| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
Makes the setent_add_ref() and setent_notify_*() functions more generic
to be reusable by the autofs responder.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1016
|
| | |
|
| |
|
|
| |
The common function could be reused in new responders
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* the internal request is now more generic and is decoupled from
account-specific data. There is a new sss_dp_issue_request() wrapper
that issues a BE request or registers a callback
* the public requests all use struct sss_dp_req_state as the tevent_req
state data. This allows to report back data from the internal request
even if the caller is just a callback notifier
* each specific request now uses an _info structure that contains all
the data necessary to construct a DBusMessage passed to provider
* each specific request now defines a sss_dp_get_$data_msg callback that
is called from the sss_dp_issue_request() common wraper. The purpose
of the wrapper is to construct a DBusMessage and bind it to a DBus
method so the message can be just sent over to back end
The miscellanous changes include:
* change SSS_DP_ constants to an enum. This way, a switch() would error
if a value is not handled.
* rename sss_dp_get_account_int_send() to sss_dp_internal_get_send()
request because the internal request is going to handle more than just
account data
* the DBus return values were renamed from err_maj, err_min to dp_err
and dp_ret respectively
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The conversion to the tevent_req style introduced numerous bugs
related to memory management of the various client requests. In
some circumstances, this could cause memory corruption and
segmentation faults in the NSS responder. This patch makes the
following changes:
1) Rename the internal lookup from subreq to sidereq, to indicate
that it is not a sub-request of the current lookup (and therefore
is not cancelled if the current request is).
2) Change the handling of the callback loops since they call
tevent_req_[done|error], which results in them being freed (and
therefore removed from the cb_list. This was the source of the
memory corruption that would occasionally result in dereferencing
an unreadable request.
3) Remove the unnecessary sss_dp_get_account_int_recv() function
and change sss_dp_get_account_done() so that it only frees the
sidereq. All of the waiting processes have already been signaled
with the final results from sss_dp_get_account_int_done()
|
| |
|
|
|
|
|
| |
Some NSS maps such as 'services' require more values to be passed
to the data provider than just the name or ID. In these cases, we
will amend an optional component to filter value to pass to the
data provider backend.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
the sized_string structure makes it easier to keep track of string lengths
and makes passing around data more compat and readable.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This function has been renamed to responder_get_domain() but this
declaration hasn't been deleted.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Glib fails if the NULL-terminator is included when a length is specified.
|
| | |
|
| |
|
|
|
| |
Glib fails if the NULL-terminator is included when a length is
specified.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/918
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed:
SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED)
Added new macro:
CONVERT_AND_SET_DEBUG_LEVEL(new_value)
Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0
so DEBUG macro could be reduced by one condition. Anyway, it has a minor
effect, every time you want to load debug_level from command line parameters,
you have to use following pattern:
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) { ... }
CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
|
| |
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
|
| |
|
|
|
| |
The patch also updates code using modified functions. Tests have also
been adjusted.
|
| | |
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/954
|
| |
|
|
|
|
|
|
| |
There may be users in LDAP that have a valid but unwelcome shell
set in their account. This adds a blacklist of shells that should
always be replaced by the fallback_shell.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/928
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/742
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/551
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/742
|
| |
|
|
|
|
| |
We will now re-read the confdb debug_level value when processing
the monitor_common_logrotate() function, which occurs when the
monitor receives a SIGHUP.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In responder a negative cache is used to indicate that the record has
not been found by previous lookup. This approach is however not
applicable for netgroup lookup because the design of their lookup is a
little different.
This patch removes some pieces of code working with negative cache,
because they didn't fuction well. Instead a new flag has been added to
the positive cache. This flag indicates if the record in the cache
is a record of existing netgroup or it's just a placeholder.
https://fedorahosted.org/sssd/ticket/820
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
To avoid wrong or missing netgroup names in the getent_ctx destructor
set_netgroup_entry() now takes the name out of the getent_ctx struct
instead of using a separate argument.
|
