summaryrefslogtreecommitdiffstats
path: root/server/responder/nss/nsssrv.c
Commit message (Collapse)AuthorAgeFilesLines
* Rename server/ directory to src/Stephen Gallagher2010-02-181-367/+0
| | | | Also update BUILD.txt
* Make the password field configurable in NSSJakub Hrozek2009-11-181-0/+7
| | | | | | | | Per the discussion on sssd-devel list, nss_sss should not return a hardcoded value but this should rather be configurable to allow whatever the OS or distribution thinks is the best for the particular case. Fixes: #266
* Update midpoint refresh logic to be relative to cache timeoutStephen Gallagher2009-11-051-5/+6
|
* Move responsibility for entry expiration timeoutSimo Sorce2009-10-271-10/+0
| | | | | The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
* Remove two unused functions.Stephen Gallagher2009-10-151-8/+0
| | | | | | These functions were used when reconnecting to the DP after losing the connection. Since there is no DP any longer, there's no reason to have these functions.
* Remove DP processSimo Sorce2009-10-091-16/+16
| | | | | Turn the backend process into data provider servers Make Frontends (pam, nss) directly attach to the backends
* Remove unused btreemap codeStephen Gallagher2009-10-061-1/+0
| | | | | We have converted to using dhash in place of btreemap everywhere in the code.
* Send debug messages to logfileJakub Hrozek2009-09-251-1/+3
| | | | | | | | | | | | | Introduces a new option --debug-to-files which makes SSSD output its debug information to a file instead of stderr, which is still the default. Also introduces a new confdb option debug_to_files which does the same, but can be specified per-service in the config file. The logfiles are stored in /var/log/sssd by default. Changes the initscript to log to files by default.
* Upgrade confdb to version 2Stephen Gallagher2009-09-251-21/+41
| | | | | This converts a great many configuration options to the new standard format.
* Revert "Use syslog for logging error conditions in SSSD"Stephen Gallagher2009-09-231-18/+10
| | | | | | | | This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d. Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made use of the SYSLOG_ERROR() macro, so those portions of that code also needed to be reverted.
* Use syslog for logging error conditions in SSSDJakub Hrozek2009-09-211-10/+18
| | | | | This is just a band-aid until ELAPI is fully functional and ready to use.
* Add support for the EntryCacheNoWaitRefreshTimeoutStephen Gallagher2009-09-091-0/+16
| | | | | | | | This timeout specifies the lifetime of a cache entry before it is updated out-of-band. When this timeout is hit, the request will still complete from cache, but the SSSD will also go and update the cached entry in the background to extend the life of the cache entry and reduce the wait time of a future request.
* fix handling of filtersUsers in groupsSumit Bose2009-08-211-17/+22
| | | | | | | | - with the boolean option filterUsersInGroups it can be controlled wether filtered users appear in groups or not. - fixed an error which prevented the display of groups with filtered members - removed some tab indents
* Fix reconnection codeSimo Sorce2009-08-171-16/+24
| | | | | | | Remove redundant reconnection code that was interfeering with the sbus reconnection code. Consolidate include files for sbus relates operations. Make pamsrv code similar to nsssrv code.
* Change the why DP clients identifySimo Sorce2009-08-111-3/+15
| | | | Mirrors what we have done with the monitor.
* Change services identification mechanismSimo Sorce2009-08-111-74/+5
| | | | | | | Let services identify themselves voiluntarily as the first operation instead of polling from the monitor. Also consolidate some common functions and make them available as monitor helpers.
* Make child processes exit when parent diesJakub Hrozek2009-08-111-0/+6
| | | | | | | | The child processes call prctl() and when their parent process is killed, they are sent SIGTERM using prctl. This is currently Linux-specific, for non-Linuxes, a similar effect is achieved by catching a set of common termination signals and sending SIGTERM to the process group.
* Simplify interfaces initializationSimo Sorce2009-08-101-20/+19
| | | | | | | Make as much as possible static, and remove use of talloc_reference and allocation/deallocation of memory when not necessary. Fix also responder use of rctx->conn, was mistakenly used for both monitor and dp connections.
* Cosmetic changesSimo Sorce2009-08-101-15/+15
| | | | | Rationalize and rename connection names in preparatoin for merging of server and connection structures.
* Remove redundant memory contextsSimo Sorce2009-08-101-3/+3
| | | | Simplify code by removing stuff that is never used or redundant.
* Implement resInit for monitor, NSS, PAM, DP and the backendsStephen Gallagher2009-07-201-0/+20
|
* Add common function to retrieve comma sep. listsSimo Sorce2009-04-141-11/+13
| | | | | | Also convert all places where we were using custom code to parse config arguments. And fix a copy&paste error in nss_get_config
* Make reconnection to the Data Provider a global settingStephen Gallagher2009-04-141-5/+2
| | | | | | | Previously, every DP client was allowed to set its own "retries" option. This option was ambiguous, and useless. All DP clients will now use a global option set in the services config called "reconnection_retries"
* Add reconnection code between the NSS responder and the Data providerStephen Gallagher2009-04-141-1/+52
|
* Change the way we retrieve domainsSimo Sorce2009-04-081-24/+8
| | | | | | | | | | | | | To be able to correctly filter out duplicate names when multiple non-fully qualified domains are in use we need to be able to specify the domains order. This is now accomplished by the configuration paramets 'domains' in the config/domains entry. 'domains' is a comma separated list of domain names. This paramter allows also to have disbaled domains in the configuration without requiring to completely delete them. The domains list is now kept in a linked list of sss_domain_info objects. The first domain is also the "default" domain.
* Unify name parsing and reposnder headersSimo Sorce2009-04-071-23/+5
| | | | | | Use common sss_parse_name function in all responders Simplify responder headers by combining common,cmd,dp in one header and add name parse structure as part of the common responder context.
* Add a more flexible way to parse and filter names.Simo Sorce2009-04-011-8/+120
| | | | | | | | | | A new nss_parse_name function uses pcre to parse names, this makes it possible, in future, to make the filter user configurable. Add a new filter mechanism to filter out users that uses the negative cache by setting a permanet negative entry. Rework the entry points where the negative cache is checked for.
* Make nsssrv use the common responder functionsSimo Sorce2009-03-271-355/+18
| | | | | Make nss_ctx a private pointer of the common resp_ctx Use sss_process_init and remove all duplicate functions from nsssrv.c
* Fix buildSimo Sorce2009-03-241-1/+1
| | | | forgot to commit a few changes
* Retrieve some options from confdbSimo Sorce2009-03-201-6/+39
| | | | This fixes some old 'Fixme's :)
* Enhance server_setupSimo Sorce2009-03-201-1/+1
| | | | | | | Now it can load from scratch default configuration that is valid for all daemons. First thing, make it possible for each daemon/provider to set its own debug level in its configuration entry.
* Implement Negative cache for NSSSimo Sorce2009-03-131-0/+8
| | | | | | | As for positive caches, negative caches are implement for all queries except enumerations. Also set the correct requires in sssd.spec as we now depend directly on tdb as well.
* use fixed paths to sockets to make sure clients and server are using the sameSumit Bose2009-03-091-0/+5
|
* Add enumeration backout period.Simo Sorce2009-03-041-0/+1
| | | | | | | | | If an enumeration has been requested recently enough, force the nss responder to read from the cache and not go out to each backend and do slow network operations. This greatly improves performances if enumerations are used often. Currently the balcout period is harcoded to 2 min, we will need to make it a configurable option.
* Refactor creation of domain_map into confdbStephen Gallagher2009-02-271-80/+3
| | | | | | | | | | | | | | | | | The NSS provider, the Data Provider backends and the InfoPipe all need access to the domain map provided by the confdb. Instead of reimplimenting it in multiple places, it is now provided in a pair of helper functions from the confdb. confdb_get_domains() returns a domain map by reference. Always returns the most up-to-date set of domains from the confdb. confdb_get_domains_list() returns an array of strings of all the domain names. Always returns the most up-to-date set of domains from the confdb. This patch also modifies the btreemap_get_keys() function to better handle memory and report allocation failures.
* Serialize access to sysdb and also exposes ldb transactions.Simo Sorce2009-02-261-1/+9
| | | | | | This is necessary because in ldb only 1 transaction per context is possible and all operations (or new transactions) are nested within it. Will revisit this later when ldb will addresses the problem.
* Rebase the code to use talloc, tdb, tevent, ldb as externalSimo Sorce2009-02-261-16/+16
| | | | | | dependencies based on the latest samba code. Convert all references to the old events library to use the renamed tevent library.
* Add PAM responderSumit Bose2009-02-241-0/+590
Also move responders under server/responder with shared code in server/responder/common Signed-off-by: Simo Sorce <ssorce@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-28 21:30:37 +0000