Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix netgroup error handlingsssd-1.8.0-12.el6 | Jakub Hrozek | 2012-03-09 | 1 | -20/+65 |
| | | | | | | https://fedorahosted.org/sssd/ticket/1242 Handle empty elements in proxy netgroups: | ||||
* | PROXY: Create fake user entries for group lookups | Stephen Gallagher | 2012-03-09 | 1 | -3/+85 |
| | |||||
* | Fix nested groups processing | Jakub Hrozek | 2012-03-09 | 1 | -27/+61 |
| | | | | | | | Instead of keeping the number of parent groups in "state" and having to reset the count when moving to another group on the same level, keep track of the all groups on a particular level along with their parents and parent count. | ||||
* | DP: Reorganize memory hierarchy of requests | Stephen Gallagher | 2012-03-09 | 1 | -24/+108 |
| | | | | | | | | | | | | | This function alters the memory hierarchy of the be_req to ensure memory safety during shutdown. It creates a spy on the be_cli object so that it will free the be_req if the client is freed. It is generally allocated atop the private data context for the appropriate back-end against which it is being filed. https://fedorahosted.org/sssd/ticket/1226 | ||||
* | Search netgroups by alias, too | Jakub Hrozek | 2012-03-09 | 2 | -3/+5 |
| | | | | https://fedorahosted.org/sssd/ticket/1228 | ||||
* | Hide --debug option in sss_debuglevel | Pavel Březina | 2012-03-09 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1224 | ||||
* | IPA: Fix segfault with srchost functionality enabled | Stephen Gallagher | 2012-03-09 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1215 | ||||
* | Only do one cycle when resolving a server | Jakub Hrozek | 2012-03-09 | 7 | -59/+132 |
| | |||||
* | IPA: Check nsAccountLock during PAM_ACCT_MGMT | Stephen Gallagher | 2012-03-09 | 6 | -13/+86 |
| | | | | https://fedorahosted.org/sssd/ticket/1227 | ||||
* | Use the correct hash table for pending requests | Simo Sorce | 2012-03-09 | 7 | -10/+14 |
| | | | | | | | | | | | | | The function that handled pending requests on reconnect was checking an orphaned global variable that was never used, redenring the whole function uselsess. This fixes a very nasty bug that was causing requests for which we never received an answer for (for example because the backend failed and was restarted) to be never removed and therefore causing a black hole effect for any other request of the same type. Fixes: https://fedorahosted.org/sssd/ticket/1229 | ||||
* | Handle cases where UID is -1 | Stephen Gallagher | 2012-03-01 | 1 | -6/+1 |
| | | | | | | | Also removes an unnecessary range check (since it's already handled by strtoint32() https://fedorahosted.org/sssd/ticket/1216 | ||||
* | IPA: Set the DNS discovery domain to match ipa_domain | Stephen Gallagher | 2012-03-01 | 5 | -8/+17 |
| | | | | https://fedorahosted.org/sssd/ticket/1217 | ||||
* | RHEL6: Add debug level upgrade script | Stephen Gallagher | 2012-02-28 | 2 | -0/+101 |
| | |||||
* | Updating translations for SSSD 1.8.0 releasesssd-1_8_0 | Stephen Gallagher | 2012-02-28 | 12 | -1291/+52783 |
| | |||||
* | PAM: Don't send PAM_SYSTEM_INFO message if module unset | Stephen Gallagher | 2012-02-27 | 1 | -7/+3 |
| | | | | | | | | We now have a session module that is only available for the IPA provider. We should not be logging noisily that other providers do not have the session provider configured. https://fedorahosted.org/sssd/ticket/1211 | ||||
* | SSH: Update sss_ssh_knownhostsproxy manual page | Jan Cholasta | 2012-02-27 | 1 | -15/+4 |
| | |||||
* | SSH: Remove unused --file option of sss_ssh_knownhostsproxy | Jan Cholasta | 2012-02-27 | 1 | -5/+0 |
| | |||||
* | SSH: Replace blocking getaddrinfo call in the responder with asynchronous ↵ | Jan Cholasta | 2012-02-27 | 3 | -26/+56 |
| | | | | resolver code | ||||
* | SSH: Use fchmod instead of chmod on known_hosts file | Jan Cholasta | 2012-02-27 | 1 | -8/+4 |
| | |||||
* | SSH: Add missing break statements to sss_ssh_format_pubkey | Jan Cholasta | 2012-02-27 | 1 | -0/+2 |
| | |||||
* | SSH: Add more debugging messages | Jan Cholasta | 2012-02-27 | 5 | -8/+38 |
| | |||||
* | SSH: Don't abort known_hosts update when host search fails | Jan Cholasta | 2012-02-27 | 1 | -1/+1 |
| | |||||
* | SSH: Manage global known_hosts file in the responder | Jan Cholasta | 2012-02-27 | 3 | -78/+136 |
| | | | | https://fedorahosted.org/sssd/ticket/1193 | ||||
* | SSH: Continue connecting to SSH server even when SSSD is not running in ↵ | Jan Cholasta | 2012-02-27 | 1 | -112/+85 |
| | | | | | | | | | | sss_ssh_knownhostsproxy Additionally, don't drop the connection when the sss_ssh_knownhostsproxy process receives a signal. https://fedorahosted.org/sssd/ticket/1179 https://fedorahosted.org/sssd/ticket/1184 | ||||
* | UTIL: Add function for atomic I/O | Jan Cholasta | 2012-02-27 | 2 | -0/+44 |
| | |||||
* | SSH: Refactor responder and client common code | Jan Cholasta | 2012-02-27 | 6 | -166/+294 |
| | |||||
* | SSH: Save SSH host name aliases | Jan Cholasta | 2012-02-27 | 6 | -40/+119 |
| | |||||
* | AUTOFS: speed up the client by requesting multiple entries at once | Jakub Hrozek | 2012-02-27 | 3 | -78/+239 |
| | | | | https://fedorahosted.org/sssd/ticket/1166 | ||||
* | Eliminate build-time requirement for nscd | Stephen Gallagher | 2012-02-27 | 2 | -11/+12 |
| | | | | | | We will now use the autodetected location if available, or else fall back to a value provided by --with-nscd in configure and finally resort to a hard-coded default of /usr/sbin/nscd. | ||||
* | LDAP: Remove unnecessary filter sanitize | Stephen Gallagher | 2012-02-26 | 1 | -11/+5 |
| | | | | | | The orig_dn here isn't being passed to a filter and therefore must not be santized, as the sanitization process would break DNs that contain (among other things) parentheses. | ||||
* | Modifications to simplify list_missing_attrs | Jan Zeleny | 2012-02-24 | 8 | -44/+21 |
| | |||||
* | Delete missing attributes from netgroups to be stored | Jan Zeleny | 2012-02-24 | 6 | -4/+45 |
| | | | | https://fedorahosted.org/sssd/ticket/1136 | ||||
* | LDAP: Only use paging control on requests for multiple entries | Stephen Gallagher | 2012-02-24 | 16 | -40/+100 |
| | | | | | | | | | | The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one | ||||
* | AUTOFS: Search all search bases for automounter map entries | Jakub Hrozek | 2012-02-23 | 1 | -18/+86 |
| | | | | https://fedorahosted.org/sssd/ticket/1168 | ||||
* | AUTOFS: Invoke implicit setautomntent if needed | Jakub Hrozek | 2012-02-23 | 2 | -45/+156 |
| | | | | https://fedorahosted.org/sssd/ticket/1167 | ||||
* | libnl: fix the path to phy80211 subdirectory | Jakub Hrozek | 2012-02-23 | 1 | -4/+20 |
| | |||||
* | Move sudo_dom_ctx.user to local variable | Pavel Březina | 2012-02-23 | 2 | -8/+8 |
| | |||||
* | Honor case_sensitive option in sudo responder | Pavel Březina | 2012-02-23 | 4 | -21/+100 |
| | | | | https://fedorahosted.org/sssd/ticket/1205 | ||||
* | LDAP: Properly assign orig_dn | Stephen Gallagher | 2012-02-23 | 1 | -0/+1 |
| | | | | This was only used for properly identifying debug messages. | ||||
* | Save errno value before calling DEBUG | Jakub Hrozek | 2012-02-23 | 1 | -2/+4 |
| | |||||
* | pam_sss: keep selinux optional | Simo Sorce | 2012-02-23 | 2 | -3/+6 |
| | | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | ||||
* | nss_group: Cache the result from sssd when the glibc provided buffer is too ↵ | Simo Sorce | 2012-02-23 | 1 | -8/+145 |
| | | | | small. | ||||
* | IPA: Add ipa_parse_search_base() | Stephen Gallagher | 2012-02-23 | 3 | -19/+72 |
| | | | | | | | | | | Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151 | ||||
* | remove unused function | Jakub Hrozek | 2012-02-21 | 1 | -20/+0 |
| | |||||
* | End request if ldap_parse_result fails | Jakub Hrozek | 2012-02-21 | 1 | -0/+3 |
| | |||||
* | RESPONDERS: Allow increasing the file-descriptor limit | Stephen Gallagher | 2012-02-17 | 4 | -0/+48 |
| | | | | | | | This patch will increase the file descriptor limit to 8k or the limits.conf maximum, whichever is lesser. https://fedorahosted.org/sssd/ticket/1197 | ||||
* | Fix case insensitive service lookups | Jakub Hrozek | 2012-02-17 | 1 | -6/+6 |
| | |||||
* | LDAP: Ignore group member users that do not have name attributes | Stephen Gallagher | 2012-02-17 | 1 | -2/+2 |
| | | | | | | | | Instead of failing the group lookup, just skip them. This was impacting some users of ActiveDirectory where not all users had the appropriate attributes. https://fedorahosted.org/sssd/ticket/1169 | ||||
* | NSS: Always return the same protocol that was requested | Stephen Gallagher | 2012-02-17 | 2 | -9/+26 |
| | | | | https://fedorahosted.org/sssd/ticket/1160 | ||||
* | Redesign purging of the sudo cache | Pavel Březina | 2012-02-17 | 3 | -94/+370 |
| | | | | https://fedorahosted.org/sssd/ticket/1173 |