summaryrefslogtreecommitdiffstats
path: root/src/config
Commit message (Collapse)AuthorAgeFilesLines
* Add autofs-related options to configAPIJakub Hrozek2012-08-132-1/+12
| | | | https://fedorahosted.org/sssd/ticket/1478
* SSSDConfig: Fix nonfunctional SSSDDomain.remove_provider()Stephen Gallagher2012-08-052-0/+10
| | | | | | Also adds a regression test to the unit test suite. https://fedorahosted.org/sssd/ticket/1388
* Primary server support: new option in AD providerJan Zeleny2012-08-012-0/+2
| | | | | | This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
* Primary server support: new option in IPA providerJan Zeleny2012-08-012-0/+2
| | | | | | This patch adds support for new config option ipa_backup_server. The description of this option's functionality is included in man page in one of previous patches.
* Primary server support: new options in krb5 providerJan Zeleny2012-08-015-0/+14
| | | | | | This patch adds support for new config options krb5_backup_server and krb5_backup_kpasswd. The description of this option's functionality is included in man page in one of previous patches.
* Primary server support: new option in ldap providerJan Zeleny2012-08-014-0/+6
| | | | | | This patch adds support for new config option ldap_backup_uri. The description of this option's functionality is included in man page in previous patch.
* Fix SSSDConfigTestJakub Hrozek2012-07-241-1/+2
|
* add hostid and subdomains sections in sssd-ipa.confPavel Březina2012-07-231-1/+5
| | | | https://fedorahosted.org/sssd/ticket/1368
* NSS: Add override_shell optionStephen Gallagher2012-07-203-0/+5
| | | | | | | | | If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087
* pac responder: limit access by checking UIDsSumit Bose2012-07-103-2/+11
| | | | | | | | | | | | A check for allowed UIDs is added in the common responder code directly after accept(). If the platform does not support reading the UID of the peer but allowed UIDs are configured, access is denied. Currently only the PAC responder sets the allowed UIDs for a socket. The default is that only root is allowed to access the socket of the PAC responder. Fixes: https://fedorahosted.org/sssd/ticket/1382
* AD: Add manpages and SSSDConfig entriesStephen Gallagher2012-07-063-1/+128
|
* Fix SSSDConfigTest for separate build directoriesSumit Bose2012-07-061-8/+9
|
* sudo: add host info optionsPavel Březina2012-06-292-0/+10
| | | | | | | | | | Adds some option that allows to manually configure a host filter. ldap_sudo_use_host_filter - if false, we will download all rules regardless their sudoHost attribute ldap_sudo_hostnames - list hostnames and/or fqdn that should be downloaded, separated with spaces ldap_sudo_ip - list of IPv4/6 address and/or network that should be downloaded, separated with spaces ldap_sudo_include_netgroups - include rules that contains netgroup in sudoHost ldap_sudo_include_regexp - include rules that contains regular expression in sudoHost
* sudo: clean upPavel Březina2012-06-292-2/+0
|
* sudo provider: add ldap_sudo_smart_refresh_intervalPavel Březina2012-06-292-0/+2
|
* sudo provider: remove old timerPavel Březina2012-06-292-4/+0
|
* sudo provider: add ldap_sudo_full_refresh_intervalPavel Březina2012-06-292-0/+2
|
* confdb: add entry_cache_sudo_timeout optionPavel Březina2012-06-293-0/+4
|
* Add support for ID rangesSumit Bose2012-06-212-0/+2
|
* Make the client idle timeout configurableStephen Gallagher2012-06-183-1/+4
|
* LDAP: Add ldap_*_use_matching_rule_in_chain optionsStephen Gallagher2012-06-133-0/+7
|
* Allow fast memcache timeout to be configurableJan Zeleny2012-06-102-0/+2
| | | | https://fedorahosted.org/sssd/ticket/1318
* IPA subdomains - ask for information about master domainJan Zeleny2012-06-102-0/+2
| | | | | | | The query is performed only if there is missing information in the cache. That means this should be done only once after restart when cache doesn't exist. All subsequent requests for subdomains won't include the request for master domain.
* Fix the default sssd.conf pathJakub Hrozek2012-06-051-1/+1
|
* SSSDConfig: Make default config and schema file locations configurableStephen Gallagher2012-05-312-7/+7
| | | | https://fedorahosted.org/sssd/ticket/1008
* SSSDConfig: Make SSSDConfig a packageStephen Gallagher2012-05-314-5/+1
| | | | | We were polluting the primary Python space with several dependencies. We will now install them their own directory/module.
* Fix typos in message and man pages.Yuri Chornoivan2012-05-141-1/+1
|
* NSS: Add default_shell optionStephen Gallagher2012-05-092-0/+2
| | | | | | | This option will allow administrators to set a default shell to be used if a user does not have one set in the identity provider. https://fedorahosted.org/sssd/ticket/1289
* NSS: Add fallback_homedir optionStephen Gallagher2012-05-093-0/+5
| | | | | | | | This option is similar to override_homedir, except that it will take effect only for users that do not have an explicit home directory specified in LDAP. https://fedorahosted.org/sssd/ticket/1250
* SSSDConfigAPI: Fix missing option in testsStephen Gallagher2012-05-041-0/+2
|
* Modify behavior of pam_pwd_expiration_warningJan Zeleny2012-05-041-0/+1
| | | | | | | | | | | | | | | | | | New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider.
* LDAP: Map the user's primaryGroupIDStephen Gallagher2012-05-033-0/+3
|
* LDAP: Allow setting a default domain for id-mapping slice 0Stephen Gallagher2012-05-033-0/+6
|
* LDAP: Add autorid compatibility modeStephen Gallagher2012-05-033-0/+3
|
* LDAP: Add ID mapping range settingsStephen Gallagher2012-05-033-0/+10
|
* LDAP: Add id-mapping optionStephen Gallagher2012-05-033-0/+3
|
* LDAP: Add objectSID config optionStephen Gallagher2012-05-033-0/+6
|
* SSH: Add support for hashed known_hostsJan Cholasta2012-04-242-0/+4
| | | | https://fedorahosted.org/sssd/ticket/1203
* IPA: Add get-domains targetSumit Bose2012-04-241-0/+1
|
* data provider: added subdomainsSumit Bose2012-04-242-2/+5
|
* Responder part of the subdomain retrieval workJan Zeleny2012-04-241-0/+2
|
* Make the monitor SIGKILL time configurableJakub Hrozek2012-04-203-0/+3
| | | | https://fedorahosted.org/sssd/ticket/1119
* proxy: new option proxy_fast_aliasJakub Hrozek2012-04-202-0/+2
|
* Fix regression in SSSDConfig.pyJakub Hrozek2012-04-051-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1291
* Fix typo in autofs option descriptionStephen Gallagher2012-02-281-1/+1
|
* SELinux related attributes added to config APIJan Zeleny2012-02-242-1/+11
|
* IPA hosts refactoringJan Zeleny2012-02-241-0/+20
|
* RESPONDERS: Make the fd_limit setting configurableStephen Gallagher2012-02-173-1/+4
| | | | | | | | | | This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197
* Add ssh service to sssd.api.confJan Cholasta2012-02-102-2/+7
|
* Add methods for activating and deactivating services to SSSDConfigJan Cholasta2012-02-103-0/+268
|
generated by cgit (git 2.34.1) at 2024-04-26 15:37:01 +0000