summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Fix SSSDConfigTestJakub Hrozek2012-07-241-1/+2
|
* manpage: seealso - include ssh conditionallyPavel Březina2012-07-231-6/+10
| | | | | SSH utilities were included in see also section even if SSSD is built without SSH support.
* add hostid and subdomains sections in sssd-ipa.confPavel Březina2012-07-231-1/+5
| | | | https://fedorahosted.org/sssd/ticket/1368
* Extend category support in SELinux user mapsJan Zeleny2012-07-231-6/+24
| | | | | | This patch adds the possibility for user/host category attributes to have more than one value. It also fixes semantically wrong evaluation of SELinux map priority.
* Added some DEBUG statements into SELinux related codeJan Zeleny2012-07-232-8/+38
|
* sdap_sudo.c: add missing end of line in few debug messagesPavel Březina2012-07-231-3/+3
|
* SYSDB: Add log message for unexpected LDB errorsStephen Gallagher2012-07-201-0/+3
|
* Fix sysdb_search_selinux_usermap_by_username return valueJakub Hrozek2012-07-201-0/+1
| | | | | | | | There was a logic bug in sysdb_search_selinux_usermap_by_username that resulted in returning the value the variable "ret" had after the last call to sysdb_attrs_get_uint32_t, which in cases the last rule processed did not have the requested attributes led to using the default user context.
* NSS: Add override_shell optionStephen Gallagher2012-07-209-2/+49
| | | | | | | | | If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087
* MAN: Improvements to the AD provider manpageStephen Gallagher2012-07-202-0/+114
| | | | | | | Add information about ID mapping (including how to disable it) as well as information on how to handle homedir and shell. https://fedorahosted.org/sssd/ticket/1433
* MAN: List all available backends for provider optionsStephen Gallagher2012-07-201-14/+84
| | | | https://fedorahosted.org/sssd/ticket/1432
* Update translations for 1.9.0 beta 5 releasesssd-1_9_0_beta5sssd-1_8_95Jakub Hrozek2012-07-1812-2298/+15641
|
* PAM: Fix off-by-one-error in the SELinux session codeJakub Hrozek2012-07-181-1/+1
|
* AD: Fix defaults for krb5_canonicalizeStephen Gallagher2012-07-181-2/+2
| | | | | | The AD provider cannot function with canonicalization because of a bug in Active Directory rendering it unable to complete a password-change while canonicalization is enabled.
* Fix uninitialized valuesNick Guay2012-07-1812-23/+23
| | | | https://fedorahosted.org/sssd/ticket/1379
* IPA: Return and save all SELinux rules in the providerJakub Hrozek2012-07-181-47/+27
| | | | https://fedorahosted.org/sssd/ticket/1421
* SYSDB: Delete SELinux mappingsJakub Hrozek2012-07-182-0/+19
|
* IPA: Download defaults even if there are no SELinux mappingsJakub Hrozek2012-07-181-60/+59
| | | | | We should always download the defaults because even if there are no rules, we might want to use (or update) the defaults.
* Modify priority evaluation in SELinux user mapsJan Zeleny2012-07-185-9/+113
| | | | | | | | | | | | | | | | | | | The functionality now is following: When rule is being matched, its priority is determined as a combination of user and host specificity (host taking preference). After the rule is matched in provider, only its host priority is stored in sysdb for later usage. When rules are matched in the responder, their user priority is determined. After that their host priority is retrieved directly from sysdb and sum of both priorities is user to determine whether to use that rule or not. If more rules have the same priority, the order given in IPA config is used. https://fedorahosted.org/sssd/ticket/1360 https://fedorahosted.org/sssd/ticket/1395
* Add function sysdb_attrs_copy_values()Jan Zeleny2012-07-182-0/+27
| | | | | This function copies all values from one sysdb_attrs structure to another
* LDAP: Properly cast type for MINSSF valueJan Vcelak2012-07-181-11/+9
|
* Fixed: Uninitialized value in krb5_child-test if ccname was specified.Michal Zidek2012-07-181-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1411
* Fixed: Unchecked return value from dp_opt_set_int.Michal Zidek2012-07-181-1/+5
|
* Fixed wrong number in shadowLastChangeJan Zeleny2012-07-161-1/+2
| | | | | The attribute is supposed to contain number of days since the epoch, not the number of seconds.
* sudo test client: avoid SIGSEGV when run without argumentsPavel Březina2012-07-161-1/+1
| | | | SIGSEGV occured when sss_sudo_cli was run without any arguments.
* resolv_gethostbyname_send: strdup hostname to work properly when hostname is ↵Pavel Březina2012-07-161-5/+12
| | | | | | | | | allocated on stack If we provide a hostname that was allocated on stack, it may contain invalid data in the time when it is actually resolved. This patch fixes it.
* AD: Add missing DP option terminatorStephen Gallagher2012-07-161-1/+2
|
* Add newline to DEBUG messagesJakub Hrozek2012-07-121-2/+2
|
* Fix typo: exhasution->exhaustion.Yuri Chornoivan2012-07-101-1/+1
|
* Update translations for 1.9.0 beta 4 releasesssd-1_9_0_beta4sssd-1_8_94Jakub Hrozek2012-07-1011-5689/+7545
|
* Cast uid_t to unsigned long long in DEBUG messagesJakub Hrozek2012-07-104-10/+11
|
* Print based on pointer contents not addressJakub Hrozek2012-07-101-1/+3
|
* Fix segfault when using local providerStephen Gallagher2012-07-101-6/+5
| | | | | | | | | The name context was not being initialized for local provider domains because it was handled after skipping over the back-end initialization routine. This patch moves the name context init routine to occur earlier. https://fedorahosted.org/sssd/ticket/1412
* pac responder: limit access by checking UIDsSumit Bose2012-07-109-10/+378
| | | | | | | | | | | | A check for allowed UIDs is added in the common responder code directly after accept(). If the platform does not support reading the UID of the peer but allowed UIDs are configured, access is denied. Currently only the PAC responder sets the allowed UIDs for a socket. The default is that only root is allowed to access the socket of the PAC responder. Fixes: https://fedorahosted.org/sssd/ticket/1382
* Remove dead code in ipa_subdomains_handler_done()Sumit Bose2012-07-101-1/+1
| | | | Fixes https://fedorahosted.org/sssd/ticket/1410
* Remove resource leak in sssdpac_import_authdataSumit Bose2012-07-101-3/+1
| | | | Fixes https://fedorahosted.org/sssd/ticket/1409
* Fix incorrect error-checkStephen Gallagher2012-07-091-1/+1
| | | | Coverity #12770
* Check for errors from krb5_unparse_nameStephen Gallagher2012-07-091-1/+8
| | | | Coverity #12781
* Add missing return value checkStephen Gallagher2012-07-091-1/+1
| | | | Coverity #12782
* Avoid NULL-dereference in error-handlingStephen Gallagher2012-07-091-1/+3
| | | | Coverity #12783
* Fix uninitialized memcpy errorStephen Gallagher2012-07-091-0/+2
| | | | Coverity #12784
* Fix uninitialized value returnStephen Gallagher2012-07-091-1/+1
| | | | Coverity #12786
* Fix potential NULL-dereferenceStephen Gallagher2012-07-091-1/+3
| | | | Coverity #12797
* Fix incorrect return value in testsStephen Gallagher2012-07-091-0/+2
| | | | Coverity #12798
* Fix potential NULL-dereferenceStephen Gallagher2012-07-091-1/+2
| | | | Coverity #12800
* Fix potential NULL-dereferenceStephen Gallagher2012-07-091-1/+3
| | | | Coverity #12801
* Fix uninitialized variableStephen Gallagher2012-07-091-0/+1
| | | | Coverity #12802
* Fix use-after-freeStephen Gallagher2012-07-091-0/+1
| | | | Coverity #12803
* heimdal: use sss_krb5_princ_realm to access realmRambaldi2012-07-091-4/+11
|
* heimdal: fix compile error in krb5-child-testRambaldi2012-07-092-0/+5
|
generated by cgit (git 2.34.1) at 2024-04-25 10:29:05 +0000