sssd.git/src/util, branch jhrozek_sysdb_fqdn Unnamed repository; edit this file to name it for gitweb. UTIL: Remove unused functions 2016-07-06T15:40:22+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-28T16:12:15+00:00 19a36064635911048247bc7b295e77560c1ff160 The conversion to sysdb made several functions obsolete. Remove them. 
The conversion to sysdb made several functions obsolete. Remove them.
UTIL: Parse internal fqnames in find_domain_by_object_name 2016-07-06T15:40:22+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-28T16:05:17+00:00 4a8b9052ed78735ff8cabeb43ed4de5288241ec0 Previously, the sss_parse_name function was used. That function is meant to parse SSSD input, mainly in responders, not internal object names. 
Previously, the sss_parse_name function was used. That function is meant
to parse SSSD input, mainly in responders, not internal object names.
LDAP: Qualify user and group names when saving the sudo users 2016-07-06T15:40:22+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-22T08:33:09+00:00 dd9651c395bbba72443a31d17a767be60581da2c If the sudoUser values we fetch from LDAP correspond to a user or a group name per: http://www.sudo.ws/man/1.8.14/sudoers.ldap.man.html then we parse the usernames into (name,domain) tuples and store them qualified. This patch not only makes the sudo provider work with qualified names, but also makes it possible to use qualified names on the LDAP side, allowing for example AD users from different domains to access sudo rules. 
If the sudoUser values we fetch from LDAP correspond to a user or a
group name per:
    http://www.sudo.ws/man/1.8.14/sudoers.ldap.man.html
then we parse the usernames into (name,domain) tuples and store them
qualified.

This patch not only makes the sudo provider work with qualified names,
but also makes it possible to use qualified names on the LDAP side,
allowing for example AD users from different domains to access sudo
rules.
UTIL: expand_homedir_template manages usernames internally 2016-07-06T15:32:59+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-19T05:19:15+00:00 8a3e2807c5ee287ce6c3deb8095814f6ee6df9b0 expand_homedir_template() can be considered an outward-facing interface, therefore the function and its input structure will accept the internal name format and parse it internally into a username and domain component. 
expand_homedir_template() can be considered an outward-facing interface,
therefore the function and its input structure will accept the internal
name format and parse it internally into a username and domain
component.
UTIL: Add a utility function sss_output_name 2016-07-06T15:32:58+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-19T05:14:23+00:00 8c7b14ad9d078196398db25a74c5491e75620353 Adds a convenience function that will help reduce the amount of code duplication in the responders. All responders need to parse the username from the internal format, lower-case the name, if the domain is case-insensitive and then replace spaces if the responder is configured to do so. 
Adds a convenience function that will help reduce the amount of code
duplication in the responders. All responders need to parse the username
from the internal format, lower-case the name, if the domain is
case-insensitive and then replace spaces if the responder is configured
to do so.
UTIL: Add a utility function to create a list of qualified names 2016-07-06T15:32:58+00:00 Jakub Hrozek jhrozek@redhat.com 2016-06-13T15:06:09+00:00 4175bc7a7b8ebc663af47148e5ec9c37828cbec7 Adds a convenience wrapper around sss_create_fqname that qualifies a list of names into the format used internally in sssd. 
Adds a convenience wrapper around sss_create_fqname that qualifies a
list of names into the format used internally in sssd.
UTIL: Add function to create internal fqname 2016-07-06T15:32:58+00:00 Michal Zidek mzidek@redhat.com 2015-04-21T15:28:23+00:00 5c99b25690d25635ed387ef905e43b65eed47336 Add function to create internal fqname in format shortname@domname where domain portion is lowercased. 
Add function to create internal fqname in format
shortname@domname where domain portion is lowercased.
UTIL: Add function to parse internal fqname format 2016-07-06T15:32:58+00:00 Michal Zidek mzidek@redhat.com 2015-04-21T15:40:46+00:00 48863b3576ed34d7ee39e413c8e075155ba90c86 Add lightweight function to parse internal fqname format (shortname@domain). This function does not require the sss_names to be initialized. 
Add lightweight function to parse internal fqname format
(shortname@domain). This function does not require the
sss_names to be initialized.
SSH: Do not print an error message if sss_ssh_authorizedkeys is asked for a local user 2016-07-01T13:28:33+00:00 Jakub Hrozek jhrozek@redhat.com 2016-04-28T08:31:45+00:00 fcbcfa69f9291936f01f24b5fcb5a7672dca46f3 If an IPA client uses the SSH integration and a local user logs in with SSH, the sss_ssh_authorizedkeys looks up their keys in the SSH responder, which doesn't find the user and returns ENOENT. The sss_ssh_authorizedkeys reports a failure on any error, including ENOENT which produced a confusing error message in the logs. This patch adds a new error code that handles users that are not found by SSSD but exist on the system and also special cases root with the same error code. Therefore, logging in as a local user no longer prints an error message. Resolves: https://fedorahosted.org/sssd/ticket/3003 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
If an IPA client uses the SSH integration and a local user logs in with
SSH, the sss_ssh_authorizedkeys looks up their keys in the SSH
responder, which doesn't find the user and returns ENOENT. The
sss_ssh_authorizedkeys reports a failure on any error, including ENOENT
which produced a confusing error message in the logs.

This patch adds a new error code that handles users that are not found
by SSSD but exist on the system and also special cases root with the
same error code. Therefore, logging in as a local user no longer prints
an error message.

Resolves:
https://fedorahosted.org/sssd/ticket/3003

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
config: Fix filename matching regex 2016-07-01T09:22:16+00:00 Michal Židek mzidek@redhat.com 2016-07-01T07:58:41+00:00 e27c0ecef59272d4723f904a17061b4e59f0a6db Configuration file snippets must end with suffix .conf. We wrongly allowed any suffixes that begin with .conf (for example .conf.back). Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Configuration file snippets must end with suffix
.conf. We wrongly allowed any suffixes that begin
with .conf (for example .conf.back).

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>