Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use fewer transactions during IPA initgroups | Jakub Hrozek | 2011-10-17 | 1 | -171/+286 |
| | |||||
* | Use fewer transactions during RFC2307bis initgroups | Jakub Hrozek | 2011-10-17 | 1 | -368/+397 |
| | |||||
* | Utility functions for LDAP nested schema initgroups | Jakub Hrozek | 2011-10-17 | 1 | -0/+119 |
| | |||||
* | MONITOR: fix timeout conversion | Stephen Gallagher | 2011-10-17 | 1 | -1/+1 |
| | |||||
* | Sanitize DN in sysdb_get_direct_parents | Jakub Hrozek | 2011-10-17 | 1 | -1/+7 |
| | |||||
* | Add a missing break | Jakub Hrozek | 2011-10-17 | 1 | -0/+1 |
| | |||||
* | Update sssd-example.conf | Marko Myllynen | 2011-10-14 | 1 | -3/+6 |
| | | | | | | Mention cache_credentials and tweak the AD example to match the wiki page. https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server | ||||
* | Report on errno, not return code in create_socket_symlink | Jakub Hrozek | 2011-10-14 | 1 | -0/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/1044 | ||||
* | Fix off-by-one error in remove_socket_symlink() | Jakub Hrozek | 2011-10-14 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1043 | ||||
* | Fixed timeout handling in responders | Jan Zeleny | 2011-10-14 | 1 | -72/+72 |
| | |||||
* | HBAC: Use originalMember for identifying hostgroups | Stephen Gallagher | 2011-10-14 | 3 | -45/+165 |
| | |||||
* | HBAC: Use originalMember for identifying servicegroups | Stephen Gallagher | 2011-10-14 | 3 | -41/+169 |
| | |||||
* | HBAC: Do not save member/memberOf links | Stephen Gallagher | 2011-10-14 | 1 | -120/+0 |
| | | | | We can just trust the values from the FreeIPA server | ||||
* | Check if dp_requests hash table exists before using it | Jakub Hrozek | 2011-10-13 | 1 | -0/+5 |
| | |||||
* | Do not delete requests inside hash_iterate loop | Jakub Hrozek | 2011-10-13 | 1 | -10/+12 |
| | |||||
* | Streamline the example config | Jakub Hrozek | 2011-10-13 | 1 | -72/+28 |
| | | | | https://fedorahosted.org/sssd/ticket/1014 | ||||
* | man page fix (lists are comma-separated) | Jan Zeleny | 2011-10-13 | 3 | -4/+4 |
| | | | | https://fedorahosted.org/sssd/ticket/1024 | ||||
* | Append PID to sbus server socket name, let clients use a symlink | Jakub Hrozek | 2011-10-13 | 7 | -21/+175 |
| | | | | https://fedorahosted.org/sssd/ticket/1034 | ||||
* | Add option to follow symlinks to check_file() | Jakub Hrozek | 2011-10-13 | 6 | -7/+35 |
| | |||||
* | Fix typo in sysdb_get_direct_parents | Jakub Hrozek | 2011-10-06 | 1 | -1/+1 |
| | |||||
* | Use explicit base 10 for converting strings to integers | Jakub Hrozek | 2011-10-03 | 5 | -8/+8 |
| | | | | https://fedorahosted.org/sssd/ticket/1013 | ||||
* | Return users and groups based on alias | Jakub Hrozek | 2011-10-03 | 3 | -8/+10 |
| | | | | https://fedorahosted.org/sssd/ticket/926 | ||||
* | Store name aliases for users, groups | Jakub Hrozek | 2011-10-03 | 3 | -37/+220 |
| | |||||
* | Add a sysdb_get_direct_parents function | Jakub Hrozek | 2011-10-03 | 3 | -57/+113 |
| | |||||
* | Add sysdb interface to get name aliases | Jakub Hrozek | 2011-10-03 | 2 | -1/+64 |
| | |||||
* | HBAC: fix typos preventing proper hostgroup evaluation | Stephen Gallagher | 2011-09-28 | 1 | -3/+3 |
| | |||||
* | IPA access: hostname comparison should be case-insensitive | Jakub Hrozek | 2011-09-28 | 1 | -1/+1 |
| | |||||
* | Added quiet option to pam_sss | Pavel Březina | 2011-09-20 | 2 | -5/+36 |
| | | | | https://fedorahosted.org/sssd/ticket/894 | ||||
* | Fix uninitialized pointer read in sdap_gssapi_get_default_realm() | Jakub Hrozek | 2011-09-20 | 1 | -1/+1 |
| | | | | https://fedorahosted.org/sssd/ticket/1003 | ||||
* | Add missing options to sssd.api.conf | Marko Myllynen | 2011-09-20 | 3 | -3/+26 |
| | |||||
* | MAN: Add more information about internal credential storage | Stephen Gallagher | 2011-09-20 | 2 | -1/+8 |
| | |||||
* | MONITOR: Correctly detect lack of response from services | Stephen Gallagher | 2011-09-15 | 1 | -21/+26 |
| | | | | | | | | | | We were incorrectly using DBUS_ERROR_TIMEOUT here. The correct behaviour is to check for DBUS_ERROR_NO_REPLY. This way we will properly handle the three-tries in the tasks_check_handler(). Additionally, we weren't properly handling failure counts correctly, meaning we weren't restarting stuck services in a timely manner. | ||||
* | Improve documentation of libipa_hbac | Stephen Gallagher | 2011-09-08 | 2 | -21/+1697 |
| | |||||
* | Do not access memory out of bounds | Sumit Bose | 2011-09-07 | 1 | -2/+2 |
| | |||||
* | Improve error message for LDAP password constraint violation | Jakub Hrozek | 2011-09-06 | 3 | -16/+29 |
| | | | | https://fedorahosted.org/sssd/ticket/985 | ||||
* | sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string() | Pavel Březina | 2011-09-06 | 4 | -38/+38 |
| | | | | https://fedorahosted.org/sssd/ticket/986 | ||||
* | sss_ldap_err2string() - function created | Pavel Březina | 2011-09-06 | 3 | -2/+16 |
| | | | | https://fedorahosted.org/sssd/ticket/986 | ||||
* | Add option to specify the kerberos replay cache dir | Stephen Gallagher | 2011-09-02 | 7 | -0/+70 |
| | | | | | | | Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980 | ||||
* | Updating translation files for SSSD 1.5.13sssd-1_5_13 | Stephen Gallagher | 2011-08-29 | 57 | -4390/+5369 |
| | |||||
* | HBAC: Properly skip all non-group memberOf entries | Stephen Gallagher | 2011-08-29 | 1 | -1/+2 |
| | |||||
* | HBAC: Use of hostgroups for targethost or sourcehost was broken | Stephen Gallagher | 2011-08-26 | 1 | -4/+4 |
| | | | | | We were trying to look up the wrong attribute for the name of the hostgroup. | ||||
* | HBAC: Handle saving groups that have no members | Stephen Gallagher | 2011-08-26 | 1 | -7/+21 |
| | |||||
* | Use the default Kerberos realm for LDAP with GSSAPI auth | Jakub Hrozek | 2011-08-26 | 1 | -3/+55 |
| | | | | https://fedorahosted.org/sssd/ticket/970 | ||||
* | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 2011-08-26 | 8 | -3/+33 |
| | | | | https://fedorahosted.org/sssd/ticket/978 | ||||
* | Improve password policy error code and message | Sumit Bose | 2011-08-25 | 1 | -4/+9 |
| | | | | | | Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied. | ||||
* | Return the first value of name if the multivalued name attribute does not ↵ | Jakub Hrozek | 2011-08-25 | 1 | -3/+4 |
| | | | | | | match RDN https://fedorahosted.org/sssd/ticket/926 | ||||
* | Handle timeout during sss_ldap_init_send | Jakub Hrozek | 2011-08-15 | 3 | -3/+41 |
| | | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds. | ||||
* | Use sysdb attribute name for GID, not LDAP attribute | Stephen Gallagher | 2011-08-11 | 1 | -3/+3 |
| | |||||
* | Allow the O_NONBLOCK flag to be reset correctly | Ralf Haferkamp | 2011-08-11 | 1 | -14/+0 |
| | | | | | | | | | | sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952 | ||||
* | Prevent segfault if vetoed_shells are specified without allowed_shells | Jakub Hrozek | 2011-08-08 | 1 | -16/+19 |
| | | | | https://fedorahosted.org/sssd/ticket/954 |