| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
Allocate res on tmp_ctx instead of on mem_ctx.
Also use '_' prefix convention for output parameters.
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
|
| |
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
|
| |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
| |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
| |
Move functionality for creating cache dummies into separate function.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
| |
Output parameter was accessed before return value was checked.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add "/sssd.service.d" to systemdconfdir at configure stage, instead of
the make stage. This way, if systemd is not used, systemdconfdir
variable stays empty. That in turn, works around the attempt by older
versions of Automake to create the installation directory even though no
files are installed there [1].
This fixes installation and distcheck target on RHEL6, where an
"/sssd.service.d" directory creation would otherwise be attempted.
[1] http://debbugs.gnu.org/cgi/bugreport.cgi?bug=11030
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The memory context was not freed and therefore a destructor that
closes connection to D-Bus and performs cleanup task was not executed.
Resolves:
https://fedorahosted.org/sssd/ticket/2347
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2356
The python scripts are not tested with python3 and /usr/bin/python can be
symbolic link to python3 on some distributions.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2185
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
| |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
| |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2349
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2056
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2209
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| | |
|
| |
|
|
| |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
| |
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
man gethostanme says:
NOTES
SUSv2 guarantees that "Host names are limited to 255 bytes".
POSIX.1-2001 guarantees that "Host names (not including the terminating
null byte) are limited to HOST_NAME_MAX bytes". On Linux,
HOST_NAME_MAX is defined with the value 64, which has been the limit
since Linux 1.0 (earlier kernels imposed a limit of 8 bytes).
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The macros SOL_TCP and IPPROTO_TCP have the same value on linux,
but the first one is not portable.
man in.h says:
The <netinet/in.h> header shall define the following macros for use as
values of the level argument of getsockopt() and setsockopt():
IPPROTO_IP Internet protocol.
IPPROTO_IPV6 Internet Protocol Version 6.
IPPROTO_ICMP Control message protocol.
IPPROTO_RAW Raw IP Packets Protocol.
IPPROTO_TCP Transmission control protocol.
IPPROTO_UDP User datagram protocol.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2232
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
| |
Functions pam_vsyslog and pam_modutil_getlogin are not available in openpam.
This patch conditionally define macros for these function if they are not
available. Compatible macros use standard functions vsyslog, getlogin
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
| |
The header file security/_pam_macros.h is not available in openapam.
This patch copies necessary macros from linux-pam 1.1.8.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
| |
linuxpam and openpam use different functions for text based conversation.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need this file for declaration of pam functions
pam_get_item, pam_putenv, pam_set_data, pam_strerror, pam_set_item
There is already test in configure script for this header file,
but it was not included in pam_sss.c
sh-4.2$ git grep pam_appl.h
src/external/pam.m4:AC_CHECK_HEADERS([security/pam_appl.h ...
src/providers/data_provider_be.c:#include <security/pam_appl.h>
src/providers/proxy/proxy.h:#include <security/pam_appl.h>
src/providers/proxy/proxy_child.c:#include <security/pam_appl.h>
src/responder/pam/pamsrv.h:#include <security/pam_appl.h>
src/sss_client/pam_test_client.c:#include <security/pam_appl.h>
src/util/auth_utils.h:#include <security/pam_appl.h>
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
sssd-ldap hints to use the simple access provider if a nested group membership
is needed. Add explicit notice in sssd-simple about support of nested group
membership.
Resolves:
https://fedorahosted.org/sssd/ticket/2308
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
LDAP server can contain template for home directory instead of plain string.
This patch adds new expand option "%H", which will be replaced with value
from configuration option homedir_substring (from sssd.conf)
Resolves:
https://fedorahosted.org/sssd/ticket/1853
|
| |
|
|
|
|
|
|
| |
Function expand_homedir_template had lot of parameters.
After adding new expand option, all function call should be rewritten,
(usually argument NULL will be added)
This patch wraps all necessary arguments to structure.
|
| |
|
|
|
|
|
|
|
| |
Variable with type 'const char *' can be used as output argument in function
sss_parse_name, but there will be warning.
warning: passing 'const char **' to parameter of type 'char **'
discards qualifiers in nested pointer types
[-Wincompatible-pointer-types-discards-qualifiers]
|
| |
|
|
|
|
|
|
|
|
|
| |
Disabling use of Token-Groups is mandatory if expansion of nested groups is not
desired (ldap_group_nesting_level = 0) for AD provider.
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Make ldap_group_nesting_level = 0 to ignore group nesting entirely.
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2294
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
We used "char c = fgetc()" where we should have used "int c = fgetc()"
This bug caused errors on big-endian architectures.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Remove premature call of tevent_req_done() from sdap_get_initgr_done().
Request is correctly marked as done at sdap_get_initgr_pgid().
Resolves:
https://fedorahosted.org/sssd/ticket/2334
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2182
Adds three new options to the sss_usermod tool:
--addattr
--setattr
--delattr
The syntax is attrname=val1,val2, For example:
sss_usermod --addattr=phone-123-456 tuser
The operations are performed in the order of add, mod, del.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2114
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| | |
|
| |
|
|
| |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2291
The dbus tests that mock an sbus server were failing when make distcheck
was ran by a user logged in through the SSSD.
The reason was that the libtool wrapper around the test library alters
the LD_LIBRARY_PATH and as a consequence, the standard getpwuid_r() calls
the dbus server performs would load the in-tree NSS library and not the
system one. The-in tree library would then attempt to talk to an in-tree
NSS socket, fail, which would fail the getpwuid_r call with an error such as:
"""
Could not get password database information for UID of current process:
User "???" unknown or no memory to allocate password entry
"""
This patch adds a new configure-time option called --enable-dbus-tests
that is enabled by default and disabled during distcheck. When the
option is disabled, the tests that require a mocked dbus server are not
compiled at all.
|
| |
|
|
|
|
|
|
|
|
|
| |
Validation of xml files failed with new version of libxml2 (CVE-2014-0191)
make[2]: Entering directory `/builddir/build/BUILD/sssd-1.9.2/src/man'
/usr/bin/xmllint --catalogs --postvalid --nonet --xinclude --noout sss_usermod.8.xml
sss_usermod.8.xml:4: element reference: validity error : No declaration for element reference
sss_usermod.8.xml:5: element title: validity error : No declaration for element title
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2254
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2254
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2254
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2254
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
