| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
Init tools ctx in groupadd before copying its value
|
| |
|
|
| |
Don't convert username->uid in userdel, use DN
|
| |
|
|
|
|
|
|
|
| |
When the sysdb LDB file does not exist on the system, the first
attempt to connect to it will invoke a creation routine. However,
both the NSS and the InfoPipe are started in parallel by the
monitor, resulting in a race condition as they both try to
initialize the sysdb. The easiest fix for this is to simply have
the monitor create the sysdb before it launches NSS and InfoPipe.
|
| | |
|
| | |
|
| |
|
|
| |
Also fixed two minor bugs in CreateUser
|
| | |
|
| |
|
|
| |
Also install tools into /sbin, own them in specfile
|
| | |
|
| |
|
|
|
|
|
| |
If an SBUS function returns an error code, we'll immediately
return an error reply to the client stating "Internal Error"
instead of ignoring the request and forcing the client to wait
for a timeout.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Changed the order of the arguments to CreateUser in the
Introspection XML to match the other functions (domain belongs
second on the list)
A few other minor fixes as well:
Fixed a typo in SYSDB_GETCACHED_FILTER and sysdb_transaction_end().
Added missing error handling in infp_do_user_set_uid().
|
| | |
|
| |
|
|
|
| |
The first functional command is sss_useradd
(Name is temporary, while looking for a better one)
|
| |
|
|
|
|
| |
set default value of enumerate in LOCAL domain to 1
added checks to talloc_asprintf return values
fixed InfoPipe defaults
|
| |
|
|
|
| |
We need to add the domain when users are not part of the default
domain, otherwise name conflicts may happen.
|
| |
|
|
| |
enable --without-tests
|
| |
|
|
| |
Also unify SYSDB_PW_NAME and SYSDB_GR_NAME in SYSDB_NAME and make it "name"
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This function allows a caller to retrieve a list of users who have
logged in on the system, specifying an optional minimum last login
time to trim the list.
I modified sysdb_enumpwent to accept an optional search argument.
GetCachedUsers takes advantage of this argument to limit the search
by the last login time.
I also found and fixed a few additional low-memory conditions
around D-BUS message replies.
|
| |
|
|
|
|
| |
Calulates next id automatically if uid/gid are not specified.
Fixes to sysdb_get_next_available_id.
Add tests to create users and groups through the new functions.
|
| |
|
|
|
|
|
|
|
|
| |
The InfoPipe interface
Set_YouReallyDoNotWantToUseThisFunction_UserUID1 is now available.
I also fixed a memory leak in SetUserAttributes and modified the
prototype for infp_get_permissions to make it more clear that the
first argument is the caller's username, not the username being
checked for permission.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Retrieve minID and maxID from domain configuration so that lower
and upper bounds can be set per domain.
Add function that keeps track of the next available id, increments
and returns it on requests, avoiding collisions with existing ids.
|
| |
|
|
|
|
|
|
|
| |
If an enumeration has been requested recently enough, force the
nss responder to read from the cache and not go out to each backend
and do slow network operations. This greatly improves performances
if enumerations are used often.
Currently the balcout period is harcoded to 2 min, we will need to make
it a configurable option.
|
| |
|
|
|
|
|
|
|
| |
SetUserAttributes is now available for use in the Infopipe.
I also reorganized a few of the internal InfoPipe objects to
reduce code duplication.
One very simple test is included in this checkin to validate that
the parser is working.
|
| |
|
|
|
|
|
|
|
|
| |
Use only one context (the local request) for all functions.
Use new helper function in sysdb to set numbers as sysdb_attrs values.
Do not use pam_status to report internal errors, use an error variable
and check it only when we finally reply.
Use sysdb_error_to_errno() to convert and ldb error to errno.
Do not free every single buffer allocated, they are all appended to the
local request and will be automatically freed once the request is finished.
|
| |
|
|
|
|
| |
Add comments in header files to better explain interfaces and intended usage.
Expose function to convert from ldb errors to errnos.
Add sysdb_attrs helper to add a long integer as a value.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Provide also helper functions to build struct sysdb_attrs.
Also fix sysdb_get_user_attr() to have a consistent interface
as all other functions.
|
| | |
|
| |
|
|
|
| |
Just make sure that the memory passed in is either static or allocated on the
same memory context that is parent of the btreemap.
|
| |
|
|
|
|
|
|
| |
We now have support for reading binary blobs such as userpic from
the sysdb and returning it to an InfoPipe consumer as a byte array.
I also cleaned up some code in create_getattr_result_map to make
it easier to read.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for requesting user data in the sysdb via
the InfoPipe. It currently has support for reading defined entries
of integral, floating-point or string types.
Tasks remaining:
1) Implement call to the provider when cache is out of date
2) Support byte arrays for userpic and similar
I modified sysdb_search_ctx in sysdb_search.c to accept an array of
attributes to pass into the LDB search.
I also made one additional related fix: the btreemap now sorts in the
correct order. Previously I had accidentally transposed the two
values for sorting, so the map would always have been in exact
reverse order.
|
| |
|
|
|
| |
Own everything in /usr/libexec/sssd in specfile, no nss_client subdir
Place memberof.so in /usr/lib/ldb
|
| | |
|
| |
|
|
|
| |
Only legacy functions are fully tested now.
TODO: add new tests for non-legacy backend operations.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Avoid uninitialized memory messages in valgrind (in _btreemap_get_keys).
Do not free memory we just stored in the btree (in confdb_get_domains_list).
Streamline confdb_get_domains() and remove extra calls when we already have
all the information handy.
Do not store basedn in domain info, the base dn is always calculated out of
the domain name.
Remove the "provider" attribute, it was really used only to distinguish between
LOCAL and other domains, directly check for LOCAL as a special case instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The NSS provider, the Data Provider backends and the InfoPipe all
need access to the domain map provided by the confdb. Instead of
reimplimenting it in multiple places, it is now provided in a pair
of helper functions from the confdb.
confdb_get_domains() returns a domain map by reference. Always
returns the most up-to-date set of domains from the confdb.
confdb_get_domains_list() returns an array of strings of all the
domain names. Always returns the most up-to-date set of domains
from the confdb.
This patch also modifies the btreemap_get_keys() function to
better handle memory and report allocation failures.
|
| |
|
|
|
|
| |
This is necessary because in ldb only 1 transaction per context is possible
and all operations (or new transactions) are nested within it.
Will revisit this later when ldb will addresses the problem.
|
| | |
|
| |
|
|
|
|
| |
dependencies based on the latest samba code.
Convert all references to the old events library to use the
renamed tevent library.
|
| |
|
|
|
|
| |
Also updating the .gitignore file to not ignore config.ldif
Signed-off-by: Simo Sorce <ssorce@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <ssorce@redhat.com>
|
| | |
|
