| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Each test creates an instance it LMI_Account, then intentionally
cripples one of system files related to users/groups, and performs
a simple sanity test that checks if instance properties are readable.
|
| |
|
|
| |
Fix nonsense if statement in indication_common.c.
|
| |
|
|
|
|
|
|
| |
Based on bug 1061153, these tests attempt to create, modify or delete
users from a number of threads.
Clean up is done by reverting backup of /etc/passwd, /etc/groups,
/etc/shadow and /etc/gshadow.
|
| |
|
|
|
|
|
|
|
| |
This patch solves:
* Avoid race conditions with shadow-utils.
* Avoid race condition with libuser: uid/gid "sharing" amoung users/groups.
* Fix deadlock in lock.c code.
This patch introduces giant lock which is held for all write operations.
|
| | |
|
| |
|
|
| |
Updated copyright years to include new year 2014.
|
| |
|
|
| |
This patch removes trailing spaces from source files.
|
| |
|
|
|
|
|
|
|
| |
Glibc provides convenient lock functions to protect passwd and shadow files.
This commit makes use of them for any write operation.
Read access is still unprotected for the time being for performance reasons.
https://fedorahosted.org/openlmi/ticket/205
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some tests expect that exceptions won't be thrown out of LMIShell's
functions. Others prefers them and enable them globally. This causes
problems when running under nosetests all provider tests at once.
Tests that modified enablement of exception throws globally caused
others to fail.
This patch makes sure that each TestCase has defined use of exceptions.
Default state is to have them disabled. If a TestCase prefers having
them enabled, just one variable needs to be overriden in its body:
class AccountBase(lmibase.LmiTestCase):
USE_EXCEPTIONS = True
|
| | |
|
| |
|
|
| |
Unused variable, unused assignment.
|
| |
|
|
|
|
|
|
|
| |
Found by clang analysis:
Error: PW.BRANCH_PAST_INITIALIZATION:
openlmi-providers-0.4.1_75_gf47c906/src/account/LMI_AccountProvider.c:324: branch_past_initialization: transfer of control bypasses initialization of:
openlmi-providers-0.4.1_75_gf47c906/src/account/LMI_AccountProvider.c:324: caretline: ^
openlmi-providers-0.4.1_75_gf47c906/src/account/LMI_AccountProvider.c:324: name_at_decl_position: variable "groups" (declared at line 328)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In certain cases password may be stored in /etc/passwd directly and we
need to tell libuser where to pull the password from. This patch
automatically falls back to /etc/passwd if there's no password found
in /etc/shadow. In case password retrieval fails in both cases, the
UserPassword and UserPasswordEncoding LMI_Account properties are left
unset.
Based on a patch by Klaus Kämpf <kkaempf@suse.de>
https://bugzilla.redhat.com/show_bug.cgi?id=1031334
|
| |
|
|
|
| |
...to prevent race of the watcher thread still using data that has been
freed just a moment ago.
|
| |
|
|
| |
GValue memory management is tricky...
|
| |
|
|
|
|
|
|
|
|
|
| |
The filter checker code was kinda duplicate across providers and no special
plans have been made for it. This change makes passing a filter checker callback
during indication manager creation no longer mandatory and default filter
checker will be used when NULL. However, the list of acceptable classes need
to be registered before first use.
This change also brings greater flexibility of the filter query which may now
consist of multiple limit conditions.
|
| |
|
|
| |
Don't create very long strings (although it's a nice stress to CIMOM).
|
| |
|
|
|
|
|
|
|
|
| |
It was impossible to remove user when its home directory was unable
to delete, e.g. either pointing to a bad location or inaccessible as
in not being mounted, etc. Even the "force" argument didn't help.
For this reason, any failure on homedir deletion is now ignored and
a warning is noted in the log. The particular error return code is
unused now but kept in the MOF file for compatibility, adding a note.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the way the inotify watching is done. Instead of
watching files directly, we watch the directory they reside in and just
filter out changes in files we don't want to watch. This brings a benefit
of reliable notification through file deletions and other inode number
changing changes. It's also less racy as we had to recreate watches on
IN_IGNORED events with possibility of missing some events. File deletions
or atomic replaces were always problematic.
There are some lingering issues however. The most severe is a problem of
shadow files and libuser calls. At the time the event is processed further
in the gather() method, shadow files may not been updated yet. This causes
libuser to miss some information required for proper CIM object instance
construction, potentially propagating half-baked data to the user. This
could be solved by implementing a settle timeout, possibly compressing
more fast-coming events into one. For the moment a simple artificial
sleep has been put before returning from the watcher in good hope shadow
files are updated properly.
Then there's a current problem of throwing out the rest of the read buffer,
losing notifications of other files if watched. This is by current design
of the watcher callback and could be fixed by implementing proper event
queue.
|
| |
|
|
|
|
|
| |
CMake doesn't like spaces around version requirements in pkg-config checks.
Unfortunately also maintains configure cache and doesn't pick the changes in
CMakeLists.txt up automatically so my typo went unspotted during testing.
Damn.
|
| |
|
|
|
| |
The commit aac4d3a0d1dc brought new symbols in the code without bumping
libuser version req.
|
| | |
|
| |
|
|
|
| |
Potential double free or freeing of uninitialized memory. Fixes some
asserts thrown from libuser.
|
| |
|
|
|
|
|
|
|
|
| |
This is an attempt to get rid of most probable race conditions by creating
inotify watches outside the watcher thread and making them persistent for
the whole time the indication subscription is active. There's a certain
amount of time when watching if off due to gather part of the indication
manager. Leaving a watch fd open with active watches allows us to queue
events that we process next time the watcher is called (once gather part
is finished).
|
| |
|
|
|
| |
Base test classes have been renamed, this patch makes small provider
tests working again.
|
| |
|
|
| |
Whitespaces hunting.
|
| | |
|
| |
|
|
|
|
| |
1) Account: Use new atomic libuser api.
2) Account: Added author and license to lock.c and lock.h.
3) Account: Added group locking to LMI_AccountProvider.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
PG_ComputerSystem has different method how to get hostname than our
providers. In order to create the associations to this class we need to
enumerate it. The downside is that all providers must supply CMPIContext
to the lmi_init function.
New function lmi_get_computer_system returns CMPIObjectPath to the
configured CIM_ComputerSystem subclass instance. This object should be
used in all references with ComputerSystem.
Function lmi_get_system_name has been altered to return same value as
ComputerSystem "Name" property.
|
| |
|
|
| |
Done for: Account, Journald and LogicalFile
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
- Everything is in openlmi-providers/doc/admin directory.
- 'make doc' automatically builds documentation of all
enabled providers.
- Documentation shares one 'conf.py' for sphinx.
- All documentation uses the same directory structure.
There is only one CMakefile.txt to generate all the docs.
|
| | |
|
| |
|
|
|
|
|
| |
And get rid of sblim-cmpi-base dependency.
It would be nice if our tests have an option to select Linux_ComputerSystem
or PG_ComputerSystem in the future...
|
| |
|
|
|
|
| |
Use dict parameter in first_instance method
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| |
|
|
| |
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| |
|
|
| |
Note that the theme is BSD-licensed.
|
| |
|
|
|
|
|
|
|
| |
In overall documentation, generated by tools/gendoc utility, we do not want
to include description of classes from individual OpenLMI providers in their
docs.
Instead, we want to have one reference with _all_ OpenLMI classes, which will
the individual providers reference.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
User deletetion is done by DeleteUser method. Added similar method
to delete a group.
Also do the check if the group isn't a primary group of a user.
Changed documentation accordingly.
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| |
|
|
| |
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| |
|
|
|
|
| |
libuser has a mechanism to encrypt password
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Toplevel openlmi configuration file (/etc/openlmi/openlmi.conf) now
contains common configuration options for all providers. Configuration
for each provider could be overriden in provider-specific config
(/etc/openlmi/$provider/$provider.conf).
This patch also modify config file handling in python providers to
include this config file.
There is also support for C providers (in libopenlmicommon) for reading
these config files and providing default configuration options.
|
| | |
|
| | |
|
| |
|
|
| |
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
| |
|
|
| |
Signed-off-by: Roman Rakus <rrakus@redhat.com>
|
