sssd.git/src/db/sysdb_selinux.c, branch simo Unnamed repository; edit this file to name it for gitweb. Add domain argument to sysdb selinux functions 2013-01-11T15:43:14+00:00 Simo Sorce simo@redhat.com 2013-01-08T05:48:12+00:00 787bc08f689e5e7ec0d452c1fc3e5daf3329c2fd 






Add domain to sysdb_search_user_by_name()
2013-01-11T15:43:10+00:00

Simo Sorce
simo@redhat.com

2013-01-06T23:24:12+00:00

6335aadf224de5159d914688bc3c7360ea3a7188

Also remove unused sysdb_search_domuser_by_name()





Also remove unused sysdb_search_domuser_by_name()







Remove the sysdb_ctx_get_domain() function.
2013-01-11T15:43:09+00:00

Simo Sorce
simo@redhat.com

2013-01-06T15:39:30+00:00

d5b380736292a289c241f89e454ac68c8b53224b

We are deprecating sysdb->domain so kill the function that gives access to
this member as we should stop relying on it being available (or correct).





We are deprecating sysdb->domain so kill the function that gives access to
this member as we should stop relying on it being available (or correct).







SYSDB: Split a function to read all SELinux maps
2013-01-08T16:14:54+00:00

Jakub Hrozek
jhrozek@redhat.com

2013-01-06T22:44:30+00:00

6f0daa807ac0bb560353c5d5e25638cf1972f79f












SELinux: Always use the default if it exists on the server
2012-09-13T16:11:59+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-09-13T08:07:29+00:00

ebb1f28998c06984765e3e78d30911c1c3ec84e2

https://fedorahosted.org/sssd/ticket/1513

This is a counterpart of the FreeIPA ticket https://fedorahosted.org/freeipa/ticket/3045

During an e-mail discussion, it was decided that

    * if the default is set in the IPA config object, the SSSD would use
      that default no matter what
    * if the default is not set (aka empty or missing), the SSSD
      would just use the system default and skip creating the login
      file altogether





https://fedorahosted.org/sssd/ticket/1513

This is a counterpart of the FreeIPA ticket https://fedorahosted.org/freeipa/ticket/3045

During an e-mail discussion, it was decided that

    * if the default is set in the IPA config object, the SSSD would use
      that default no matter what
    * if the default is not set (aka empty or missing), the SSSD
      would just use the system default and skip creating the login
      file altogether







DB: Always write the SELinux object to sysdb
2012-09-13T16:11:59+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-09-13T09:44:12+00:00

894d18ff4178f40a18bbfece8fae270d8307eac6

There's no point in checking if the object already exists because we always
wipe the whole sysdb subtree. We were also immediatelly cancelling the
transaction because we'd jump to goto, even though it was with EOK.





There's no point in checking if the object already exists because we always
wipe the whole sysdb subtree. We were also immediatelly cancelling the
transaction because we'd jump to goto, even though it was with EOK.







Unify usage of sysdb transactions (part 2).
2012-09-04T11:56:32+00:00

Michal Zidek
mzidek@redhat.com

2012-08-15T08:56:21+00:00

3a59cbd0b7b9c5dd3c62ac1679876070c264d80f












Only create the SELinux login file if there are mappings on the server
2012-08-16T11:31:03+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-08-05T20:37:09+00:00

f004e23af14fe020d81b8f97f30b448105b79606

https://fedorahosted.org/sssd/ticket/1455

In case there are no rules on the IPA server, we must simply avoid generating
the login file. That would make us fall back to the system-wide default
defined in /etc/selinux/targeted/seusers.

The IPA default must be only used if there *are* rules on the server,
but none matches.





https://fedorahosted.org/sssd/ticket/1455

In case there are no rules on the IPA server, we must simply avoid generating
the login file. That would make us fall back to the system-wide default
defined in /etc/selinux/targeted/seusers.

The IPA default must be only used if there *are* rules on the server,
but none matches.







Fix sysdb_search_selinux_usermap_by_username return value
2012-07-20T18:26:58+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-07-19T16:00:29+00:00

21b3c8aff20d1987add2a93561653a3d6a9685d4

There was a logic bug in sysdb_search_selinux_usermap_by_username that
resulted in returning the value the variable "ret" had after the last
call to sysdb_attrs_get_uint32_t, which in cases the last rule processed
did not have the requested attributes led to using the default user
context.





There was a logic bug in sysdb_search_selinux_usermap_by_username that
resulted in returning the value the variable "ret" had after the last
call to sysdb_attrs_get_uint32_t, which in cases the last rule processed
did not have the requested attributes led to using the default user
context.







Fix uninitialized values
2012-07-18T18:07:45+00:00

Nick Guay
nguay@redhat.com

2012-07-18T15:55:35+00:00

8bbf89c5ab798c112773fe23515c3a9df56dde71

https://fedorahosted.org/sssd/ticket/1379





https://fedorahosted.org/sssd/ticket/1379