sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add option to specify the kerberos replay cache dir	Stephen Gallagher	2011-09-07	1	-0/+1
\| \| \| \| \| \| \|	Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980
*	Support overriding attribute values locally	Jakub Hrozek	2011-06-02	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add a new option to override primary GID number https://fedorahosted.org/sssd/ticket/742 Add a new option to override home directory value https://fedorahosted.org/sssd/ticket/551 Add new options to override shell value https://fedorahosted.org/sssd/ticket/742 Conflicts: src/conf_macros.m4
*	Add pam_pwd_expiration_warning config option	Sumit Bose	2011-01-19	1	-0/+1
\|
*	Do not force a default for debug_level	Stephen Gallagher	2011-01-17	1	-1/+1
\|
*	Update the ID cache for any PAM request	Stephen Gallagher	2010-12-22	1	-0/+1
\| \| \| \| \| \| \| \|	Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
*	Introduce pam_verbosity config option	Sumit Bose	2010-11-15	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \|	Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
*	Add dns_discovery_domain option	Jakub Hrozek	2010-06-30	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \|	The service discovery used to use the SSSD domain name to perform DNS queries. This is not an optimal solution, for example from the point of view of authconfig. This patch introduces a new option "dns_discovery_domain" that allows to set the domain part of a DNS SRV query. If this option is not set, the default behavior is to use the domain part of the machine's hostname. Fixes: #479
*	Change default min_id to 1	Stephen Gallagher	2010-06-09	1	-1/+1
\| \| \| \| \|	Also update manpage for min_id/max_id to be more clear about how it relates to primary GID.
*	Add dns_resolver_timeout option	Stephen Gallagher	2010-04-30	1	-0/+1
\| \| \| \| \| \|	We had a hard-coded timeout of five seconds for DNS lookups in the async resolver. This patch adds an option 'dns_resolver_timeout' to specify this value (Default: 5)
*	Make filter_users and filter_groups also per-domain	Jakub Hrozek	2010-03-08	1	-0/+2
\| \| \| \|	Fixes: #290
*	Better cleanup task handling	Jakub Hrozek	2010-02-23	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
*	Restrict family lookups	Jakub Hrozek	2010-02-22	1	-0/+1
\| \| \| \| \| \| \|	Adds a new option that tells resolver which address family to prefer or use exclusively. Fixes: #404
*	Rename server/ directory to src/	Stephen Gallagher	2010-02-18	1	-0/+66
	Also update BUILD.txt