing just -d X to the sssd binary.
* Add better error reporting to confdb functionsSimo Sorce2009-03-201-29/+63
|
* Avoid nested events in confdbSimo Sorce2009-03-201-1/+15
|
* Enable MPGs and user/group enumeration on the LOCAL domain by defaultStephen Gallagher2009-03-181-3/+5
|
* use fixed paths to sockets to make sure clients and server are using the sameSumit Bose2009-03-091-0/+4
|
* Make MPG a configurable option for the domain.Simo Sorce2009-03-092-0/+12
|
* Use LOCAL for the default domain in confdb_init_dbStephen Gallagher2009-03-081-0/+4
|
* added PAM default configuration to confdb_init_dbSumit Bose2009-03-061-6/+35
| | | | | | set default value of enumerate in LOCAL domain to 1 added checks to talloc_asprintf return values fixed InfoPipe defaults
* Add internal min/max/next id management fucntionsSimo Sorce2009-03-042-1/+46
| | | | | | | | Retrieve minID and maxID from domain configuration so that lower and upper bounds can be set per domain. Add function that keeps track of the next available id, increments and returns it on requests, avoiding collisions with existing ids.
* Implement GetUserAttributes in the InfoPipeStephen Gallagher2009-03-021-2/+2
| | | | | | | | | | | | | | | | | | This patch adds support for requesting user data in the sysdb via the InfoPipe. It currently has support for reading defined entries of integral, floating-point or string types. Tasks remaining: 1) Implement call to the provider when cache is out of date 2) Support byte arrays for userpic and similar I modified sysdb_search_ctx in sysdb_search.c to accept an array of attributes to pass into the LDB search. I also made one additional related fix: the btreemap now sorts in the correct order. Previously I had accidentally transposed the two values for sorting, so the map would always have been in exact reverse order.
* Fix confdb issues.Simo Sorce2009-02-282-94/+54
| | | | | | | | | | | Avoid uninitialized memory messages in valgrind (in _btreemap_get_keys). Do not free memory we just stored in the btree (in confdb_get_domains_list). Streamline confdb_get_domains() and remove extra calls when we already have all the information handy. Do not store basedn in domain info, the base dn is always calculated out of the domain name. Remove the "provider" attribute, it was really used only to distinguish between LOCAL and other domains, directly check for LOCAL as a special case instead.
* Refactor creation of domain_map into confdbStephen Gallagher2009-02-272-21/+138
| | | | | | | | | | | | | | | | | The NSS provider, the Data Provider backends and the InfoPipe all need access to the domain map provided by the confdb. Instead of reimplimenting it in multiple places, it is now provided in a pair of helper functions from the confdb. confdb_get_domains() returns a domain map by reference. Always returns the most up-to-date set of domains from the confdb. confdb_get_domains_list() returns an array of strings of all the domain names. Always returns the most up-to-date set of domains from the confdb. This patch also modifies the btreemap_get_keys() function to better handle memory and report allocation failures.
* Rebase the code to use talloc, tdb, tevent, ldb as externalSimo Sorce2009-02-262-5/+6
| | | | | | dependencies based on the latest samba code. Convert all references to the old events library to use the renamed tevent library.
* Spec file patch Take 2:Stephen Gallagher2009-02-241-0/+4
| | | | | | | | | | | | | | | Adding support for generating RPMS for sssd. Fixing TDB autoconf macros to require version 1.1.3 and support for the tdb_repack symbol (required by LDB) Updating tdb.h to #include <sys/stat.h> for proper autoconf Build system modifications to simplify RPM generation Fixing RPM build system as recommended during code review Minor tweaks to Makefile and sssd.spec Make policykit and infopipe configurable Soname and symlinks
* Add helper function to get booleans from confdbSimo Sorce2009-02-202-9/+46
|
* Completely rework the nss interface to be able to use 2Simo Sorce2009-02-202-19/+0
| | | | | | | | | | | | | | | | | | | | | | | | | types of domains: modern and legacy modern uses member/meberof, legacy uses memberUid for group memberships. Rework the proxy backend to use the legacy style as that's the format the data comes in (trying to convert would require too many transformations and increased the number of queries). Add support for fetching groups in nss. Add support for enumerating users and groups (requires to enable enumeration in config) both in nss and in the proxy provider. Remove confdb_get_domain_basedn() and substitute with generic calls in the nss init function. Store a domain structure in the btree not the basedn so that we can add enumeration flags. Also make sure NSS understand how to make multiple calls on enumerations, also make passing the domian parameter always mandatory, passing in domain=* is not valid anymore. This work fixes also a few memory, degfault, and logic bugs found while testing all nss functions (there are still some to fix that are less critical and much harder to find yet).
* Always pass teh database path explicitly, so that test cases can useSimo Sorce2009-02-132-13/+7
| | | | | throw away databases Check version and init main db if empty
* Add skeleton for PolicyKit back-endStephen Gallagher2009-01-271-0/+16
|
* Add skeleton for InfoPipe serviceStephen Gallagher2009-01-271-3/+15
|
* Automatically generate the config.ldb if it doesn't exist (i.e. First startup)Stephen Gallagher2009-01-271-6/+83
|
* Fix a bug in confdb_get_string where attempting to return a default string ↵Stephen Gallagher2009-01-091-1/+11
| | | | of NULL would erroneously report ENOMEM.
* Replacing hard-coded paths with configure script substitutions.Stephen Gallagher2008-11-241-2/+13
| | | | Changing the default SBUS locations to be configure script parameters
* Store all domains served by the SSSD to a binary-tree map for fast NSS lookup.Stephen Gallagher2008-11-072-3/+98
| | | | | | Changed the "section" feature of confdb.c to use '/' as a delimiter instead of '.', because this conflicted with the ability to use dots in domain names.
* Add some more service functionsSimo Sorce2008-11-042-0/+46
|
* Add support for dbus comunication in the nss serviceSimo Sorce2008-11-032-0/+38
| | | | | Add utility function in confdb Make all component fetch the dbus socket from the confdb
* Add configuration database functions.Simo Sorce2008-10-202-0/+411
Convert nss responder to use the confdb