| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.
https://fedorahosted.org/sssd/ticket/980
|
|
|
|
|
|
|
|
|
|
| |
If a pam or nss module is dlcolse()d and unloaded we were leaking
the file descriptor used to communicate to sssd in the process.
Make sure the fucntion used to close the socket file descriptor is
called on dlclose()
Silence autoconf 2.28 warnings (Patch by Jakub Hrozek)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes for python HBAC bindings
These changes were proposed during a review:
* Change the signature of str_concat_sequence() to const char *
* use a getsetter for HbacRule.enabled to allow string true/false and
integer 1/0 in addition to bool
* fix a minor memory leak (HbacRequest.rule_name)
* remove overzealous discard consts
Fix python HBAC bindings for python <= 2.4
Several parts of the HBAC python bindings did not work with old Python
versions, such as the one shipped in RHEL5.
The changes include:
* a compatibility wrapper around python set object
* PyModule_AddIntMacro compat macro
* Py_ssize_t compat definition
* Do not use PyUnicode_FromFormat
* several function prototypes and structures used to have "char
arguments where they have "const char *" in recent versions.
This caused compilation warnings this patch mitigates by using
the discard_const hack on python 2.4
Remove dead code from python HBAC bindings
https://fedorahosted.org/sssd/ticket/935
Handle allocation error in python HBAC bindings
https://fedorahosted.org/sssd/ticket/934
HBAC rule validation Python bindings
https://fedorahosted.org/sssd/ticket/943
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add helper function msgs2attrs_array
This function converts a list of ldb_messages into a list of
sysdb_attrs.
Conflicts:
src/providers/ldap/ldap_common.c
src/providers/ldap/ldap_common.h
Add HBAC evaluator and tests
Add helper functions for looking up HBAC rule components
Remove old HBAC implementation
Add new HBAC lookup and evaluation routines
Conflicts:
Makefile.am
Add ipa_hbac_refresh option
This option describes the time between refreshes of the HBAC rules
on the IPA server.
Add ipa_hbac_treat_deny_as option
By default, we will treat the presence of any DENY rule as denying
all users. This option will allow the admin to explicitly ignore
DENY rules during a transitional period.
Treat NULL or empty rhost as unknown
Previously, we were assuming this meant it was coming from the
localhost, but this is not a safe assumption. We will now treat it
as unknown and it will fail to match any rule that requires a
specified srchost or group of srchosts.
libipa_hbac: Support case-insensitive comparisons with UTF8
UTF8 HBAC test
Fix memory leak in ipa_hbac_evaluate_rules
https://fedorahosted.org/sssd/ticket/933
Fix incorrect NULL check in ipa_hbac_common.c
https://fedorahosted.org/sssd/ticket/936
Require matched version and release for libipa_hbac
Add rule validator to libipa_hbac
https://fedorahosted.org/sssd/ticket/943
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new option to override primary GID number
https://fedorahosted.org/sssd/ticket/742
Add a new option to override home directory value
https://fedorahosted.org/sssd/ticket/551
Add new options to override shell value
https://fedorahosted.org/sssd/ticket/742
Conflicts:
src/conf_macros.m4
|
|
|
|
|
|
|
| |
Netlink 1.0 and older is buggy and unreliable, occasionally
causing tight-loops. We're no longer going to try to support it.
https://fedorahosted.org/sssd/ticket/755
|
|
|
|
|
|
|
|
|
| |
Utilizes PO4A to extract translatable strings from Docbook XML sources
and allows translators to submit ordinary .PO files. PO4A then generates
translated Docbook documents that can be used to generate translated end
user documentation.
https://fedorahosted.org/sssd/ticket/297
|
|
|
|
|
|
|
|
|
|
| |
Add mutexes around nss operations and serialize them.
This is necessary because nss operations may have global state.
For pam it is sufficient to protect socket operations instead.
As pam functions use only the provided pam handler.
Fixes: https://fedorahosted.org/sssd/ticket/640
|
|
|
|
|
|
|
| |
So far, the systemd unit file is only packaged but not used in any of
the packaged spec files.
Fixes: #483
|
|
|
|
| |
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
|
|
| |
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
|
|
|
|
| |
There is no longer a need to have nested Makefiles and configure
scripts. This patch combines the src/ Makefile and configure.ac
into the root.
|
|
|
|
|
|
|
| |
All files formerly in common are now being built individually out
of the ding-libs repository.
git clone git://git.fedorahosted.org/git/ding-libs.git
|
|
|
|
| |
Also update BUILD.txt
|
| |
|
| |
|
|
|
|
|
|
|
| |
This target is available only if building from a git checkout.
It will automatically populate the PRERELEASE_VERSION in
version.m4 with the current datestamp and git commit id for
creating an SRPM.
|
|
|
|
|
|
|
|
| |
This is the preferred way of setting the version in a file, as
autotools will properly monitor this file for changes and rerun
autoconf/configure when necessary to update the version. This
means that we don't need to manually perform an autoreconf in
order to build a new RPM
|
|
|
|
|
|
| |
This will add a second, optional line to the VERSION file that
will be used by the automated build scripts to create snapshot
versions.
|
|
|
|
|
| |
- replaced mailing list address
- let sssd base components read version from VERSION
|
|
|
|
| |
Support RHEL 5 in the spec file
|
|
|
|
| |
Update gettext strings
|
| |
|
| |
|
|
Also update RPM spec and build procedures.
|