summaryrefslogtreecommitdiffstats
path: root/src/man
Commit message (Collapse)AuthorAgeFilesLines
* Updating translations for 1.5.2 releasesssd-1_5_2Stephen Gallagher2011-03-107-68/+14403
|
* Use realm for basedn instead of IPA domainJakub Hrozek2011-02-281-0/+15
| | | | https://fedorahosted.org/sssd/ticket/807
* Fix for generating lists of translated man pagesSumit Bose2011-02-171-6/+6
| | | | | | In some automatic build environments the lists of translated man pages were not generated properly because ls put multiple file names into a single single.
* updating sss_obfuscate man page accordinglyGowrishankar Rajaiyan2011-02-031-2/+1
|
* Updating uk translationYuri Chornoivan2011-01-271-88/+118
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Update man.stamp when the potfile or po4a.cfg is updatedStephen Gallagher2011-01-251-1/+1
|
* Update translation files for string freezeStephen Gallagher2011-01-243-850/+1313
| | | | Earlier patch for strings was incomplete
* Updating translation files for string freezeStephen Gallagher2011-01-211-197/+212
|
* Updating uk manpage translationYuri Chornoivan2011-01-211-355/+496
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Add ldap_tls_{cert,key,cipher_suite} config optionsTyson Whitehead2011-01-201-0/+41
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Add pam_pwd_expiration_warning config optionSumit Bose2011-01-191-0/+18
|
* Add ipa_hbac_search_base config optionSumit Bose2011-01-191-0/+13
|
* Add LDAP expire policy base RHDS/IPA attributeSumit Bose2011-01-191-0/+20
| | | | | The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
* Add LDAP expire policy based on AD attributesSumit Bose2011-01-191-0/+35
| | | | | | The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
* Fix usability of sss_obfuscate commandStephen Gallagher2011-01-171-2/+2
|
* Update manpage translations for ldap_enumeration_search_timeoutStephen Gallagher2011-01-173-333/+391
|
* Add ldap_search_enumeration_timeout config optionSumit Bose2011-01-171-5/+23
|
* Regenerate manpage po[t] filesStephen Gallagher2011-01-143-2955/+5262
| | | | Fixed several typos
* Fix manpage typosYuri Chornoivan2011-01-144-9/+9
|
* Add uk translation for manpagesYuri Chornoivan2011-01-142-1/+4386
|
* Build and install translated man pages by defaultSumit Bose2010-12-231-23/+31
|
* Update the ID cache for any PAM requestStephen Gallagher2010-12-221-0/+22
| | | | | | | | Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
* Add Czech translationJakub Hrozek2010-12-223-0/+8428
| | | | | Translated a couple of strings from manpages into Czech. Makes the manpage translation patch testable.
* Make manual pages translatableJakub Hrozek2010-12-223-1/+183
| | | | | | | | | Utilizes PO4A to extract translatable strings from Docbook XML sources and allows translators to submit ordinary .PO files. PO4A then generates translated Docbook documents that can be used to generate translated end user documentation. https://fedorahosted.org/sssd/ticket/297
* Add authorizedService supportStephen Gallagher2010-12-211-0/+26
| | | | https://fedorahosted.org/sssd/ticket/670
* Start first enumeration immediatelyStephen Gallagher2010-12-171-0/+5
| | | | | | | | | | | | | | Previously, we would wait for ten seconds before starting an enumeration. However, this meant that on the first startup (before we had run our first enumeration) there was a ten-second window where clients would immediately get back a response with no entries instead of blocking until the enumeration completed. With this patch, SSSD will now run an enumeration immediately upon startup. Further startups will retain the ten-second delay so as not to slow down system bootups. https://fedorahosted.org/sssd/ticket/616
* Add group support to the simple access providerStephen Gallagher2010-12-131-13/+43
| | | | | | | | | | | | | This patch adds simple_allow_groups and simple_deny_groups options to the simple access provider. It makes it possible to grant or deny access based on a user's group memberships within the domain. This patch makes one minor change to previous functionality: now all deny rules will supersede allow rules. Previously, if both simple_allow_users and simple_deny_users were set with the same value, the allow would win. https://fedorahosted.org/sssd/ticket/440
* Fix a typo in sssd-krb5 man pageMarko Myllynen2010-12-081-1/+1
|
* Replace krb5_kdcip by krb5_server in LDAP providerSumit Bose2010-12-071-1/+7
|
* Add support for FAST in krb5 providerSumit Bose2010-12-071-0/+35
|
* Add ldap_chpass_uri config optionSumit Bose2010-12-061-0/+34
|
* Add new account expired rule to LDAP access providerSumit Bose2010-12-061-1/+54
| | | | | | | | | | | | | | Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
* Allow krb5 lifetime values without a unitSumit Bose2010-12-031-0/+8
|
* Add support for automatic Kerberos ticket renewalSumit Bose2010-12-031-0/+18
|
* Add krb5_lifetime optionSumit Bose2010-12-031-0/+32
|
* Add krb5_renewable_lifetime optionSumit Bose2010-12-031-0/+32
|
* Allow protocol fallback for SRV queriesJakub Hrozek2010-12-013-0/+17
| | | | https://fedorahosted.org/sssd/ticket/691
* Add SIGUSR2 to reset offline statusSumit Bose2010-11-221-0/+9
|
* Add signal documentation to sssd(8)Stephen Gallagher2010-11-221-0/+35
| | | | https://fedorahosted.org/sssd/ticket/665
* Fix man pageSumit Bose2010-11-191-2/+2
| | | | | | Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication.
* Introduce pam_verbosity config optionSumit Bose2010-11-151-0/+31
| | | | | | | | | | | Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
* Properly document ldap_purge_cache_timeoutStephen Gallagher2010-11-151-0/+19
| | | | Also allow it to be disabled entirely
* Review comments for namingContexts patchesSumit Bose2010-11-051-9/+3
|
* Make ldap_search_base a non-mandatory optionSumit Bose2010-11-041-3/+20
|
* Call krb5_child to check access permissionsSumit Bose2010-11-041-0/+8
|
* Add ldap_deref optionSumit Bose2010-10-221-0/+35
|
* Option krb5_server is now used to store a list of KDCs instead of krb5_kdcip.Jan Zeleny2010-10-192-3/+9
| | | | | | | | For the time being, if krb5_server is not found, still falls back to krb5_kdcip with a warning. If both options are present in config file, krb5_server has a higher priority. Fixes: #543
* Move all references to ldap_<entity>_search_base to "advanced" sectionJan Zeleny2010-10-181-42/+52
| | | | | | | The <entity> can be one of user, group or netgroup. The references were removed from example configuration and they were moved from section Configuration options to section Advanced options. Ticket: #607
* Add option to limit nested groupsSimo Sorce2010-10-181-0/+16
|
* Add infrastructure to LDAP provider for netgroup supportSumit Bose2010-10-131-0/+91
|