summaryrefslogtreecommitdiffstats
path: root/src/providers/ipa/ipa_hbac_common.c
Commit message (Collapse)AuthorAgeFilesLines
* Replace new_subdomain() with find_subdomain_by_name()Sumit Bose2013-06-281-2/+2
| | | | | | new_subdomain() will create a new domain object and should not be used anymore in the priovder code directly. Instead a reference to the domain from the common domain object should be used.
* Fix initialization of multiple variablesOndrej Kos2013-03-131-1/+1
|
* Add realm info to sss_domain_infoSimo Sorce2013-02-101-1/+1
|
* Add be_req_get_be_ctx() helper.Simo Sorce2013-01-211-9/+7
| | | | In preparation for making be_req opaque
* Remove domain from be_req structureSimo Sorce2013-01-211-5/+5
|
* Remove hbac_ctx_be()Simo Sorce2013-01-211-1/+1
|
* Remove hbac_ctx_sysdb()Simo Sorce2013-01-211-5/+4
|
* Remove sysdb arg from [ipa_]hbac_sysdb_save()Simo Sorce2013-01-211-22/+16
| | | | Also make ipa_hbac_save_list() static
* Remove sysdb arg from hbac_*host_attrs_to_rule()Simo Sorce2013-01-211-2/+0
|
* Remove sysdb arg from hbac_service_attrs_to_rule()Simo Sorce2013-01-211-1/+0
|
* Remove sysdb argument from hbac_user_attrs_to_rule()Simo Sorce2013-01-211-1/+0
|
* Add domain arg to sysdb_search_users()Simo Sorce2013-01-151-0/+1
|
* Add domain argument to sysdb_search_custom()Simo Sorce2013-01-151-0/+3
| | | | Also changes sysdb_search_custom_by_name()
* Add domain argument to sysdb_store_custom()Simo Sorce2013-01-151-1/+1
|
* Add domain to sysdb_search_user_by_name()Simo Sorce2013-01-151-3/+6
| | | | Also remove unused sysdb_search_domuser_by_name()
* Make sysdb_custom_subtree_dn() require a domain.Simo Sorce2013-01-151-1/+1
|
* Make sysdb_custom_dn() require a domain.Simo Sorce2013-01-151-2/+4
|
* Do not save HBAC rules in subdomain subtreeSumit Bose2012-11-191-3/+16
| | | | | | | | | | | | | | Currently the sysdb context is pointed to the subdomain subtree containing user the user to be checked at the beginning of a HBAC request. As a result all HBAC rules and related data is save in the subdomain tree as well. But since the HBAC rules of the configured domain apply to all users it is sufficient to save them once in the subtree of the configured domain. Since most of the sysdb operations during a HBAC request are related to the HBAC rules and related data this patch does not change the default sysdb context but only create a special context to look up subdomain users.
* SYSDB: Remove unnecessary domain parameter from several sysdb callsJakub Hrozek2012-09-241-5/+3
| | | | | The domain can be read from the sysdb object. Removing the domain string makes the API more self-contained.
* Unify usage of sysdb transactionsMichal Zidek2012-08-231-2/+8
| | | | | | Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c).
* HBAC: create empty groups with one NULL elementJakub Hrozek2012-01-061-16/+15
| | | | https://fedorahosted.org/sssd/ticket/1130
* Add ipa_hbac_support_srchost option to IPA providerJan Zeleny2011-11-291-0/+3
| | | | | don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078
* Cleanup: Remove unused parametersJakub Hrozek2011-11-221-7/+1
|
* Add a missing breakJakub Hrozek2011-10-171-0/+1
|
* HBAC: Use originalMember for identifying hostgroupsStephen Gallagher2011-10-141-45/+51
|
* HBAC: Use originalMember for identifying servicegroupsStephen Gallagher2011-10-141-41/+55
|
* HBAC: Do not save member/memberOf linksStephen Gallagher2011-10-141-120/+0
| | | | We can just trust the values from the FreeIPA server
* HBAC: fix typos preventing proper hostgroup evaluationStephen Gallagher2011-09-281-3/+3
|
* Multiline macro cleanupJakub Hrozek2011-09-281-1/+1
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* HBAC: Handle saving groups that have no membersStephen Gallagher2011-08-261-7/+21
|
* sysdb refactoring: memory context deletedJan Zeleny2011-08-151-2/+2
| | | | | | This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-151-7/+5
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher2011-07-291-1/+1
| | | | https://fedorahosted.org/sssd/ticket/936
* Treat NULL or empty rhost as unknownStephen Gallagher2011-07-081-9/+21
| | | | | | | Previously, we were assuming this meant it was coming from the localhost, but this is not a safe assumption. We will now treat it as unknown and it will fail to match any rule that requires a specified srchost or group of srchosts.
* Add helper functions for looking up HBAC rule componentsStephen Gallagher2011-07-081-0/+871
generated by cgit (git 2.34.1) at 2024-06-10 06:31:36 +0000