sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	UTIL: Move become_user outside krb5 tree	Jakub Hrozek	2014-10-10	1	-199/+0
\| \| \| \| \| \| \| \|	In order for several other SSSD processes to run as a non-root user, we need to move the functions to become another user to a shared space in our source tree. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
*	Make DEBUG macro invocations variadic	Nikolai Kondrashov	2014-02-12	1	-15/+15
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '.[hc]' DEBUG . \| while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\STDIN); $text=~s#(\bDEBUG\s$[^(]+)\((.?)$\s\)\s;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
*	Include header file in implementation module.	Lukas Slebodnik	2013-09-24	1	-0/+1
\| \| \| \| \|	Declarations of public functions was in header files, but header files was not included in implementation file.
*	Fix formating of variables with type: gid_t	Lukas Slebodnik	2013-09-11	1	-1/+1
\|
*	Fix formating of variables with type: uid_t	Lukas Slebodnik	2013-09-11	1	-2/+3
\|
*	krb5: Add calls to change and restore credentials	Simo Sorce	2013-09-09	1	-0/+125
\| \| \| \| \| \| \| \|	In some cases we want to temporarily assume user credentials but allow the process to regain back the original credentials (normally regaining uid 0). Related: https://fedorahosted.org/sssd/ticket/2061
*	Further restrict become_user drop of privileges.	Simo Sorce	2013-04-05	1	-15/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	We never need to regain root after we call become_user() so tighten up even further our privilege drop. Add a setgroups() call to remove all secondary groups root may have been given for whateve reason. Then use the setres[ug]id function to also drop the saved uid/gid so the process cannot regain back root id. Capabilities are also implicitly dropped here, no more CAP_SETUID so this is a Point of No Return, once changed to non-root the process can't get back. Remove redefinition of sys/types.h and unistd.h, they are already defined in util.h and they need to be included after _GNU_SOURCE/_BSD_SOURCE is defined or the prototypes for setres[ug]id will not be found. Add grp.h after util.h for the same reason.
*	Save errno before it might be modified.	Simo Sorce	2012-11-26	1	-8/+16
\| \| \| \| \|	The DEBUG() macro may, at any time, change and start calling functions that touch errno. Save errno before logging and then return the saved error.
*	Add a credential cache back end structure	Jakub Hrozek	2012-06-14	1	-1/+1
\| \| \| \| \| \|	To be able to add support for new credential cache types easily, this patch creates a new structure sss_krb5_cc_be that defines common operations with a credential cache, such as create, check if used or remove.
*	Rename server/ directory to src/	Stephen Gallagher	2010-02-18	1	-0/+61
	Also update BUILD.txt