summaryrefslogtreecommitdiffstats
path: root/src/providers/data_provider_be.c
Commit message (Collapse)AuthorAgeFilesLines
* Change refreshing of subdomainsSimo Sorce2012-08-011-1/+0
| | | | | | | | | This patch keeps a local copy of the subdomains in the ipa subdomains plugin context. This has 2 advantages: 1. allows to check if anything changed w/o always hitting the sysdb. 2. later will allows us to dump this information w/o having to retrieve it again. The timestamp also allows to avoid refreshing too often.
* Use a more tractable name for subdomain requestSimo Sorce2012-08-011-2/+2
| | | | | I am all for readable names, but there is a tradeof between expressing purpose and compactness.
* Move SELinux processing from session to account PAM stackJan Zeleny2012-07-271-0/+25
| | | | | | | | | | | | | | The idea is to rename session provider to selinux provider. Processing of SELinux rules has to be performed in account stack in order to ensure that pam_selinux (which is the first module in PAM session stack) will get the correct input from SSSD. Processing of account PAM stack is bound to access provider. That means we need to have two providers executed when SSS_PAM_ACCT_MGMT message is received from PAM responder. Change in data_provider_be.c ensures just that - after access provider finishes its actions, the control is given to selinux provider and only after this provider finishes is the result returned to PAM responder.
* Renamed session provider to selinux providerJan Zeleny2012-07-271-8/+6
|
* Always free request in data provider PAM callbackJan Zeleny2012-07-271-2/+3
| | | | In case of error the request wasn't freed and the callback just ended.
* sudo backend - add support for on demand refresh of specific rulesPavel Březina2012-06-291-7/+61
|
* sudo backend - support only on demand full refreshPavel Březina2012-06-291-28/+4
|
* Move some debug lines to new debug log levelsStef Walter2012-06-201-1/+1
| | | | | | | * These are common lines of debug output when starting up sssd https://bugzilla.redhat.com/show_bug.cgi?id=811113
* subdomains: Fix error handling in Data ProviderJakub Hrozek2012-05-101-19/+37
| | | | | The subdomains back end request was sending replies in a format the responder did not understand in case the request failed.
* SSH: Add dp_get_host_send to common responder codeJakub Hrozek2012-05-031-21/+11
| | | | | | | | Instead of using account_info request, creates a new ssh specific request. This improves code readability and will make the code more flexible in the future. https://fedorahosted.org/sssd/ticket/1176
* Rename split_service_name_filterJakub Hrozek2012-05-031-16/+16
| | | | | The function was used outside services code which was confusing due to its name. This patch renames it to sound more netrual.
* DP: return correct error message when subdomains back end target is not ↵Jakub Hrozek2012-05-021-1/+1
| | | | | | configured The done handler uses the value of status, not ret.
* Carry sysdb context and domain info in be_req structureJan Zeleny2012-04-241-0/+2
|
* Basic support for subdomains in auth providerJan Zeleny2012-04-241-3/+5
|
* Add domain name to get_account_info requestSumit Bose2012-04-241-0/+9
|
* data provider: added subdomainsSumit Bose2012-04-241-0/+160
|
* autofs: load the correct optionJakub Hrozek2012-04-161-1/+1
|
* Catch cases where D-Bus connection is NULLJakub Hrozek2012-04-051-0/+20
| | | | https://fedorahosted.org/sssd/ticket/1270
* DP: Reorganize memory hierarchy of requestsStephen Gallagher2012-03-051-24/+108
| | | | | | | | | | | | | This function alters the memory hierarchy of the be_req to ensure memory safety during shutdown. It creates a spy on the be_cli object so that it will free the be_req if the client is freed. It is generally allocated atop the private data context for the appropriate back-end against which it is being filed. https://fedorahosted.org/sssd/ticket/1226
* Keep sysdb context in domain info structSumit Bose2012-02-291-8/+2
|
* PAM: Don't send PAM_SYSTEM_INFO message if module unsetStephen Gallagher2012-02-271-7/+3
| | | | | | | | We now have a session module that is only available for the IPA provider. We should not be logging noisily that other providers do not have the session provider configured. https://fedorahosted.org/sssd/ticket/1211
* SSH: Save SSH host name aliasesJan Cholasta2012-02-261-1/+3
|
* Fix bad failure handling in be_sudo_handler()Stephen Gallagher2012-02-131-13/+13
| | | | | | | If the dbus_message_get_args() failed, we would have been dereferencing a NULL be_req. Coverity #12490
* Remove dead codeStephen Gallagher2012-02-131-9/+0
| | | | Coverity #12529
* AUTOFS: IPA providerJakub Hrozek2012-02-071-1/+1
|
* SSH: ResponderJan Cholasta2012-02-071-0/+5
|
* DP: Add host info handlerJan Cholasta2012-02-071-0/+193
|
* Add session target in data providerJan Zeleny2012-02-061-1/+19
|
* AUTOFS: Data Provider requestJakub Hrozek2012-02-051-30/+308
|
* SUDO Integration - prepare data provider for new responder commandsPavel Březina2012-01-271-58/+85
| | | | https://fedorahosted.org/sssd/ticket/1143
* Use the new SUDO request in DP and sudo responderJakub Hrozek2012-01-271-19/+48
| | | | | | Also remove the old request implementation https://fedorahosted.org/sssd/ticket/1115
* DP: Handle parsing extra results in be_get_account_infoStephen Gallagher2012-01-271-33/+69
|
* SUDO Integration review issuesPavel Březina2012-01-171-4/+4
|
* Move child_common routines to utilStephen Gallagher2011-12-191-1/+1
|
* Add common SIGCHLD handling for providers.Pavel Zuna2011-12-191-0/+9
|
* SUDO integration - data provider backend handlerPavel Březina2011-12-161-0/+158
|
* Append PID to sbus server socket name, let clients use a symlinkJakub Hrozek2011-10-131-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1034
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-251-1/+4
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - conversionPavel Březina2011-08-251-0/+2
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* Allow changing the log level without restartStephen Gallagher2011-05-061-5/+20
| | | | | | We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
* Create common sss_monitor_init()Stephen Gallagher2011-05-061-35/+3
| | | | | | | | This was implemented almost identically for both the responders and the providers. It is easier to maintain as a single routine. This patch also adds the ability to provide a private context to attach to the sbus_connection for later use.
* Remove unused be_check_online() SBUS callJan Zeleny2011-03-081-49/+0
|
* Add a special filter type to handle enumerationsSumit Bose2010-12-021-0/+3
|
* Run checks before resetting offline stateSumit Bose2010-12-011-4/+115
| | | | | | | | | | | | Before setting the backend to online during a reset offline request the check_online method if the ID provider is called. If the check_online method returns that the ID provider is still not reachable the backend stays offline. Otherwise the backend is switched to online and the related callbacks are run. Additionally the check online test is called during the res_init request because a change in /etc/resolve.conf might also make a server reachable which was assumed offline before.
* Print correct error messages for dp_err_to_string()Stephen Gallagher2010-11-241-6/+6
| | | | | | | | | | | All errnum values passed into this function throughout the code are PAM error codes, but we were passing them through strerror() to print them, which is only meaningful for ERRNO error codes. This patch changes dp_err_to_string() to use pam_strerror() and renames it to dp_pam_err_to_string() for clarity. https://fedorahosted.org/sssd/ticket/636
* be_pam_handler(): Fix potential NULL dereferenceStephen Gallagher2010-08-031-1/+2
|
* Use netlink to detect going onlineJakub Hrozek2010-07-091-0/+20
| | | | | | | | Integrates libnl to detect adding routes. When a route is added, the offline status of all back ends is reset. This patch adds no heuristics to detect whether back end went offline. Fixes: #456
* Add offline callbacksSumit Bose2010-05-271-0/+1
|
* Refactor data provider callbacksSumit Bose2010-05-271-137/+0
|
* Copy pam data from DBus messageSumit Bose2010-05-271-11/+6
| | | | | | | | Instead of just using references to the pam data inside of the DBus message the data is copied. New the DBus message can be freed at any time and the pam data is part of the memory hierarchy. Additionally it is possible to overwrite the authentication tokens in the DBus message, because it is not used elsewhere.
generated by cgit (git 2.34.1) at 2024-05-03 11:39:54 +0000