| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
We are deprecating sysdb->domain so kill the function that gives access to
this member as we should stop relying on it being available (or correct).
|
| |
|
|
|
| |
Bring it out of sysdb, which will slowly remove internal dependencies on
domains and instead will always require them to be passed by callers.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change the way sysdbs are initialized. Make callers responsible for providing
the list of domains.
Remove the returned array of sysdb contexts, it was used only by sss_cache
and not really necessary there either as that tool can easily iterate the
domains.
Make sysdb ctx children of their respective domains.
Neither sysdb context nor domains are ever freed until a program is done so
there shouldn't be any memory hierarchy issue. As plus we simplify the code by
removing a destructor and a setter function.
|
| |
|
|
| |
Also fixes https://fedorahosted.org/sssd/ticket/1754
|
| |
|
|
|
|
|
| |
This reverts commit d698499602461b98fd56f2d550f80c6cb25f12a9.
And adds the correct fix.
Also makes the function static,as it is used nowehere else.
|
| |
|
|
|
| |
Besides adding the missing default this patch suppresses a compiler
warning about ret being uninitialized.
|
| |
|
|
|
|
|
|
|
| |
Using a vtable like this has various drawacks, including the fact prototypes
are not checked by the compiler so the code could silently break and still
compile fine (in fact I found this out changing one of the prototypes).
A switch statement is also better because it catches if the enum changed and
won't risk allowing to access the table out of bounds.
|
| |
|
|
|
|
| |
sss_cache did not accept fully quaified domain names.
https://fedorahosted.org/sssd/ticket/1620
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1659
|
| |
|
|
|
|
|
| |
The logic that checks if sssd_nss is running and then
sends SIGHUP to monitor or removes the caches was moved
to a function sss_memcache_clear_all() and made public in
tools_util.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1612
This patch changes the handling of ghost attributes when saving the
actual user entry. Instead of always linking all groups that contained
the ghost attribute with the new user entry, the original member
attributes are now saved in the group object and the user entry is only
linked with its direct parents.
As the member attribute is compared against the originalDN of the user,
if either the originalDN or the originalMember attributes are missing,
the user object is linked with all the groups as a fallback.
The original member attributes are only saved if the LDAP schema
supports nesting.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1589
Added check for determining, whether database version is higher or
lower than expected. To distinguish it from other errors it uses
following retun values (further used for appropriate error message):
EMEDIUMTYPE for lower version than expected
EUCLEAN for higher version than expected
When SSSD or one of it's tools fails on DB version mismatch, new error
message is showed suggesting how to proceed.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1584
|
| |
|
|
|
|
|
|
|
|
| |
When working with multiple domains and no
matching objects for deletion were found in the first
domain, the other domains were not searched at all.
Also the ERROR message informing about object not found
(the one printed for each domain) was changed to
DEBUG message.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1495
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1327
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1553
|
| |
|
|
|
|
|
|
| |
sss_seed fails if password file specified with -p or
--password-file option contains password longer than
PASS_MAX.
Man pages inform about PASS_MAX limitation.
|
| |
|
|
|
|
|
|
| |
When file is used to specify a password in sss_seed, then only
first line of this file is used.
Also empty passwords are treated as errors.
https://fedorahosted.org/sssd/ticket/1548
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1549
|
| |
|
|
|
|
|
| |
debug_level was set before the parameters were parsed, so the
default debug_level value was always used. Also CHECK_ROOT
macro was used on bad place, so only root was able to
run sss_seed --help/-?.
|
| |
|
|
|
| |
The domain can be read from the sysdb object. Removing the domain string
makes the API more self-contained.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Removing bad examples of usage of sysdb_transaction_start/commit/end
functions and making it more consistent (all files except of
src/db/sysdb_*.c).
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1426
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
* Allows different user/domain qualified names for different
domains. For example Domain\User or user@domain.
* The global re_expression and full_name_format options remain
as defaults for the domains.
* Subdomains get the re_expression and full_name_format of
their parent domain.
https://bugzilla.redhat.com/show_bug.cgi?id=811663
|
| | |
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1336
|
| |
|
|
|
|
|
| |
Errno was returned instead of ret.
The other hunk removes return code from fread - it is not needed, the
NULL termination of the string is ensured by initializing the buffer.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1209
|
| |
|
|
|
|
|
|
|
|
| |
* Print usage when no options are given
* Report skipped entries
* Print error message when a nonexistent domain is selected
https://fedorahosted.org/sssd/ticket/1301
https://fedorahosted.org/sssd/ticket/1305
https://fedorahosted.org/sssd/ticket/1306
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1170
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1224
|
| | |
|
| |
|
|
| |
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
| | |
|
| | |
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1071
|
| |
|
|
| |
Coverity 11032
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/836
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1013
|
| |
|
|
|
|
|
|
|
|
| |
This is mostly a cosmetic patch.
The purpose of wrapping a multi-line macro in a do { } while(0) is to
make the macro usable as a regular statement, not a compound statement.
When the while(0) is terminated with a semicolon, the do { } while(0);
block becomes a compound statement again.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/950
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed:
SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED)
Added new macro:
CONVERT_AND_SET_DEBUG_LEVEL(new_value)
Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0
so DEBUG macro could be reduced by one condition. Anyway, it has a minor
effect, every time you want to load debug_level from command line parameters,
you have to use following pattern:
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) { ... }
CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
|
| |
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
|
| |
|
|
|
|
| |
This patch deletes memory context parameter in those places in sysdb
where it is not necessary. The code using modified functions has been
updated. Tests updated as well.
|
| |
|
|
|
| |
The patch also updates code using modified functions. Tests have also
been adjusted.
|
| |
|
|
|
|
|
|
|
|
| |
This is much more selinux friendly as it allows policy makers to call
nscd_domtrans to transition to nscd_t instead of giving more access to
the system via the corcmd_exec_bin macro.
Modified-by: Simo Sorce <ssorce@redhat.com>
Signed-off-by: Simo Sorce <ssorce@redhat.com>
|
