| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
To make sure that e.g. the short/NetBIOS domain name is available this
patch make sure that the responders send a get_domains request to their
backends at startup the collect the domain information or read it from
the cache if the backend is offline.
For completeness I added this to all responders even if they do not need
the information at the moment.
Fixes https://fedorahosted.org/sssd/ticket/1951
|
|
|
|
|
|
| |
--missing arguments.
--format '%s', but argument is integer.
--wrong format string, examle: '%\n'
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1912
SUDO rules are stored under cn=ipa.domain,cn=sysdb tree but sobdomains
users are in cn=sub.domain,cn=sysdb. When we search for rules for
subdomain users we have to switch domain context to parent.
|
|
|
|
|
|
| |
Recent refactoring removed the need to copy the domain info data of
sub-domains because the related objects will not be removed from memory
anymore.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1864
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1575
The hierarchy is now:
main_ctx -> responder_ctx -> specific_ctx
where specific_ctx is one of sudo, pam, etc.
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1825
|
|
|
|
|
|
| |
Remove code that tries to get the 'right' sysdb, as it is always going
to get the same answer anyway since the recent patches to rework the
domains/sysdb relationship.
|
|
|
|
|
|
|
| |
Use this function instead of explicitly calling domain->next
This function allows to get the next primary domain or to descend into the
subdomains and replaces also get_next_dom_or_subdom()
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1779
2^32 should be enough to store sudo rules. size_t type was causing
troubles on big endian architectures, because it wasn't used
correctly in combination with D-Bus.
|
| |
|
|
|
|
| |
Also changes sysdb_search_custom_by_name()
|
|
|
|
|
|
| |
Also allows us to remove sysdb_subdom_get<pw/gr>nam() wrappers and restore
fqnames proper value in subdomains, by testing for a parent domain being
present or not.
|
|
|
|
|
|
|
| |
The monitor sends calls different sbus methods to different responders.
Instead of including headers of the particular responders directly in
monitor, which breaks layering a little, create a common header file
that will be included from src/responder/common/
|
|
|
|
|
|
|
|
|
|
|
| |
...and if sudo_timed = true.
https://fedorahosted.org/sssd/ticket/1688
A comma was missing in attribute list. This caused concatenation
of the two attributes so we requested one attribute called
"objectClasscn". This doesn't affect functionality, only debug
messages.
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1650
|
| |
|
|
|
|
|
|
|
|
| |
This caused troubles with subdomain users and it is not really
necessary. This patch does not change the protocol itself, that
should be done on the earliest possible occasion.
Part of https://fedorahosted.org/sssd/ticket/1616
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1616
|
| |
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1495
|
| |
|
|
|
|
| |
It is not an attribute.
|
|
|
|
|
| |
It does not contain name of the object class attribute but the value
itself. I renamed it to avoid confusion.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1379
|
|
|
|
| |
Coverity #12800
|
|
|
|
| |
Coverity #12801
|
| |
|
| |
|
| |
|
|
|
|
| |
sudosrv_get_sudorules_query_cache()
|
| |
|
|
|
|
|
|
|
|
|
| |
sss_sudo_type represents query type that comes to the responder
sss_dp_sudo_type represents query type to DP that is issued by the responder
I'm leaving current values of sss_dp_sudo_type untouched so the compilation
is not broken. Hovewer, they will be changed to new DP types once the DP
interface is updated.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1239
Test client was changed accordingly. The new usage is:
sss_sudo_cli username [uid]
If uid is not set, getpwnam(username) is called. It will retrieve
both default options and rules.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Allows different user/domain qualified names for different
domains. For example Domain\User or user@domain.
* The global re_expression and full_name_format options remain
as defaults for the domains.
* Subdomains get the re_expression and full_name_format of
their parent domain.
https://bugzilla.redhat.com/show_bug.cgi?id=811663
|
|
|
|
| |
Now it checks for subdomains as well as for the domain itself
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1236
|
|
|
|
|
|
| |
sudosrv_cache_lookup_internal
https://fedorahosted.org/sssd/ticket/1232
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function that handled pending requests on reconnect was checking an
orphaned global variable that was never used, redenring the whole function
uselsess.
This fixes a very nasty bug that was causing requests for which we never
received an answer for (for example because the backend failed and was
restarted) to be never removed and therefore causing a black hole effect for
any other request of the same type.
Fixes: https://fedorahosted.org/sssd/ticket/1229
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1205
|