History log of /sssd-io/src/db/sysdb_search.c
Revision Date Author Comments Expand
08db22b1b1a2e742edbca92e35087294d963adda 10-Apr-2018 Sumit Bose <sbose@redhat.com>

nss: add a netgroup counter to struct nss_enum_index Netgroups are not looked up with the help of a single request but by calling setnetgrent(), getnetgrent() and endnetgrent() where getnetgrent() might be called multiple times depending on the number of netgroup elements. Since the caller does not provide a state the state has to be maintained by the SSSD nss responder. Besides the netgroup name this is mainly the number of elements already returned. This number is used to select the next element to return and currently it is assumed that there are not changes to the netgroup while the client is requesting the individual elements. But if e.g. the 3 nss calls are not used correctly or the netgroup is modified while the client is sending getnetgrent() calls the stored number might be out of range. To be on the safe side the stored number should be always compared with the current number of netgroup elements. Related to https://pagure.io/SSSD/sssd/issue/3679 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
346d6d8bf5fdb446921d754c07c8a7d913a048d5 29-Jan-2018 René Genz <liebundartig@freenet.de>

Fix minor spelling mistakes Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

/sssd-io/contrib/gdbinit /sssd-io/contrib/sssd.spec.in /sssd-io/src/conf_macros.m4 /sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb.h /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/config/SSSDConfig/__init__.py.in /sssd-io/src/config/SSSDConfig/ipachangeconf.py sysdb_ops.c sysdb_search.c /sssd-io/src/external/ldap.m4 /sssd-io/src/ldb_modules/memberof.c /sssd-io/src/lib/certmap/sss_cert_content_nss.c /sssd-io/src/man/sss-certmap.5.xml /sssd-io/src/man/sssd-ad.5.xml /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/p11_child/p11_child_nss.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/sbus/sssd_dbus.h /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/tools/tools_mc_util.c /sssd-io/src/util/authtok.h /sssd-io/src/util/become_user.c /sssd-io/src/util/cert/libcrypto/cert.c /sssd-io/src/util/cert/nss/cert.c /sssd-io/src/util/inotify.c /sssd-io/src/util/safe-format-string.h /sssd-io/src/util/server.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/util_errors.h
50d9424d38efe2421a60aa622fb342bea29ee4eb 18-Jan-2018 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Use sysdb_domain_dn instead of raw ldb_dn_new_fmt Using ldb should be as much as an implementation detail as possible. Plus, it looks weird if one of the branch uses a sysdb function while another code branch uses a raw ldb call. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
6c3d0ed4dc7a89448ee94e0e1e194748960d7940 03-Jan-2018 Fabiano Fidêncio <fidencio@redhat.com>

SYSDB: Return EOK in case a non-fatal issue happened There may be the case where we aren't able to merge the timestamps from the fast ts db, which are treated as non-fatal issues. In case it happens, let's return EOK instead of propagating the non-fatal error. Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
0e238c259c066cf997aaa940d33d6bda96c15925 27-Nov-2017 Sumit Bose <sbose@redhat.com>

sysdb: do not use objectClass for users and groups The majority of the object in the SSSD cache are users and groups. If there are many user and groups in the cache the index objects of the objectclass attributes 'user' and 'group' become large because the must hold references to all objects of those object classes. As a result the management of these index objects becomes costly because they must be parsed and split apart quite often. Additionally they are mostly useless because user and groups are lookup up by more specific attributes in general. Only when enumerating all user or groups this kind of index might be useful. There are two way of removing this kind of index from the user and group objects. Either by removing objectClass from the list of indexes and add a new attribute to all other type of object we want and index for. Or by replacing objectClass with a different attribute for the user and group objects. After some testing I think the latter one is the more reliable one and implemented it in this patch. Related to https://pagure.io/SSSD/sssd/issue/3503 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

sysdb.h sysdb_init.c sysdb_ops.c sysdb_search.c sysdb_upgrade.c /sssd-io/src/ldb_modules/memberof.c /sssd-io/src/providers/ad/ad_pac.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/ipa/ipa_subdomains_id.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/responder/common/cache_req/plugins/cache_req_common.c /sssd-io/src/responder/ifp/ifp_cache.c /sssd-io/src/responder/ifp/ifp_groups.c /sssd-io/src/responder/ifp/ifp_users.c /sssd-io/src/responder/nss/nss_cmd.c /sssd-io/src/responder/nss/nss_protocol_grent.c /sssd-io/src/responder/nss/nss_protocol_sid.c /sssd-io/src/tests/cmocka/test_ad_common.c /sssd-io/src/tests/cmocka/test_ipa_subdomains_server.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tools/sssctl/sssctl_cache.c
39d6a3be119b050b0690152b6b443117c8617b1c 13-Nov-2017 Michal Židek <mzidek@redhat.com>

SYSDB: Better debugging for email conflicts Add DEBUG message when conflicts in FQ names or emails are detected. Also improve man page to hint on how to work around issue with conflicting emails. Note: We store emails in two different attributes in sysdb: - SYSDB_USER_EMAIL - SYSDB_NAME_ALIAS - this one is lowercased and used in getpwnam searches. Resolves: https://fedorahosted.org/sssd/ticket/3293 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
8ad57e17779b3ec60246ac58c1691ee15745084c 15-Jun-2017 Fabiano Fidêncio <fidencio@redhat.com>

SYSDB: Make the usage of the filter more generic for search_ts_matches() In order to make this function re-usable in different parts of our code, let's start passing an already built filter to it instead of having the specific code building the name filter there. Related: https://pagure.io/SSSD/sssd/issue/3369 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
347be58e1769ba90b49a7e5ec1678ef66987f6cd 15-Jun-2017 Fabiano Fidêncio <fidencio@redhat.com>

SYSDB: Internally expose sysdb_search_ts_matches() This function will be used in the follow-up patches. As it's going to be "exposed", let's also rename it from search_ts_matches() to sysdb_search_ts_matches(). Related: https://pagure.io/SSSD/sssd/issue/3369 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
01c6bb9b47401f9f14c4cfe5c5f03fce2e63629b 15-Jun-2017 Fabiano Fidêncio <fidencio@redhat.com>

SYSDB: Return ERR_NO_TS when there's no timestamp cache present This change affects sysdb_search_ts_{users,groups} functions and is mainly needed in order to avoid breaking our current tests due to the changes planned for fixing https://pagure.io/SSSD/sssd/issue/3369. Related: https://pagure.io/SSSD/sssd/issue/3369 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
afadeb1a530ff010a2f9a7552562576b843c874b 03-Mar-2017 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: When searching for UPNs, search either the whole DB or only the given domain The search-by-UPN functions always searched for the whole domain. In some cases, the caller depends on the result coming from the domain specified by the 'domain' parameter. This is the case in the cache_req code at least. Even though it should be safe to just switch to always searching the whole domain, in order to allow us to examine the code carefully and test each codepath, let's introduce a boolean option to the search functions. Currently it defaults to false in all codepaths and as we test the individual ones, we can flip the option to true until we finally remove the option altogether. Reviewed-by: Sumit Bose <sbose@redhat.com>
3dd4c3eca80e9223a65f3318821bd0fb5b45aedd 31-Oct-2016 Sumit Bose <sbose@redhat.com>

sysdb: add parent_dom to sysdb_get_direct_parents() Currently sysdb_get_direct_parents() only return direct parents from the same domain as the child object. In setups with sub-domains this might not be sufficient. A new option parent_dom is added which allows to specify a domain the direct parents should be lookup up in. If it is NULL the whole cache is searched. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
1594701fbdc341069e11cff9a85e7a795e52db3d 29-Jul-2016 Sumit Bose <sbose@redhat.com>

views: properly override group member names Resolves https://fedorahosted.org/sssd/ticket/2948 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
095c198509601e30281d64becebdf47171a2f5b4 07-Jul-2016 Michal Zidek <mzidek@redhat.com>

SYSDB: Search functions don't need to construct per-domain names All user and group names are standardized to be fully qualified, so there's no need to provide per-domain names anymore. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
5d0d0f8067fb53285a38fe978cfa36dbeb53be9b 06-Jul-2016 Lukas Slebodnik <lslebodn@redhat.com>

sysdb: Use ldb_result as output in sysdb_search_ts_{users,groups} Passing address of unsigned to the output argument size_t causes access out of boundaries for type unsigned and and wrong data on big endian. It looks like functions sysdb_search_ts_{users,groups} need to store results in structure ldb_result anyway for further processing. Therefore it will be better to convert output arguments size_t* + ldb_message*** into structure ldb_result and avoid using additional helper variable with type size_t before each invocation of these functions. Reviewed-by: Sumit Bose <sbose@redhat.com>
a257259b05d62ebe548b6c798a3aa03a97dbc0c2 23-Jun-2016 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: If modifyTimestamp is the same, only update the TS cache Resolves: https://fedorahosted.org/sssd/ticket/2602 If the entry being saved contains the original modifyTimestamp attribute and the modifyTimestamp attribute is the same as the one we already saved to the timestamp cache, only the expire timestamps in the asynchronous timestamp cache will be bumped and the sysdb code will avoid writes to the main cache completely. If the modifyTimestamp is either missing or differs, we assume the entry had changed and do a full write to the main cache. Also amends the generic sysdb_set_attrs* and similar functions that their results is also reflected in the timestamps cache. Reviewed-by: Sumit Bose <sbose@redhat.com>
dd285415d7a8d8376207960cfa3e977524c3b98c 23-Jun-2016 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Search the timestamp caches in addition to the sysdb cache When a sysdb entry is searched, the sysdb cache is consulted first for users or groups. If an entry is found in the sysdb cache, the attributes from the timestamp cache are merged to return the full and up-to-date set of attributes. The merging is done with a single BASE search which is a direct lookup into the underlying key-value database, so it should be relatively fast. More complex merging is done only for enumeration by filter which is currently done only via the IFP back end and should be quite infrequent, so I hope we can justify a more complex merging there. Reviewed-by: Sumit Bose <sbose@redhat.com>
6cb34580ee6e9e2c9190b77b10db8a3c43e3c9c8 09-Jun-2016 Sumit Bose <sbose@redhat.com>

sysdb: add searches by certificate with overrides Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
28ebfa4373d1e7ce45b5d70a3619df1c074a661e 08-Oct-2015 Pavel Březina <pbrezina@redhat.com>

cache_req: add support for UPN Reviewed-by: Sumit Bose <sbose@redhat.com>
87e0dcaff945f8b8f30030309e16ba26935fcb7b 18-Sep-2015 Pavel Březina <pbrezina@redhat.com>

views: allow ghost members for LOCAL view LOCAL view does not allow the case when both ghost member and user override is created so it is safe to allow ghost members for this view. Resolves: https://fedorahosted.org/sssd/ticket/2790 Reviewed-by: Sumit Bose <sbose@redhat.com>
890ae77c52e36f222655d710439d2fe25f15101b 17-Jul-2015 Lukas Slebodnik <lslebodn@redhat.com>

Update few debug messages It reduces a noise caused by canonicalization of non-existing user. Resolves: https://fedorahosted.org/sssd/ticket/2678 Reviewed-by: Pavel Reichl <preichl@redhat.com>
696c17580b49d6817f1dd33915e0e209dcfe4225 15-Jul-2015 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Add functions to look up multiple entries including name and custom filter Related: https://fedorahosted.org/sssd/ticket/2553 Adds new sysdb function: - sysdb_enumpwent_filter - sysdb_enumpwent_filter_with_views - sysdb_enumgrent_filter - sysdb_enumgrent_filter_with_views These are similar to enumeration functions, but optionally allow to specify a filter to be applied on user/group names. Also an additional custom filter can be applied. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
0f9c28eb52d2b45c8a97f709308dc11377831b8c 06-May-2015 Sumit Bose <sbose@redhat.com>

IPA: allow initgroups by UUID for FreeIPA users If a FreeIPA user is searched with the help of an override name the UUID from the override anchor is used to search the user. Currently the initgroups request only allows searches by SID or name. With this patch a UUID can be used as well. Related to https://fedorahosted.org/sssd/ticket/2642 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
f70a1adbfc30b9acc302027439fb8157e0c6ea2a 29-Apr-2015 Sumit Bose <sbose@redhat.com>

IPA: allow initgroups by SID for AD users If a user from a trusted AD domain is search with the help of an override name the SID from the override anchor is used to search the user in AD. Currently the initgroups request only allows searches by name. With this patch a SID can be used as well. Resolves https://fedorahosted.org/sssd/ticket/2632 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
12a000c8c7c07259e438fb1e992134bdd07d9a30 09-Mar-2015 Pavel Březina <pbrezina@redhat.com>

sysdb: use sysdb_user/group_dn Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
1a9f66352070d71a6b998c5afbc268ba6fddc51c 05-Nov-2014 Sumit Bose <sbose@redhat.com>

sysdb_add_overrides_to_object: add new parameter and multi-value support With the new parameter an attribute list other than the default one can be used. Override attributes with multiple values (e.g. SSH public keys) are now supported as well. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
16c37880f089431211290aa31bdcd3c9bc12aa77 05-Nov-2014 Sumit Bose <sbose@redhat.com>

sysdb_get_user_attr_with_views: add mandatory override attributes This patch add another attribute with is needs for override processing to the attribute list of sysdb_get_user_attr_with_views(). With two attribute it does not seem useful to check for existence and add each of the attributes conditionally. With this patch they are added unconditionally if the domain has views. Additionally the attributes are not removed in the end because it is expected that they do not cause any harm. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
cc5f7592e4d81f3a7336da20fc681b7e52c103b4 20-Oct-2014 Pavel Březina <pbrezina@redhat.com>

Add sysdb_get_user_attr_with_views Reviewed-by: Sumit Bose <sbose@redhat.com>
4777af0b8f9a3f418a54f0d4bf7eb72b896dabb5 20-Oct-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_enumpw/grent_with_views() Reviewed-by: Pavel Březina <pbrezina@redhat.com>
d2f4551519698809e73a029c49599e1f67e6bdd4 20-Oct-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_getgrnam_with_views and sysdb_getgrgid_with_views Reviewed-by: Pavel Březina <pbrezina@redhat.com>
908ee7aa8f046ae7f066d80b787cd380d61af619 20-Oct-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_initgroups_with_views() Reviewed-by: Pavel Březina <pbrezina@redhat.com>
89b065cb85f57e80760ce4d4b1215b533e249e92 20-Oct-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_getpwnam/uid_with_views() View-aware drop-in replacements for sysdb_getpwnam() and sysdb_getpwuid(). Reviewed-by: Pavel Březina <pbrezina@redhat.com>
36ea9f2a4ff47a045625203a02c6deed9c53e169 09-Oct-2014 Pavel Březina <pbrezina@redhat.com>

sysdb_get_user_attr: use fqn for subdomain users Name of subdomain users is stored with domain part in the sysdb. We need to use fully qualified names for those user so we can look them up. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
d7d3ee1b8ab7a05129c83da8a185351d7c751c1c 06-Oct-2014 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: move sysdb_get_real_name() from sysdb.c to sysdb_search.c The sysdb.c should be reserved for utility and setup functions. Search functions belong to sysdb_search.c Keeping functions in specialized modules helps to maintain nice dependencies and in overall makes unit testing easier. Moreover, the function was not unit tested, which needed fixing. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
61602026ed8c91efd166000562899670449f1b50 05-Sep-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: SSS_LDB_SEARCH - macro around ldb_search This patch amends previous patch 5153e8b9793dea1e212ca08af0f77ea1d023cbb7. Macro SSS_LDB_SEARCH is used instead of using fuction sss_ldb_search as a wrapper around ldb_search which could lead to premature expansion of variadic parameters. Part of solution for: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
9436c86caf9b2f7ec33c3022dfed2a653d3ec965 25-Jun-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: sysdb_getnetgr returns ENOENT Replace call of ldb_search by sss_ldb_search to make sure that ENOENT is returned if no results were found. Resolves: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
83bf46f4066e3d5e838a32357c201de9bd6ecdfd 12-Feb-2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>

Update DEBUG* invocations to use new levels Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>

/sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb_setup.c sysdb.c sysdb_ops.c sysdb_ranges.c sysdb_search.c sysdb_upgrade.c /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_init_shared.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_wait_queue.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_enum.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/ldap/sdap_fd_events.c /sssd-io/src/providers/ldap/sdap_id_op.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/responder/common/negcache.c /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/nss/nsssrv_private.h /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/tests/auth-tests.c /sssd-io/src/tests/files-tests.c /sssd-io/src/tests/resolv-tests.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tests/sysdb_ssh-tests.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/check_and_open.c /sssd-io/src/util/child_common.c /sssd-io/src/util/crypto/nss/nss_obfuscate.c /sssd-io/src/util/crypto/nss/nss_util.c /sssd-io/src/util/debug.c /sssd-io/src/util/find_uid.c /sssd-io/src/util/nscd.c /sssd-io/src/util/signal.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c
a3c8390d19593b1e5277d95bfb4ab206d4785150 12-Feb-2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>

Make DEBUG macro invocations variadic Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>

/sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb_setup.c sysdb.c sysdb_autofs.c sysdb_idmap.c sysdb_ops.c sysdb_ranges.c sysdb_search.c sysdb_selinux.c sysdb_services.c sysdb_ssh.c sysdb_subdomains.c sysdb_sudo.c sysdb_upgrade.c /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/ad/ad_access.c /sssd-io/src/providers/ad/ad_common.c /sssd-io/src/providers/ad/ad_domain_info.c /sssd-io/src/providers/ad/ad_dyndns.c /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_init.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/ad/ad_subdomains.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_dyndns.c /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/dp_ptask.c /sssd-io/src/providers/dp_refresh.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/fail_over_srv.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_autofs.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_config.c /sssd-io/src/providers/ipa/ipa_dyndns.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_hostid.c /sssd-io/src/providers/ipa/ipa_hosts.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_idmap.c /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_s2n_exop.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_srv.c /sssd-io/src/providers/ipa/ipa_subdomains.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/ipa/ipa_subdomains_id.c /sssd-io/src/providers/ipa/ipa_sudo.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_become_user.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_init_shared.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_wait_queue.c /sssd-io/src/providers/ldap/ldap_access.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/ldap_id_services.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async_autofs.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_enum.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_groups_ad.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_services.c /sssd-io/src/providers/ldap/sdap_async_sudo.c /sssd-io/src/providers/ldap/sdap_async_sudo_hostinfo.c /sssd-io/src/providers/ldap/sdap_async_sudo_timer.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_autofs.c /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/ldap/sdap_dyndns.c /sssd-io/src/providers/ldap/sdap_fd_events.c /sssd-io/src/providers/ldap/sdap_id_op.c /sssd-io/src/providers/ldap/sdap_idmap.c /sssd-io/src/providers/ldap/sdap_range.c /sssd-io/src/providers/ldap/sdap_refresh.c /sssd-io/src/providers/ldap/sdap_reinit.c /sssd-io/src/providers/ldap/sdap_sudo.c /sssd-io/src/providers/ldap/sdap_sudo_cache.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/proxy/proxy_services.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/resolv/async_resolv_utils.c /sssd-io/src/responder/autofs/autofssrv.c /sssd-io/src/responder/autofs/autofssrv_cmd.c /sssd-io/src/responder/autofs/autofssrv_dp.c /sssd-io/src/responder/common/negcache.c /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/common/responder_get_domains.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_mmap_cache.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/nss/nsssrv_private.h /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pac/pacsrv.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pac/pacsrv_utils.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pam_helpers.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/responder/ssh/sshsrv.c /sssd-io/src/responder/ssh/sshsrv_cmd.c /sssd-io/src/responder/ssh/sshsrv_dp.c /sssd-io/src/responder/sudo/sudosrv.c /sssd-io/src/responder/sudo/sudosrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_dp.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c /sssd-io/src/responder/sudo/sudosrv_query.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/sss_client/ssh/sss_ssh_authorizedkeys.c /sssd-io/src/sss_client/ssh/sss_ssh_knownhostsproxy.c /sssd-io/src/tests/auth-tests.c /sssd-io/src/tests/cmocka/test_dyndns.c /sssd-io/src/tests/cmocka/test_fqnames.c /sssd-io/src/tests/cmocka/test_nss_srv.c /sssd-io/src/tests/cmocka/test_utils.c /sssd-io/src/tests/common_dom.c /sssd-io/src/tests/common_tev.c /sssd-io/src/tests/debug-tests.c /sssd-io/src/tests/files-tests.c /sssd-io/src/tests/krb5_child-test.c /sssd-io/src/tests/resolv-tests.c /sssd-io/src/tests/simple_access-tests.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tests/sysdb_ssh-tests.c /sssd-io/src/tools/files.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_debuglevel.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_mc_util.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/authtok.c /sssd-io/src/util/backup_file.c /sssd-io/src/util/check_and_open.c /sssd-io/src/util/child_common.c /sssd-io/src/util/crypto/libcrypto/crypto_base64.c /sssd-io/src/util/crypto/libcrypto/crypto_obfuscate.c /sssd-io/src/util/crypto/nss/nss_obfuscate.c /sssd-io/src/util/crypto/nss/nss_util.c /sssd-io/src/util/debug.c /sssd-io/src/util/domain_info_utils.c /sssd-io/src/util/find_uid.c /sssd-io/src/util/nscd.c /sssd-io/src/util/server.c /sssd-io/src/util/signal.c /sssd-io/src/util/sss_ini.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_krb5.h /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/sss_nss.c /sssd-io/src/util/sss_selinux.c /sssd-io/src/util/sss_ssh.c /sssd-io/src/util/sss_tc_utf8.c /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h /sssd-io/src/util/util_lock.c /sssd-io/src/util/well_known_sids.c
15a1519ec9c23f598716ffa89e533cd9bfb2a4f3 19-Dec-2013 Sumit Bose <sbose@redhat.com>

Use lower-case name for case-insensitive searches The patch makes sure that a completely lower-cased version of a fully qualified name is used for case insensitive searches. Currently there are code paths where the domain name was used as configured and was not lower-cased. To make sure this patch does not break with old entries in the cache or case sensitive domains a third template was added to the related filters templates which is either filled with a completely lower-cased version or with the old version. The other two template values are unchanged.
5f796c17ca4a7391ebe90f227912e009372f18e8 18-Dec-2013 Pavel Reichl <pavel.reichl@redhat.com>

SYSDB: simplification of condition in if statement else-if statement is checking for condition which is handled by previous if statement.
65b8ace4d8892c85220e5bcf5ae7d92a6517aa65 18-Dec-2013 Pavel Reichl <pavel.reichl@redhat.com>

SYSDB: typos & debug macro constants
9c83da3f27cb4473bd6bbc0167b471ed88acd842 15-Nov-2013 Lukas Slebodnik <lslebodn@redhat.com>

SYSDB: Skip malformed netgroup attribute. It was not easy find out why netgroup could not be covert into result entries. Problem was that nisNetgroupTriple contained unexpected string "(,user01)" This patch will ignore only malformed attribute and processing of netgroup will not fail. Resolves: https://fedorahosted.org/sssd/ticket/2137
b3292840ebaa747a9fd596ff47cc5d18198361d0 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter from the sysdb_search module

sysdb.c sysdb.h sysdb_search.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/python/pysss.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/ssh/sshsrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c /sssd-io/src/tests/cmocka/test_nss_srv.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c
0e65abe5cf2abf5d4b431cf6bd161b419f07901d 11-Sep-2013 Lukas Slebodnik <lslebodn@redhat.com>

Fix formating of variables with type: size_t

sysdb_autofs.c sysdb_ops.c sysdb_search.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/fail_over_srv.c /sssd-io/src/providers/ipa/ipa_config.c /sssd-io/src/providers/ipa/ipa_idmap.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_srv.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_autofs.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_groups_ad.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_services.c /sssd-io/src/providers/ldap/sdap_async_sudo.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/responder/nss/nsssrv_mmap_cache.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/util/child_common.c
02d1cb8935d5c9b57cd05dfdbfe6ed38e0d61c28 07-Jun-2013 Jakub Hrozek <jhrozek@redhat.com>

New utility function sss_get_domain_name Instead of copying a block of code that checks whether domain is a subdomain and uses only name of FQDN as appropriate, wrap the logic into a function.
1987bff88e01c74d647dd2db4f541ac311537e1a 30-May-2013 Jakub Hrozek <jhrozek@redhat.com>

Add utility functions for formatting fully-qualified names Instead of using printf-like functions directly, provide two wrappers that would encapsulate formatting the fully-qualified names. No functional change is present in this patch.
9f37bb2012faa136ef7c1f9fe93689ce2be85637 13-Mar-2013 Ondrej Kos <okos@redhat.com>

Fix initialization of multiple variables
4f118e3e6a25762f40a43e6dbefb09f44adbef32 10-Feb-2013 Simo Sorce <simo@redhat.com>

Introduce IS_SUBDOMAIN() macro Fixes https://fedorahosted.org/sssd/ticket/1766
c14184c07634801cda7864aa17c6fa8dc9ab43d1 15-Jan-2013 Simo Sorce <simo@redhat.com>

Move mpg flag to the domain where it belongs A sysdb contains now multiple domains, but the mpg property is a property of a specific domain not of the underlying database.
5d78919c955c945e78865f322726aac075c71203 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_get_user_attr()
c3ca06c011a34997cd6ec5d1e5927fee12bf2464 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_initgroups()
1826891a4869450994ae82adb60215ca564f9f4d 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain option to sysdb_get/netgr/attrs() fns
a0593a02a5d2c7a8b4dda330a69fb1f10cc12cdb 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_enum<pw/gr>ebt() functions
2d66c2eee2e4364a52d5436b61759ef990108230 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_get<pwu/grg><id() functions
58fd3aa25c5292bc67432647ab7e5059439fcc6d 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_get<pw/gr>nam() functions Also allows us to remove sysdb_subdom_get<pw/gr>nam() wrappers and restore fqnames proper value in subdomains, by testing for a parent domain being present or not.
8d9e0547a864cee05ab36bc988300c0cfa986025 19-Nov-2012 Simo Sorce <simo@redhat.com>

Refactor the way subdomain accounts are saved The original sysdb code had a strong assumption that only users from one domain are saved in the databse, with the subdomain feature, we have changed reality, but have not adjusted all the code arund the sysdb calls to not rely on the original assumption. One of the side effects of this incongrunece is that currently group memberships do not return fully qualified names for subdomain users as they should. In oreder to fix this and other potential issues surrounding the violation of the original assumption, we need to fully qualify subdomain user names. By savin them fully qualified we do not risk aliasing local users and have group memberhips or other name based matching code mistake a domain user with subdomain usr or vice versa.
9729b24935f9b717234728b2d2cfb4ca49df307b 06-Mar-2012 Jakub Hrozek <jhrozek@redhat.com>

Search netgroups by alias, too https://fedorahosted.org/sssd/ticket/1228
87c9241da76f8a7c93095649b2c09a2a07190a36 21-Nov-2011 Krzysztof Klimonda <kklimonda@ubuntu.com>

Fix FTBFS related to -Werror=format-security
ff8bfff50bb417e564d1c1e0eaff14c080c401ed 17-Oct-2011 Jakub Hrozek <jhrozek@redhat.com>

Sanitize DN in sysdb_get_direct_parents
cc747b056d161cb4a82d94e95b7522ca98c5d085 06-Oct-2011 Jakub Hrozek <jhrozek@redhat.com>

Fix typo in sysdb_get_direct_parents
c98298029c51fdbc727536fec7a27795184d04e4 28-Sep-2011 Jakub Hrozek <jhrozek@redhat.com>

Return users and groups based on alias https://fedorahosted.org/sssd/ticket/926
fd61c807554d5a3ff74f065eb0438fe2524f4ba2 28-Sep-2011 Jakub Hrozek <jhrozek@redhat.com>

Add a sysdb_get_direct_parents function
844015b85bb4e488161ee6c8912f3f4b4c4572c5 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

Remaining memory context variables renamed memctx to mem_ctx tmpctx to tmp_ctx
e79d23932ef9d52cf4eb32ddec2d0a9b3af9a9eb 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

sysdb refactoring: memory context deleted This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
8a1738f9379a1b8fb5c95c3df649e014ff5a1434 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

sysdb refactoring: deleted domain variables in sysdb API The patch also updates code using modified functions. Tests have also been adjusted.

sysdb.c sysdb.h sysdb_ops.c sysdb_search.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_accounts.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/python/pysss.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c
82c3185b2ccc1e99ff6c6d63d09754cbd0705e6c 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

sysdb refactoring: renamed ctx variable to sysdb
c80f0e2c8aecbaa069f316f7083556374e3b969d 15-Nov-2010 Stephen Gallagher <sgallagh@redhat.com>

Sanitize search filters for the sysdb
8c64b46e923ec590984325beedb29fcd09aac0e4 13-Oct-2010 Sumit Bose <sbose@redhat.com>

Also return member groups to the client
1a3c4b9f378e3b04161e4f35b2efa5fae3d56a7b 13-Oct-2010 Stephen Gallagher <sgallagh@redhat.com>

Netgroups sysdb API
1286160a84dadf7d74f0541648717b101d68460a 22-Sep-2010 Stephen Gallagher <sgallagh@redhat.com>

Initgroups on a non-cached user should go to the data provider We were accidentally returning an error when sysdb_getpwnam() returned zero results internally in sysdb_initgroups(). The correct behavior here is to return EOK and a result object with zero entries.
aacf8781c61e928c74fcc89f02225374b283b872 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: remove obsolete helpers from sysdb
aafa0393524bacc5ba48e79ab536f9deb3972e38 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_initgroups
88e7576d8bf00bfd0eaed8731b7eee1d6b6e05a1 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_enumgrent
fa362558a3f89644dab60debfbc423fe31a39f00 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_enumpwent
08d9d10747da6900971cdd8fced05ca66f5111e2 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_get_user_attr
ac660a221255b761615f6ecdb63b92a6391a58a2 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getgrgid
25465215742b9c78566d44cd06a886c4a4e43ffa 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getgrnam
a298e5b4050a69238593017ccc774336eb332e16 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getpwuid
7ffaa2afb9e03a6f0b9c602c0f03b2074ea33eac 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getpwnam
1c48b5a62f73234ed26bb20f0ab345ab61cda0ab 18-Feb-2010 Stephen Gallagher <sgallagh@redhat.com>

Rename server/ directory to src/ Also update BUILD.txt

/sssd-io/BUILD.txt /sssd-io/Makefile.am /sssd-io/configure.ac /sssd-io/contrib/sssd.spec.in /sssd-io/src/Makefile.am /sssd-io/src/build_macros.m4 /sssd-io/src/conf_macros.m4 /sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb.h /sssd-io/src/confdb/confdb_private.h /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/confdb/confdb_setup.h /sssd-io/src/config/SSSDConfig.py /sssd-io/src/config/SSSDConfigTest.py /sssd-io/src/config/etc/sssd.api.conf /sssd-io/src/config/etc/sssd.api.d/sssd-ipa.conf /sssd-io/src/config/etc/sssd.api.d/sssd-krb5.conf /sssd-io/src/config/etc/sssd.api.d/sssd-ldap.conf /sssd-io/src/config/etc/sssd.api.d/sssd-local.conf /sssd-io/src/config/etc/sssd.api.d/sssd-proxy.conf /sssd-io/src/config/ipachangeconf.py /sssd-io/src/config/setup.py /sssd-io/src/config/testconfigs/noparse.api.conf /sssd-io/src/config/testconfigs/sssd-badversion.conf /sssd-io/src/config/testconfigs/sssd-invalid-badbool.conf /sssd-io/src/config/testconfigs/sssd-invalid.conf /sssd-io/src/config/testconfigs/sssd-noversion.conf /sssd-io/src/config/testconfigs/sssd-valid.conf /sssd-io/src/config/upgrade_config.py /sssd-io/src/configure.ac sysdb.c sysdb.h sysdb_ops.c sysdb_private.h sysdb_search.c /sssd-io/src/doxy.config.in /sssd-io/src/examples/sssd.conf /sssd-io/src/examples/sssdproxytest /sssd-io/src/examples/sudo /sssd-io/src/external/crypto.m4 /sssd-io/src/external/docbook.m4 /sssd-io/src/external/krb5.m4 /sssd-io/src/external/ldap.m4 /sssd-io/src/external/libcares.m4 /sssd-io/src/external/libcollection.m4 /sssd-io/src/external/libdhash.m4 /sssd-io/src/external/libini_config.m4 /sssd-io/src/external/libldb.m4 /sssd-io/src/external/libpcre.m4 /sssd-io/src/external/libpopt.m4 /sssd-io/src/external/libtalloc.m4 /sssd-io/src/external/libtdb.m4 /sssd-io/src/external/libtevent.m4 /sssd-io/src/external/pam.m4 /sssd-io/src/external/pkg.m4 /sssd-io/src/external/platform.m4 /sssd-io/src/external/python.m4 /sssd-io/src/external/selinux.m4 /sssd-io/src/external/sizes.m4 /sssd-io/src/krb5_plugin/sssd_krb5_locator_plugin.c /sssd-io/src/ldb_modules/memberof.c /sssd-io/src/m4/.dir /sssd-io/src/man/include/failover.xml /sssd-io/src/man/include/param_help.xml /sssd-io/src/man/include/upstream.xml /sssd-io/src/man/sss_groupadd.8.xml /sssd-io/src/man/sss_groupdel.8.xml /sssd-io/src/man/sss_groupmod.8.xml /sssd-io/src/man/sss_groupshow.8.xml /sssd-io/src/man/sss_useradd.8.xml /sssd-io/src/man/sss_userdel.8.xml /sssd-io/src/man/sss_usermod.8.xml /sssd-io/src/man/sssd-ipa.5.xml /sssd-io/src/man/sssd-krb5.5.xml /sssd-io/src/man/sssd-ldap.5.xml /sssd-io/src/man/sssd.8.xml /sssd-io/src/man/sssd.conf.5.xml /sssd-io/src/man/sssd_krb5_locator_plugin.8.xml /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor.h /sssd-io/src/monitor/monitor_interfaces.h /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/po/LINGUAS /sssd-io/src/po/Makevars /sssd-io/src/po/POTFILES.in /sssd-io/src/po/de.po /sssd-io/src/po/es.po /sssd-io/src/po/fr.po /sssd-io/src/po/it.po /sssd-io/src/po/ja.po /sssd-io/src/po/nl.po /sssd-io/src/po/pl.po /sssd-io/src/po/pt.po /sssd-io/src/po/sss_daemon.pot /sssd-io/src/po/sv.po /sssd-io/src/providers/child_common.c /sssd-io/src/providers/child_common.h /sssd-io/src/providers/data_provider.h /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_backend.h /sssd-io/src/providers/dp_sbus.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/fail_over.h /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_access.h /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_auth.h /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_common.h /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_timerules.c /sssd-io/src/providers/ipa/ipa_timerules.h /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_auth.h /sssd-io/src/providers/krb5/krb5_become_user.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_common.h /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_utils.h /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_common.h /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap.h /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async.h /sssd-io/src/providers/ldap/sdap_async_accounts.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_private.h /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/providers.h /sssd-io/src/providers/proxy.c /sssd-io/src/providers/sssd_be.exports /sssd-io/src/python/pysss.c /sssd-io/src/resolv/ares/ares_data.c /sssd-io/src/resolv/ares/ares_data.h /sssd-io/src/resolv/ares/ares_dns.h /sssd-io/src/resolv/ares/ares_parse_srv_reply.c /sssd-io/src/resolv/ares/ares_parse_srv_reply.h /sssd-io/src/resolv/ares/ares_parse_txt_reply.c /sssd-io/src/resolv/ares/ares_parse_txt_reply.h /sssd-io/src/resolv/async_resolv.c /sssd-io/src/resolv/async_resolv.h /sssd-io/src/responder/common/responder.h /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/common/responder_packet.c /sssd-io/src/responder/common/responder_packet.h /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv.h /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_nc.c /sssd-io/src/responder/nss/nsssrv_nc.h /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv.h /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sbus_client.h /sssd-io/src/sbus/sssd_dbus.h /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_private.h /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/sss_client/common.c /sssd-io/src/sss_client/group.c /sssd-io/src/sss_client/man/pam_sss.8.xml /sssd-io/src/sss_client/pam_sss.c /sssd-io/src/sss_client/pam_test_client.c /sssd-io/src/sss_client/passwd.c /sssd-io/src/sss_client/protos.h /sssd-io/src/sss_client/sss_cli.h /sssd-io/src/sss_client/sss_nss.exports /sssd-io/src/sss_client/sss_pam.exports /sssd-io/src/sss_client/sss_pam_macros.h /sssd-io/src/sysv/SUSE/sssd /sssd-io/src/sysv/sssd /sssd-io/src/tests/auth-tests.c /sssd-io/src/tests/check_and_open-tests.c /sssd-io/src/tests/common.c /sssd-io/src/tests/common.h /sssd-io/src/tests/fail_over-tests.c /sssd-io/src/tests/files-tests.c /sssd-io/src/tests/find_uid-tests.c /sssd-io/src/tests/ipa_ldap_opt-tests.c /sssd-io/src/tests/ipa_timerules-tests.c /sssd-io/src/tests/krb5_utils-tests.c /sssd-io/src/tests/python-test.py /sssd-io/src/tests/refcount-tests.c /sssd-io/src/tests/resolv-tests.c /sssd-io/src/tests/stress-tests.c /sssd-io/src/tests/strtonum-tests.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tools/files.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/backup_file.c /sssd-io/src/util/check_and_open.c /sssd-io/src/util/crypto_sha512crypt.c /sssd-io/src/util/debug.c /sssd-io/src/util/dlinklist.h /sssd-io/src/util/find_uid.c /sssd-io/src/util/find_uid.h /sssd-io/src/util/memory.c /sssd-io/src/util/nss_sha512crypt.c /sssd-io/src/util/refcount.c /sssd-io/src/util/refcount.h /sssd-io/src/util/server.c /sssd-io/src/util/sha512crypt.h /sssd-io/src/util/signal.c /sssd-io/src/util/signal.m4 /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_krb5.h /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/sss_ldap.h /sssd-io/src/util/strtonum.c /sssd-io/src/util/strtonum.h /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/user_info_msg.h /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h