summaryrefslogtreecommitdiffstats
path: root/server/config
Commit message (Collapse)AuthorAgeFilesLines
* Run SSSDConfig tests during 'make check'Stephen Gallagher2009-12-101-87/+95
|
* Remove default for ldap_use_start_tls in IPA providersStephen Gallagher2009-12-101-1/+1
|
* Add 'permit' and 'deny' access providers to SSSDConfig APIStephen Gallagher2009-12-102-5/+16
|
* Fix processing of Boolean values in SSSDConfigStephen Gallagher2009-12-104-23/+169
| | | | | | | Previously, we were just casting the strings to bool, but this meant that all boolean values were "True". This patch solves the problem and adds regression tests for it.
* Add missing SSSDConfig file for IPA for make installStephen Gallagher2009-12-101-0/+1
| | | | Update tests to include IPA options
* Add missing options to sssd-ipa configuraionStephen Gallagher2009-12-091-0/+72
|
* Ensure that list_active_domains returns the real valueStephen Gallagher2009-12-091-4/+16
| | | | | | | | Previously, we were accidentally filtering out domains that were not configured, so deleted domains might still appear in the active domain list. This patch should ensure that this never happens.
* SSSDConfig.get_domain() should properly detect active stateStephen Gallagher2009-12-092-0/+30
|
* SSSDConfig API: fix deactivate_domain()Stephen Gallagher2009-12-092-2/+73
| | | | | deactivate_domain() would crash if it attempted to deactivate an already-inactive domain
* Fix SSSDConfig API bugs around [de-]activation of domainsStephen Gallagher2009-12-082-7/+152
| | | | | | | | | Adds two new public functions: SSSDConfig.activate_domain() SSSDConfig.deactivate_domain() These two functions are used during the save_domain() call to ensure that the active domain list is always kept up to date.
* Fix broken SSSDChangeConf.set() functionStephen Gallagher2009-12-081-1/+1
| | | | | | The set function didn't do anything at all. It needed to use the ipachangeconf.merge() function to behave properly instead of mergeNew()
* Reduce the verbosity of the SSSDConfigTestStephen Gallagher2009-12-081-4/+4
| | | | Now it will report only failures or final success
* Add SSSDDomain.set_name() function to SSSDConfig APIStephen Gallagher2009-12-082-3/+77
| | | | This function will change the name of an existing domain
* Make SSSDDomain.remove_provider() remove configured optionsStephen Gallagher2009-12-082-6/+54
| | | | | | | We will remove all options for a provider that are not also required by another configured provider. (For example, we will not remove krb5_realm when deleting the krb5 auth provider if the LDAP provider is in use, since it may still require this argument).
* SSSDDomain.remove_provider() requires only the provider typeStephen Gallagher2009-12-082-12/+18
| | | | | There was no valid reason to require the backend type when specifying a provider to remove.
* Fail on nonexistent input fileJakub Hrozek2009-12-082-3/+12
|
* Handle spaces in config parserJakub Hrozek2009-12-083-2/+43
| | | | Fixes: #301
* Add ldap_pwd_policy optionSumit Bose2009-11-232-0/+4
|
* Validate Kerberos credentials with local keytabSumit Bose2009-11-203-1/+11
|
* upgrade_config fixes for SSSD 0.6 and laterJakub Hrozek2009-11-201-1/+19
| | | | | | | | | Incorporates changes we made to v2 after 0.6, or that were missed by the original upgrade script: * removes magic_private_groups option * removes libPath option * changes provider=files to provider=proxy proxy_lib_name=files * changes store-legacy-passwords to store_legacy_passwords
* SSSDConfigAPI fixesJakub Hrozek2009-11-202-399/+133
| | | | | | | | | * splitlist is a function * shared SSSDConfigObject to reduce code duplication * added missing exception class * fixed some typos * remove extra 'pass' in unittests * use assertRaises in unittests
* Convert SSSDConfig API to ipachangeconfJakub Hrozek2009-11-203-59/+70
| | | | | | | With this patch, SSSDConfigAPI is able to keep comments and ordering of sections. Fixes: #226
* Change the upgrade script to use ipachangeconfJakub Hrozek2009-11-201-0/+383
| | | | | | | With this patch, the upgrade script we use for changing the config files is able to keep ordering and comments. Fixes: #249
* SSSDChangeConf - a wrapper around ipachangeconfJakub Hrozek2009-11-201-0/+91
| | | | | Provides a convenient wrapper around ipachangeconf that is closer API-wise to ConfigParser
* Add Simo's ipachangeconfJakub Hrozek2009-11-202-0/+460
|
* Make the password field configurable in NSSJakub Hrozek2009-11-182-0/+2
| | | | | | | | Per the discussion on sssd-devel list, nss_sss should not return a hardcoded value but this should rather be configurable to allow whatever the OS or distribution thinks is the best for the particular case. Fixes: #266
* Add cleanup taskSimo Sorce2009-11-101-0/+1
|
* Update midpoint refresh logic to be relative to cache timeoutStephen Gallagher2009-11-051-1/+1
|
* Rename sdap_id_map to sdap_attr_mapSimo Sorce2009-11-031-0/+2
| | | | | | Also start adding some infrastructure to use the USN counter when available. In particular add a place to add generic attrs mapping, ie attributes that are neither user nor group specific.
* Add complete pydoc for SSSDConfig APIStephen Gallagher2009-11-031-1/+534
|
* Add support for option descriptions to SSSDConfig APIStephen Gallagher2009-11-032-14/+148
| | | | | Addresses https://fedorahosted.org/sssd/ticket/242 related to authconfig integration
* Remove magic_private_groups from SSSDConfig API schemaStephen Gallagher2009-11-032-3/+0
|
* Make config_file_version a hidden setting in SSSDConfig APIStephen Gallagher2009-11-035-17/+134
| | | | | | | | The config_file_version should never be changed by the API, so we will hide the option inside the SSSDConfig API and remove it from the schema. Guarantee that the config file is of the correct version
* Tidy up ipa optionsSimo Sorce2009-10-292-5/+1
| | | | | | | | | | | | | | Do not replicate every and each option we may want to set in ipa. Just read out ldap and krb provider options (added reference in the manual too, and removed mention of ipa specific timeout values, use ldap options for that) Avoid calling auth module initialization twice, just pass the auth context to the chpass module too. Add a new ldap option SDAP_SEARCH_BASE, so that a single searching base can be used for both users and groups. the user and group search bases can still be set separately if necessary but they are now optional and set to be identical to SDAP_SEARCH_BASE if not explicitly specified in the configuration.
* Fix sssd.api.conf with correct entry_cache_timeoutStephen Gallagher2009-10-282-2/+5
| | | | | Changeset 3a21103f61bf9b60256cc2d0da54b757b634319f moved the wrong option to the domain list, and also didn't update the unit tests.
* Move responsibility for entry expiration timeoutSimo Sorce2009-10-272-2/+1
| | | | | The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
* Add IPA conf templateSimo Sorce2009-10-261-0/+9
|
* Add support for offline auth cache timeoutStephen Gallagher2009-10-221-0/+1
| | | | | | | | | This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
* Bring SSSDConfig API options up-to-dateStephen Gallagher2009-10-223-21/+68
|
* Package SSSDConfig APIStephen Gallagher2009-10-131-0/+34
|
* Add plugin configuration schema for proxy providerStephen Gallagher2009-10-131-0/+7
|
* Add new SSSDConfig python APIStephen Gallagher2009-10-129-0/+2111
Also adds unit tests for the SSSDConfig API
generated by cgit (git 2.34.1) at 2024-04-23 22:27:51 +0000