sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	Include sudo manual pages only conditionally	Jakub Hrozek	2012-01-30	1	-3/+8
\|
*	SUDO Integration - manual page	Pavel Březina	2012-01-30	1	-1/+24
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1109
*	Use the case sensitivity flag in responders	Jakub Hrozek	2011-12-16	1	-0/+14
\|
*	Fix typos in manual pages	Yuri Chornoivan	2011-11-10	1	-1/+1
\|
*	Enable the midpoint cache update by default	Stephen Gallagher	2011-09-21	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/918
*	MAN: Add more information about internal credential storage	Stephen Gallagher	2011-09-20	1	-0/+4
\|
*	DEBUG timestamps offer higher precision - man page updated	Pavel Březina	2011-09-08	1	-0/+11
\| \| \| \|	https://fedorahosted.org/sssd/ticket/956
*	Add option to specify the kerberos replay cache dir	Stephen Gallagher	2011-09-02	1	-0/+20
\| \| \| \| \| \| \|	Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980
*	New DEBUG facility - man pages	Pavel Březina	2011-08-25	1	-10/+1
\| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/925 Modified sssd and sssd.conf man pages to reflect new levels. Added new man include: include/debug_levels.xml
*	Add vetoed_shells option	John Hodrien	2011-07-29	1	-0/+8
\| \| \| \| \| \| \| \|	There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
*	Add new options to override shell value	Jakub Hrozek	2011-05-20	1	-0/+44
\| \| \| \|	https://fedorahosted.org/sssd/ticket/742
*	Add a new option to override home directory value	Jakub Hrozek	2011-05-20	1	-0/+37
\| \| \| \|	https://fedorahosted.org/sssd/ticket/551
*	Add a new option to override primary GID number	Jakub Hrozek	2011-05-20	1	-0/+9
\| \| \| \|	https://fedorahosted.org/sssd/ticket/742
*	Add pam_pwd_expiration_warning config option	Sumit Bose	2011-01-19	1	-0/+18
\|
*	Fix manpage typos	Yuri Chornoivan	2011-01-14	1	-5/+5
\|
*	Update the ID cache for any PAM request	Stephen Gallagher	2010-12-22	1	-0/+22
\| \| \| \| \| \| \| \|	Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
*	Start first enumeration immediately	Stephen Gallagher	2010-12-17	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Previously, we would wait for ten seconds before starting an enumeration. However, this meant that on the first startup (before we had run our first enumeration) there was a ten-second window where clients would immediately get back a response with no entries instead of blocking until the enumeration completed. With this patch, SSSD will now run an enumeration immediately upon startup. Further startups will retain the ten-second delay so as not to slow down system bootups. https://fedorahosted.org/sssd/ticket/616
*	Introduce pam_verbosity config option	Sumit Bose	2010-11-15	1	-0/+31
\| \| \| \| \| \| \| \| \| \| \|	Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
*	Option krb5_server is now used to store a list of KDCs instead of krb5_kdcip.	Jan Zeleny	2010-10-19	1	-1/+1
\| \| \| \| \| \| \| \|	For the time being, if krb5_server is not found, still falls back to krb5_kdcip with a warning. If both options are present in config file, krb5_server has a higher priority. Fixes: #543
*	Man pages should mention supported providers	Jan Zeleny	2010-10-13	1	-0/+8
\| \| \| \| \| \| \|	Each back end can support id, auth or access provider, but each back end supports different subset of these. Man pages should describe which providers are supported by each back end. Ticket: #615
*	Add try_inotify option	Stephen Gallagher	2010-07-09	1	-0/+28
\| \| \| \| \| \| \| \|	There are some special cases where inotify cannot be used, even if the host OS claims that it is supported. In these cases, it should be possible to explicitly disable the use of inotify. https://fedorahosted.org/sssd/ticket/484
*	Add dns_discovery_domain option	Jakub Hrozek	2010-06-30	1	-0/+13
\| \| \| \| \| \| \| \| \| \| \| \|	The service discovery used to use the SSSD domain name to perform DNS queries. This is not an optimal solution, for example from the point of view of authconfig. This patch introduces a new option "dns_discovery_domain" that allows to set the domain part of a DNS SRV query. If this option is not set, the default behavior is to use the domain part of the machine's hostname. Fixes: #479
*	Change default min_id to 1	Stephen Gallagher	2010-06-09	1	-3/+11
\| \| \| \| \|	Also update manpage for min_id/max_id to be more clear about how it relates to primary GID.
*	Man page fixes	Jakub Hrozek	2010-06-06	1	-1/+1
\| \| \| \|	Fixes: #496
*	Add enumerate details to the manpage and examples	Stephen Gallagher	2010-05-20	1	-1/+19
\|
*	Add dns_resolver_timeout option	Stephen Gallagher	2010-04-30	1	-0/+15
\| \| \| \| \| \|	We had a hard-coded timeout of five seconds for DNS lookups in the async resolver. This patch adds an option 'dns_resolver_timeout' to specify this value (Default: 5)
*	Add userdel_cmd param	Jakub Hrozek	2010-04-06	1	-0/+14
\| \| \| \|	Fixes: #231
*	Add simple access provider	Sumit Bose	2010-03-08	1	-0/+7
\|
*	Make filter_users and filter_groups also per-domain	Jakub Hrozek	2010-03-08	1	-1/+3
\| \| \| \|	Fixes: #290
*	Fix check for values of expiration limits	Jakub Hrozek	2010-02-25	1	-2/+2
\| \| \| \| \|	There were inconsistencies between what sssd.conf manpage said and what the code enforces.
*	Better cleanup task handling	Jakub Hrozek	2010-02-23	1	-0/+15
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
*	Revert "Change default for enumeration to TRUE"	Stephen Gallagher	2010-02-23	1	-1/+1
\| \| \| \|	This reverts commit 75a9f18ad8ac6e885ac34cdeebc4d8f8734713f8.
*	Do not check entries during cleanup task	Jakub Hrozek	2010-02-23	1	-1/+1
\| \| \| \| \| \| \|	Do not attempt to validate expired entries in cache, just delete them. Also increase the cache timeouts. Fixes: #331
*	Restrict family lookups	Jakub Hrozek	2010-02-22	1	-0/+28
\| \| \| \| \| \| \|	Adds a new option that tells resolver which address family to prefer or use exclusively. Fixes: #404
*	Rename server/ directory to src/	Stephen Gallagher	2010-02-18	1	-0/+808
	Also update BUILD.txt