Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | murmurhash: Relax inline requirement | Stephen Gallagher | 2012-05-11 | 1 | -2/+2 |
| | |||||
* | SYSDB: Handle user and group renames better | Jakub Hrozek | 2012-05-11 | 2 | -7/+182 |
| | | | | | | | | | | | | Fixes a regression in the local domain tools where sss_groupadd no longer detected a GID duplicate. The check for EEXIST is moved one level up into more high level function. The patch also adds the same rename support for users. I found it odd that we allowed a rename of groups but not users. There is a catch when storing a user -- his cached password would be gone. I think that renaming a user is such a rare operation that it's not severe, plus there is a warning in the logs. | ||||
* | Send the correct enumeration request | Jakub Hrozek | 2012-05-10 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1329 | ||||
* | Try all KDCs when getting TGT for LDAP | Jakub Hrozek | 2012-05-09 | 1 | -15/+18 |
| | | | | | | | | When the ldap child process is killed after a timeout, try the next KDC. When none of the ldap child processes succeed, just abort the connection because we wouldn't be able to authenticate to the LDAP server anyway. https://fedorahosted.org/sssd/ticket/1324 | ||||
* | krb5 locator: Do not leak addrinfo | Jakub Hrozek | 2012-05-07 | 1 | -0/+2 |
| | |||||
* | Kerberos locator: Include the correct krb5.h header file | Jakub Hrozek | 2012-05-07 | 2 | -2/+14 |
| | | | | https://fedorahosted.org/sssd/ticket/1325 | ||||
* | Special-case LDAP_SIZELIMIT_EXCEEDED | Jakub Hrozek | 2012-05-07 | 1 | -4/+9 |
| | | | | | | | | | | | | Previous version of the SSSD did not abort the async LDAP search operation on errors. In cases where the request ended in progress, such as when the paging was very strictly limited, the old versions at least returned partial data. This patch special-cases the LDAP_SIZELIMIT_EXCEEDED error to avoid a user-visible regression. https://fedorahosted.org/sssd/ticket/1322 | ||||
* | Update translations for 1.8.3 releasesssd-1_8_3 | Stephen Gallagher | 2012-05-03 | 9 | -4340/+5357 |
| | |||||
* | Read sysdb attribute name, not LDAP attribute map name | Jakub Hrozek | 2012-05-03 | 1 | -2/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/1320 | ||||
* | Lowercase group members in case-insensitive domains | Jakub Hrozek | 2012-04-24 | 1 | -1/+7 |
| | | | | https://fedorahosted.org/sssd/ticket/1312 | ||||
* | confdb_get_bool needs a TALLOC_CTX in sssd-1.8 | Jakub Hrozek | 2012-04-24 | 1 | -1/+1 |
| | |||||
* | Fix typo in translation file | Stephen Gallagher | 2012-04-20 | 1 | -2/+2 |
| | |||||
* | Fix typo: retreiving->retrieving | Yuri Chornoivan | 2012-04-20 | 1 | -1/+1 |
| | |||||
* | Get the RootDSE after binding if not successfull before | Jakub Hrozek | 2012-04-20 | 1 | -26/+104 |
| | | | | https://fedorahosted.org/sssd/ticket/1258 | ||||
* | Update translation files | Stephen Gallagher | 2012-04-20 | 1 | -466/+578 |
| | |||||
* | Two manual pages fixes | Marco Pizzoli | 2012-04-20 | 2 | -1/+3 |
| | |||||
* | Document sss_tools better | Jakub Hrozek | 2012-04-20 | 9 | -0/+35 |
| | | | | https://fedorahosted.org/sssd/ticket/917 | ||||
* | sdap_check_aliases must not error when detects the same user | Jakub Hrozek | 2012-04-20 | 1 | -13/+31 |
| | | | | https://fedorahosted.org/sssd/ticket/1307 | ||||
* | proxy: new option proxy_fast_alias | Jakub Hrozek | 2012-04-20 | 7 | -43/+143 |
| | |||||
* | proxy: Canonicalize user and group names | Jakub Hrozek | 2012-04-20 | 1 | -312/+354 |
| | | | | https://fedorahosted.org/sssd/ticket/1249 | ||||
* | MAN: document the hostid and autofs providers | Jakub Hrozek | 2012-04-18 | 1 | -0/+60 |
| | |||||
* | MAN: timeout can be specified for services, too | Jakub Hrozek | 2012-04-18 | 1 | -14/+13 |
| | |||||
* | autofs: Raise the maximum key length to PATH_MAX | Jakub Hrozek | 2012-04-18 | 1 | -2/+4 |
| | | | | https://fedorahosted.org/sssd/ticket/1300 | ||||
* | sudo api: check sss_status instead of errnop in sss_sudo_send_recv_generic() | Pavel Březina | 2012-04-18 | 1 | -2/+4 |
| | |||||
* | Remove the "command" option from documentation | Jakub Hrozek | 2012-04-18 | 1 | -16/+0 |
| | | | | | | It is a low-level developer option not indended to be consumed by users https://fedorahosted.org/sssd/ticket/1174 | ||||
* | Fix erronous reference to the 'allow' access_provider | Stef Walter | 2012-04-18 | 1 | -1/+1 |
| | | | | | | | | * Should be 'permit' instead https://fedorahosted.org/sssd/ticket/1295 Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | ||||
* | pam_sss: improve error handling in SELinux code | Jakub Hrozek | 2012-04-18 | 1 | -3/+5 |
| | |||||
* | MAN: Add ldap_sasl_minssf to the manpage | Stephen Gallagher | 2012-04-18 | 1 | -0/+16 |
| | |||||
* | MAN: Improve ldap_disable_paging documentation | Stephen Gallagher | 2012-04-18 | 1 | -1/+4 |
| | |||||
* | man: document that referral chasing might bring performance penalty | Jakub Hrozek | 2012-04-18 | 1 | -0/+8 |
| | | | | https://fedorahosted.org/sssd/ticket/1265 | ||||
* | Updating translation files for 1.8.2 releasesssd-1_8_2 | Stephen Gallagher | 2012-04-09 | 10 | -12/+98 |
| | |||||
* | netlink integration: ensure that interface name is NULL-terminated | Jakub Hrozek | 2012-04-09 | 1 | -1/+2 |
| | | | | | | In the unlikely case that the interface name was IFNAMSIZ bytes long or longer, strncpy wouldn't NULL-terminate the buffer. Copy one byte less to ensure the buffer is NULL-terminated. | ||||
* | Use the correct options counter | Jakub Hrozek | 2012-04-05 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1282 | ||||
* | Fix regression in SSSDConfig.py | Jakub Hrozek | 2012-04-05 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1291 | ||||
* | Clean up log messages about keytab_name | Stephen Gallagher | 2012-04-05 | 4 | -20/+37 |
| | | | | | | | | | There were many places where we were printing (null) to the logs because a NULL keytab name tells libkrb5 to use its configured default instead of a particular path. This patch should clean up all uses of this to print "default" in the logs. https://fedorahosted.org/sssd/ticket/1288 | ||||
* | Catch cases where D-Bus connection is NULL | Jakub Hrozek | 2012-04-05 | 2 | -0/+24 |
| | | | | https://fedorahosted.org/sssd/ticket/1270 | ||||
* | Fix building manpages in parallel build dirs | Stephen Gallagher | 2012-04-05 | 1 | -1/+1 |
| | | | | | | | | | | | | | | Commit 2ebb3cf3d7062860343c3db1b53173c9c6547038 introduced an issue when building manpages in parallel build dirs. It unnecessarily modified the XML_DOC definition to restrict it to basing its contents on the man_MANS variable. Unfortunately, this means that when we entered the recursion in all-local we would be effectively turning XML_DOC into $(srcdir)/$(lang)/manpage.N.xml when we really only care that the source language XML document exists. This patch reverts that portion of the change. https://fedorahosted.org/sssd/ticket/1293 | ||||
* | Fix off-by-one error in principal selection | Jakub Hrozek | 2012-03-29 | 1 | -3/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/1269 | ||||
* | Proxy services: Save lowercased protocol names and aliases in ↵ | Jakub Hrozek | 2012-03-29 | 1 | -57/+17 |
| | | | | case-insensitive domains | ||||
* | LDAP services: Save lowercased protocol names in case-insensitive domains | Jakub Hrozek | 2012-03-29 | 1 | -1/+17 |
| | | | | https://fedorahosted.org/sssd/ticket/1260 | ||||
* | Add sss_get_cased_name_list utility function | Jakub Hrozek | 2012-03-29 | 2 | -0/+41 |
| | |||||
* | Return correct resolv_status on resolver timeout | Jakub Hrozek | 2012-03-29 | 4 | -24/+95 |
| | | | | https://fedorahosted.org/sssd/ticket/1274 | ||||
* | Silence Coverity warning in the autofs test tool | Jakub Hrozek | 2012-03-28 | 1 | -8/+22 |
| | | | | https://fedorahosted.org/sssd/ticket/1237 | ||||
* | LDAP: Fix memory leaks in synchronous_tls_setup | Stephen Gallagher | 2012-03-26 | 1 | -8/+10 |
| | | | | | | | | | | We were never freeing "result" if it was allocated by ldap_result(). We were also not freeing "errmsg" if it was allocated but ldap_parse_result() returned an error. Also disambiguate error messages from ldap_parse_result() and error messages from sss_ldap_get_diagnostic_msg() since they use differing memory-management functions. | ||||
* | LDAP services: Keep the protocol around | Jakub Hrozek | 2012-03-26 | 1 | -0/+1 |
| | |||||
* | AUTOFS: fix copy-and-paste bug in the autofs client | Jakub Hrozek | 2012-03-26 | 1 | -1/+1 |
| | |||||
* | Always initialize the returned data in sss_krb5_princ_realm() | Sumit Bose | 2012-03-26 | 1 | -0/+3 |
| | |||||
* | LDAP: Add better error logging when ldap_result() fails | Stephen Gallagher | 2012-03-21 | 1 | -1/+3 |
| | |||||
* | Start SSSD earlier and stop it later | Stephen Gallagher | 2012-03-21 | 1 | -1/+1 |
| | | | | | | | | SSSD needs to be started before NFS-related processes or they will mount with the username 'nobody' if they would have otherwise used LDAP accounts. https://fedorahosted.org/sssd/ticket/1273 | ||||
* | NSS: Look for services with correct case when cache is updated | Jakub Hrozek | 2012-03-21 | 1 | -7/+7 |
| | | | | https://fedorahosted.org/sssd/ticket/1259 |