sssd.git/src/providers/dp_backend.h, branch simo Unnamed repository; edit this file to name it for gitweb. DP: invalidate all cached maps if a request for auto.master comes in 2012-12-18T16:25:34+00:00 Jakub Hrozek jhrozek@redhat.com 2012-12-15T12:20:30+00:00 06cb67c391dd8c2b1542a7d87fb5568fdad448cb If the Data Provider receives a request for the auto.master map, it passes on a flag to let the actual provider let know he should invalidate the existing maps 
If the Data Provider receives a request for the auto.master map, it
passes on a flag to let the actual provider let know he should
invalidate the existing maps
FO: Check server validity before setting status 2012-09-13T14:51:38+00:00 Jakub Hrozek jhrozek@redhat.com 2012-09-12T17:23:48+00:00 d25e7c659361ebd794ef011dc9305543f266e8c4 The list of resolved servers is allocated on the back end context and kept in the fo_service structure. However, a single request often resolves a server and keeps a pointer until the end of a request and only then gives feedback about the server based on the request result. This presents a big race condition in case the SRV resolution is used. When there are requests coming in in parallel, it is possible that an incoming request will invalidate a server until another request that holds a pointer to the original server is able to give a feedback. This patch simply checks if a server is in the list of servers maintained by a service before reading its status. https://fedorahosted.org/sssd/ticket/1364 
The list of resolved servers is allocated on the back end context and
kept in the fo_service structure. However, a single request often
resolves a server and keeps a pointer until the end of a request and
only then gives feedback about the server based on the request result.

This presents a big race condition in case the SRV resolution is used.
When there are requests coming in in parallel, it is possible that an
incoming request will invalidate a server until another request that
holds a pointer to the original server is able to give a feedback.

This patch simply checks if a server is in the list of servers
maintained by a service before reading its status.

https://fedorahosted.org/sssd/ticket/1364
Duplicate detection in fail over did not work. 2012-08-15T11:51:22+00:00 Michal Zidek mzidek@redhat.com 2012-08-13T14:37:13+00:00 9ab243b369ba317cc964080786dbcdebaf23d6be https://fedorahosted.org/sssd/ticket/1472 
https://fedorahosted.org/sssd/ticket/1472
Change refreshing of subdomains 2012-08-01T20:24:44+00:00 Simo Sorce simo@redhat.com 2012-07-20T16:36:43+00:00 efea50efda58be66638e5d38c8e57fdf9992f204 This patch keeps a local copy of the subdomains in the ipa subdomains plugin context. This has 2 advantages: 1. allows to check if anything changed w/o always hitting the sysdb. 2. later will allows us to dump this information w/o having to retrieve it again. The timestamp also allows to avoid refreshing too often. 
This patch keeps a local copy of the subdomains in the ipa subdomains plugin
context.
This has 2 advantages:
1. allows to check if anything changed w/o always hitting the sysdb.
2. later will allows us to dump this information w/o having to retrieve it
again. The timestamp also allows to avoid refreshing too often.
Use a more tractable name for subdomain request 2012-08-01T20:24:44+00:00 Simo Sorce simo@redhat.com 2012-07-19T23:00:27+00:00 067bfcaad9baae2d962528839fde30ebd1a5ba2b I am all for readable names, but there is a tradeof between expressing purpose and compactness. 
I am all for readable names, but there is a tradeof between expressing purpose
and compactness.
Change subdomain_info 2012-08-01T20:24:43+00:00 Simo Sorce simo@redhat.com 2012-07-19T21:40:40+00:00 b58460076fe843c11d736ae244c1ac979a6473a4 Rename the structure to use a standard name prefix so it is properly name-spaced, in preparation for changing the structure itself. 
Rename the structure to use a standard name prefix so it is properly
name-spaced, in preparation for changing the structure itself.
Primary server support: basic support in failover code 2012-08-01T14:19:41+00:00 Jan Zeleny jzeleny@redhat.com 2012-06-04T16:06:53+00:00 bbd33e46aa6194c1086939f7cf8538c067186455 Now there are two list of servers for each service. If currently selected server is only backup, then an event will be scheduled which tries to get connection to one of primary servers and if it succeeds, it starts using this server instead of the one which is currently connected to. 
Now there are two list of servers for each service. If currently
selected server is only backup, then an event will be scheduled which
tries to get connection to one of primary servers and if it succeeds,
it starts using this server instead of the one which is currently
connected to.
Primary server support: introduce concept of reconnection 2012-08-01T14:19:41+00:00 Jan Zeleny jzeleny@redhat.com 2012-06-20T17:41:53+00:00 75ee7925a9e289bc24f0ce8a7988cca926b71513 This patch adds two support functions for adding reconnection callbacks and invoking such callbacks. The concept of reconnection is simple: stop using current connection for for new queries to the server without actually going offline. 
This patch adds two support functions for adding reconnection callbacks
and invoking such callbacks. The concept of reconnection is simple: stop
using current connection for for new queries to the server without
actually going offline.
Remove unused member of be_req 2012-07-27T08:46:46+00:00 Jan Zeleny jzeleny@redhat.com 2012-07-26T09:12:16+00:00 e2f7dcb42ab101122d5a851c685af946eed5ddae 






Move SELinux processing from session to account PAM stack
2012-07-27T08:37:06+00:00

Jan Zeleny
jzeleny@redhat.com

2012-07-24T19:36:10+00:00

7016947229edcaa268a82bf69fde37e521b13233

The idea is to rename session provider to selinux provider. Processing
of SELinux rules has to be performed in account stack in order to ensure
that pam_selinux (which is the first module in PAM session stack) will
get the correct input from SSSD.

Processing of account PAM stack is bound to access provider. That means
we need to have two providers executed when SSS_PAM_ACCT_MGMT message
is received from PAM responder. Change in data_provider_be.c ensures
just that - after access provider finishes its actions, the control is
given to selinux provider and only after this provider finishes is the
result returned to PAM responder.





The idea is to rename session provider to selinux provider. Processing
of SELinux rules has to be performed in account stack in order to ensure
that pam_selinux (which is the first module in PAM session stack) will
get the correct input from SSSD.

Processing of account PAM stack is bound to access provider. That means
we need to have two providers executed when SSS_PAM_ACCT_MGMT message
is received from PAM responder. Change in data_provider_be.c ensures
just that - after access provider finishes its actions, the control is
given to selinux provider and only after this provider finishes is the
result returned to PAM responder.