Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | SSH: Expire hosts in known_hosts | Jan Cholasta | 2012-10-05 | 12 | -4/+216 |
| | |||||
* | SSH: Refactor sysdb and related code | Jan Cholasta | 2012-10-05 | 6 | -196/+261 |
| | |||||
* | Fix default upper limit of slices | Ondrej Kos | 2012-10-04 | 4 | -4/+4 |
| | | | | | | | https://fedorahosted.org/sssd/ticket/1537 changes upper limit of slices to 2000200000 in providers code and manpage. | ||||
* | Slices calculation is alway wrong for default values | Ondrej Kos | 2012-10-04 | 1 | -2/+2 |
| | |||||
* | Log possibly non-randomizable ccache file template | Ondrej Kos | 2012-10-04 | 4 | -6/+26 |
| | | | | | | | fixes https://fedorahosted.org/sssd/ticket/1533 ccache file template is now checked for appended XXXXXX for use with mkstemp. When those characters are not present, warning is written to log. | ||||
* | Check for existing pidfile before starting the providers | Jakub Hrozek | 2012-10-04 | 1 | -17/+15 |
| | | | | | | | | | After we switched to writing pidfile after the responders started, we forgot that starting a second SSSD instance would first overwrite the pipes and sockets and only then the SSSD would find out there already is a pidfile. This patch checks for existing pidfile before proceeding with startup. | ||||
* | Remove unused variable | Jakub Hrozek | 2012-10-04 | 1 | -6/+0 |
| | |||||
* | Change the log level of two DEBUG messages in check_domain_ranges | Jakub Hrozek | 2012-10-04 | 1 | -4/+5 |
| | | | | https://fedorahosted.org/sssd/ticket/1562 | ||||
* | Note that Range Retrieval is not supported when filter is used in the search ↵ | Jakub Hrozek | 2012-10-03 | 2 | -2/+14 |
| | | | | | | base. https://fedorahosted.org/sssd/ticket/1471 | ||||
* | Variable in sdap_sudo_rules_refresh_send could be used, uninitialized. | Michal Zidek | 2012-10-03 | 1 | -0/+1 |
| | |||||
* | sss_seed: Improved error message when the domain does not exist. | Michal Zidek | 2012-10-03 | 1 | -2/+5 |
| | | | | https://fedorahosted.org/sssd/ticket/1553 | ||||
* | sss_seed: Passwords longer then PASS_MAX not allowed. | Michal Zidek | 2012-10-03 | 2 | -1/+20 |
| | | | | | | | | sss_seed fails if password file specified with -p or --password-file option contains password longer than PASS_MAX. Man pages inform about PASS_MAX limitation. | ||||
* | sss_seed: Make only first line of password file valid. | Michal Zidek | 2012-10-03 | 1 | -0/+36 |
| | | | | | | | | When file is used to specify a password in sss_seed, then only first line of this file is used. Also empty passwords are treated as errors. https://fedorahosted.org/sssd/ticket/1548 | ||||
* | sss_seed: Show error message when interactive input fails. | Michal Zidek | 2012-10-03 | 1 | -0/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1549 | ||||
* | sss_seed: Option --debug did not work in sss_seed tool. | Michal Zidek | 2012-10-03 | 1 | -4/+4 |
| | | | | | | | debug_level was set before the parameters were parsed, so the default debug_level value was always used. Also CHECK_ROOT macro was used on bad place, so only root was able to run sss_seed --help/-?. | ||||
* | Include param_help_py.xml in the list of po4a sources | Jakub Hrozek | 2012-10-02 | 1 | -0/+1 |
| | |||||
* | Flip the default value of ldap_initgroups_use_matching_rule_in_chain | Jakub Hrozek | 2012-10-02 | 3 | -4/+4 |
| | | | | https://fedorahosted.org/sssd/ticket/1535 | ||||
* | Add man page section about provider specific re_expression | Sumit Bose | 2012-10-02 | 1 | -8/+33 |
| | | | | Fixes: https://fedorahosted.org/sssd/ticket/1525 | ||||
* | remove left over principal selection | Pavel Březina | 2012-10-02 | 3 | -127/+0 |
| | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1303 Domain start up was taking too long when there are many principals in a kerberos keytab. We were looking up in the keytab two times. The first time we try to select a proper principal and remember it. The second call happens almost right after the first one and it is just a check if the principal exists in the keytab, without any output information other than success/failure. It is probably a left over from https://fedorahosted.org/sssd/ticket/781. This patch removes the second call. | ||||
* | monitor: create pid file after all responders are started | Pavel Březina | 2012-10-02 | 2 | -4/+37 |
| | | | | https://fedorahosted.org/sssd/ticket/1357 | ||||
* | Fix few coding style issues | Pavel Březina | 2012-10-02 | 2 | -4/+7 |
| | |||||
* | sudo and autofs search bases should not be marked experimental | Jakub Hrozek | 2012-10-01 | 1 | -2/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/1541 | ||||
* | Change option to display help message in man pages. | Michal Zidek | 2012-10-01 | 3 | -2/+12 |
| | | | | | | | POPT_AUTOHELP generates -? and --help options and not -h to display help message. https://fedorahosted.org/sssd/ticket/1546 | ||||
* | Document ldap_chpass_update_last_change | Jakub Hrozek | 2012-10-01 | 3 | -0/+17 |
| | | | | | | Add the option to the manual page and the configAPI https://fedorahosted.org/sssd/ticket/1494 | ||||
* | sysdb_master_domain_get_info: fix copy-and-paste error | Sumit Bose | 2012-10-01 | 1 | -2/+2 |
| | |||||
* | Use flat name for master domain as well | Sumit Bose | 2012-10-01 | 3 | -2/+20 |
| | |||||
* | Add new option default_domain_suffix | Sumit Bose | 2012-10-01 | 16 | -35/+137 |
| | |||||
* | sssd-ldap manpage: ldap_scheme formatting | Ondrej Kos | 2012-09-26 | 1 | -6/+26 |
| | | | | | | fixes https://fedorahosted.org/sssd/ticket/1483 ldap schemes now displayed as bullet list | ||||
* | LDAP: Handle empty namingContexts values safely | Stephen Gallagher | 2012-09-26 | 1 | -0/+8 |
| | | | | | | | | Certain LDAP servers can return an empty string as the value of namingContexts. We need to treat these as NULL so that we can fail gracefully. https://fedorahosted.org/sssd/ticket/1542 | ||||
* | Updating translations for the 1.9.0 releasesssd-1_9_0 | Jakub Hrozek | 2012-09-24 | 13 | -3837/+3931 |
| | |||||
* | Detect LDAPDerefRes in configure script | Jakub Hrozek | 2012-09-24 | 1 | -1/+9 |
| | | | | https://fedorahosted.org/sssd/ticket/1317 | ||||
* | KRB5: Recover gracefully if the ccache file could not be reused | Jakub Hrozek | 2012-09-24 | 1 | -4/+6 |
| | | | | https://fedorahosted.org/sssd/ticket/1384 | ||||
* | Bad debug message when no dns_discovery_domain specified. | Michal Zidek | 2012-09-24 | 1 | -3/+11 |
| | | | | https://fedorahosted.org/sssd/ticket/920 | ||||
* | DB: Use TALLOC_CTX for talloc context | Jakub Hrozek | 2012-09-24 | 1 | -10/+10 |
| | | | | A couple of sysdb functions used "void *" in place of a TALLOC_CTX. | ||||
* | SYSDB: Remove unnecessary domain parameter from several sysdb calls | Jakub Hrozek | 2012-09-24 | 15 | -115/+79 |
| | | | | | The domain can be read from the sysdb object. Removing the domain string makes the API more self-contained. | ||||
* | AUTOFS: convert the existing autofs entries during a sysdb upgrade | Jakub Hrozek | 2012-09-24 | 3 | -1/+144 |
| | |||||
* | AUTOFS: Use both key and value in entry RDN | Jakub Hrozek | 2012-09-24 | 4 | -14/+51 |
| | | | | | | This patch switches from using just key in the RDN to using both key and value. That is neccessary to allow multiple direct mounts in a single map. | ||||
* | AUTOFS: Add entry objects below map objects | Jakub Hrozek | 2012-09-24 | 6 | -220/+172 |
| | | | | | | | | https://fedorahosted.org/sssd/ticket/1506 Changes how the new autofs entry objects are handled. Instead of creating the entry on the cn=autofs,cn=custom level, the entry is created below the map it belongs to. | ||||
* | AUTOFS: Add sysdb tests | Jakub Hrozek | 2012-09-24 | 1 | -0/+249 |
| | |||||
* | AUTOFS: Do not fail if search base is not provided | Jakub Hrozek | 2012-09-24 | 1 | -2/+2 |
| | |||||
* | AD: Handle sysdb lookup failure during tokenGroups processing | Stephen Gallagher | 2012-09-24 | 1 | -0/+6 |
| | |||||
* | Make subdomain discovery less noisy | Sumit Bose | 2012-09-24 | 1 | -15/+16 |
| | | | | Fixes https://fedorahosted.org/sssd/ticket/1517 | ||||
* | autofs, sudo, ssh and PAC are not experimental anymore | Jakub Hrozek | 2012-09-24 | 6 | -62/+10 |
| | |||||
* | sdap_add_incomplete_groups(): fix ret may be uninitialized warning | Pavel Březina | 2012-09-24 | 1 | -1/+1 |
| | |||||
* | AD: Optimize initgroups lookups with tokenGroups | Stephen Gallagher | 2012-09-24 | 3 | -4/+313 |
| | | | | https://fedorahosted.org/sssd/ticket/1355 | ||||
* | AD: Detect domain controller compatibility version | Stephen Gallagher | 2012-09-24 | 3 | -0/+44 |
| | |||||
* | sss_cache tool invalidates records in memory cache. | Michal Zidek | 2012-09-24 | 7 | -3/+166 |
| | |||||
* | tools_util.h provides signal_sssd function. | Michal Zidek | 2012-09-24 | 3 | -99/+99 |
| | |||||
* | AD: autorid compatibility should recommend the use of default domain | Stephen Gallagher | 2012-09-24 | 1 | -4/+4 |
| | | | | | | | | | | | Previously, we were failing to start if ldap_idmap_autorid_compat was True but the default domain SID was unspecified. This is the recommended configuration, but it is functional without it. There is just a slight risk that the IDs will be inconsistent between machines if the first user requested is not from the default domain. https://fedorahosted.org/sssd/ticket/1530 | ||||
* | SSSD fails to store users if any of the requested attribute is empty. | Michal Zidek | 2012-09-20 | 1 | -0/+6 |
| | | | | https://fedorahosted.org/sssd/ticket/1440 |