History log of /sssd-io/src/tests/sysdb-tests.c
Revision Date Author Comments Expand
ba2d5f7a0adefb017d3f85203d715b725ca8810f 25-Apr-2018 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: sysdb_add_incomplete_group now returns EEXIST with a duplicate GID Related: https://pagure.io/SSSD/sssd/issue/2653 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
49dd8ee2834d9477418961dbaffa4a03cfa9fd1e 29-Jan-2018 René Genz <liebundartig@freenet.de>

Fix minor spelling mistakes in tests/* Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
6df34be3ee736d7a34e67c49c365077be849031a 18-Jan-2018 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Fix sysdb_search_by_name() for looking up groups in MPG domains If a group was being looked by using sysdb_search_by_name() in a MPG domain, the code would search only for group objects -- but in a MPG domain, there may be none, the groups are typically inferred from a user object. This could have caused issues e.g. for IPA code with the following sequence: getent group aduser@windows.domain getent passwd aduser@windows.domain The former would fail to add the fallback subdomain homedir and the latter would then return a user entry without a homedir, with libc falling back to the "/" homedir. Resolves: https://pagure.io/SSSD/sssd/issue/3615 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
ab224783b581ebc77e475cd1377f4b5bcce52e9b 28-Nov-2017 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-test: Fix warning may be used uninitialized It cannot be uninitialized because we will have some messages. 2243 2244 fail_unless(data->msgs_count == 10, 2245 "wrong number of results, found [%d] expected [10]", 2246 data->msgs_count); and it cannot be NULL 2257 for (j = 0; j < data->msgs_count; j++) { 2258 uid_str = talloc_asprintf(data, "%d", 27010 + j); 2259 fail_unless(uid_str != NULL, "talloc_asprintf failed."); src/tests/sysdb-tests.c: In function ‘test_sysdb_search_all_users’: src/tests/sysdb-tests.c:2266:9: error: ‘uid_str’ may be used uninitialized in this function [-Werror=maybe-uninitialized] fail_unless(strncmp(uid_str, ^~~~~~~~~~~ Reviewed-by: Michal Židek <mzidek@redhat.com>
0e238c259c066cf997aaa940d33d6bda96c15925 27-Nov-2017 Sumit Bose <sbose@redhat.com>

sysdb: do not use objectClass for users and groups The majority of the object in the SSSD cache are users and groups. If there are many user and groups in the cache the index objects of the objectclass attributes 'user' and 'group' become large because the must hold references to all objects of those object classes. As a result the management of these index objects becomes costly because they must be parsed and split apart quite often. Additionally they are mostly useless because user and groups are lookup up by more specific attributes in general. Only when enumerating all user or groups this kind of index might be useful. There are two way of removing this kind of index from the user and group objects. Either by removing objectClass from the list of indexes and add a new attribute to all other type of object we want and index for. Or by replacing objectClass with a different attribute for the user and group objects. After some testing I think the latter one is the more reliable one and implemented it in this patch. Related to https://pagure.io/SSSD/sssd/issue/3503 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

/sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_init.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/db/sysdb_upgrade.c /sssd-io/src/ldb_modules/memberof.c /sssd-io/src/providers/ad/ad_pac.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/ipa/ipa_subdomains_id.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/responder/common/cache_req/plugins/cache_req_common.c /sssd-io/src/responder/ifp/ifp_cache.c /sssd-io/src/responder/ifp/ifp_groups.c /sssd-io/src/responder/ifp/ifp_users.c /sssd-io/src/responder/nss/nss_cmd.c /sssd-io/src/responder/nss/nss_protocol_grent.c /sssd-io/src/responder/nss/nss_protocol_sid.c cmocka/test_ad_common.c cmocka/test_ipa_subdomains_server.c sysdb-tests.c /sssd-io/src/tools/sssctl/sssctl_cache.c
1f2662c8f97c9c0fa250055d4b6750abfc6d0835 11-Oct-2017 Sumit Bose <sbose@redhat.com>

sysdb: sanitize search filter input This patch sanitizes the input for sysdb searches by UPN/email, SID and UUID. This security issue was assigned CVE-2017-12173 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
9a44e78304f09961dea5148667aef24a88f10bb0 05-Sep-2017 Fabiano Fidêncio <fidencio@redhat.com>

TESTS: Add tests for sysdb_search_{users,groups}_by_orig_dn() Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
96e1794db6915a655d97ecab7ab71ad53d1f527b 08-Jun-2017 Lukas Slebodnik <lslebodn@redhat.com>

UTIL: Remove ctype.h from util/util.h ctype.h is not used directly by util/util.h. The header file ctype.h must be included in 32 files and after removing it from util.h it had to be added only to 8 missing files Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
5f7f249f2a8a1c7284e991aa64dbf850d482b0aa 30-Mar-2017 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Allow storing non-POSIX users Related to: https://pagure.io/SSSD/sssd/issue/3310 We already do the same for groups. If the user does not have UID number set but does have the POSIX: false attribute set, then we save the user with zero UID and the non-POSIX flag. Reviewed-by: Sumit Bose <sbose@redhat.com>
a63d74f65db2db7389cd373cb37adcdaaa2d56ea 29-Mar-2017 Michal Židek <mzidek@redhat.com>

SUBDOMAINS: Allow use_fully_qualified_names for subdomains Allow option use_fully_qualified_names in subdomain section. This option was recently added to subdomain_inherit. Resolves: https://pagure.io/SSSD/sssd/issue/3337 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
81c564a0692aa4b719af2219f52894e6cd4bdf9f 23-Mar-2017 Sumit Bose <sbose@redhat.com>

LDAP: always store the certificate from the request Store the certificate used to lookup a user as mapped attribute in the cached user object. Related to https://pagure.io/SSSD/sssd/issue/3050 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
3994e8779d16db3e9fb30f03e5ecf5e811095ac2 23-Mar-2017 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_attrs_copy() Related to https://pagure.io/SSSD/sssd/issue/3050 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
ba926c98b7ae605077a09ba7135e05257de62a0f 10-Mar-2017 Sumit Bose <sbose@redhat.com>

sysdb: allow multiple results for searches by certificate Related to https://pagure.io/SSSD/sssd/issue/3050 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
afadeb1a530ff010a2f9a7552562576b843c874b 03-Mar-2017 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: When searching for UPNs, search either the whole DB or only the given domain The search-by-UPN functions always searched for the whole domain. In some cases, the caller depends on the result coming from the domain specified by the 'domain' parameter. This is the case in the cache_req code at least. Even though it should be safe to just switch to always searching the whole domain, in order to allow us to examine the code carefully and test each codepath, let's introduce a boolean option to the search functions. Currently it defaults to false in all codepaths and as we test the individual ones, we can flip the option to true until we finally remove the option altogether. Reviewed-by: Sumit Bose <sbose@redhat.com>
8718ff9ccd29f6431bfa8630bfa3576b2692c9ee 02-Mar-2017 Jakub Hrozek <jhrozek@redhat.com>

UTIL: Store UPN suffixes when creating a new subdomain We used to store UPN suffixes pointer into the domain structure only if the domain changed, not when a new domain was created. As an effect, the enterprise principals flag was not enabled unless a domain changed, preventing logins with enterprise principals. Reviewed-by: Sumit Bose <sbose@redhat.com>
daf3714bd3f772934025894c534aa902f0b8f98f 23-Jan-2017 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: Add test for sysdb_search_object_by_name Reviewed-by: Pavel Březina <pbrezina@redhat.com>
1266980705981445961864ee2eb0ea21aea4287d 23-Jan-2017 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: Add test for sysdb_search_object_by_id Reviewed-by: Pavel Březina <pbrezina@redhat.com>
20348a30feb4be619b3b691c24c9be8131507c46 18-Jul-2016 Sumit Bose <sbose@redhat.com>

sysdb: make subdomain calls aware of upn_suffixes sysdb_subdomain_store() and sysdb_update_subdomains() can now update upn_suffixes as well. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
2bb9e88328ef44eddd935c250ae12337442c5900 12-Jul-2016 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: Fix cast from pointer to integer src/tests/sysdb-tests.c: In function 'test_sysdb_memberof_close_loop': src/tests/sysdb-tests.c:2740:5: warning: passing argument 1 of '_ck_assert_msg' makes integer from pointer without a cast [enabled by default] fail_unless(data->attrlist[0], "talloc_array failed."); ^ In file included from src/tests/sysdb-tests.c:23:0: /usr/include/check.h:237:16: note: expected 'int' but argument is of type 'const char *' void CK_EXPORT _ck_assert_msg (int result, const char *file, ^ Reviewed-by: Pavel Březina <pbrezina@redhat.com>
4b39208286ca0351ee76d4e64e077e7ad5ca8568 07-Jul-2016 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Fix sysdb tests to work with the new format The sysdb tests now user the qualified name to store users and groups. To avoid the sysdb interface being tied too tightly to our specific format, all names are constructed using a function, not hardcoded. Just swapping the functions that create or parse the names for a different format should not make the test fail. Reviewed-by: Sumit Bose <sbose@redhat.com>
564ba43becb55bc17c69de2915be66f65b7edef5 07-Jul-2016 Michal Zidek <mzidek@redhat.com>

TESTS: First pass on converting the sysdb tests to the fqname format Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
d2d8f342cd5e90bb9fd947c448492225f959aa86 27-Jun-2016 Pavel Březina <pbrezina@redhat.com>

sss_tools: create confdb if not exist So tools (especially sssctl) may be run even when databases where removed. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
883fb900f7c6b202cf0b6d8268ffa626ab8a1be9 13-Apr-2016 Jakub Hrozek <jhrozek@redhat.com>

tests: Check NULL context in sysdb-tests when removing group members This is done to make sure the memberof module does not leak memory. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
1352cf0d037c21eb6245fed17f1e6596ea3a3ccd 21-Nov-2015 Pavel Reichl <preichl@redhat.com>

sysdb-tests: Fix warning - incompatible pointer type Reviewed-by: Sumit Bose <sbose@redhat.com>
aedc71fe8360a51785933523f14bb5c4e7e2c38b 20-Nov-2015 Sumit Bose <sbose@redhat.com>

IPA: fix override with the same name If the user name of a AD user is overridden with the name itself in an IPA override object SSSD adds this name twice to the alias list causing an ldb error when trying to write the user object to the cache. As a result the user is not available. This patch makes sure that there are no duplicated alias names. Resolves https://fedorahosted.org/sssd/ticket/2874 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
40fa5c38de74c41eabd19a671bcbd21836e889f8 30-Sep-2015 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: Use valid base64 encoded certificate for search sh$ printf "ABC" | base64 -d base64: invalid input Reviewed-by: Michal Židek <mzidek@redhat.com>
50c9d542e8bf641412debaa82a4dcf67ddb72258 18-Sep-2015 Lukas Slebodnik <lslebodn@redhat.com>

tests: Use unique name for TEST_PATH We had a cases in patch where two tests were using the same TEST_PATH and therefore they were stepping each other to the same files which caused failures. These failures are not easy to reproduce. This patch uses macro BASE_FILE_STEM for unique name. It should prevent copy&paste problem resulting to intermittent failures. @see also https://www.gnu.org/software/make/manual/html_node/Automatic-Variables.html Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
b0d6d14b5bcc137074383abcd2bf8039c3d74b02 03-Sep-2015 Michal Židek <mzidek@redhat.com>

SYSDB: Add function to expire entry Ticket: https://fedorahosted.org/sssd/ticket/2676 Added function to expire entry in sysdb using its DN. Reviewed-by: Pavel Reichl <preichl@redhat.com>
f91029dd8d7dbc026a5c73e222926db957240cb4 23-Jul-2015 Yuri Chornoivan <yurchor@ukr.net>

Fix minor typos Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
7d8b7d82f0a91ed656320577fc781f24a66db9f8 19-Jun-2015 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_search_user_by_cert() and sysdb_search_object_by_cert() Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
526a15438525417cd701f837d7085b7f8c8a6325 14-Jun-2015 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Add a test for sysdb_subdomains.c The sysdb_subdomains.c module should have its own sysdb test, not share the generic sysdb one. Reviewed-by: Sumit Bose <sbose@redhat.com>
ea224c3813a537639778f91ac762732b3c289603 14-Jun-2015 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Store trust direction for subdomains We need to store the subdomain trust direction in order to recover the structure after SSSD restart. The trust direction is a plain uint32_t to avoid leaking the knowledge about AD trust directions to sysdb while at the same time making it easy to compare values between sysdb and LDAP and avoid translating the values. Reviewed-by: Sumit Bose <sbose@redhat.com>
a010c6fc2d2f503f47e0ce9dfd357b3f48636071 02-Jun-2015 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Use the right testcase tc_autofs, not tc_subdomains.. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
55b7fdd837a780ab0f71cbfaa2403f4626993922 08-May-2015 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_cache_password_ex() Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
0f9c28eb52d2b45c8a97f709308dc11377831b8c 06-May-2015 Sumit Bose <sbose@redhat.com>

IPA: allow initgroups by UUID for FreeIPA users If a FreeIPA user is searched with the help of an override name the UUID from the override anchor is used to search the user. Currently the initgroups request only allows searches by SID or name. With this patch a UUID can be used as well. Related to https://fedorahosted.org/sssd/ticket/2642 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
f70a1adbfc30b9acc302027439fb8157e0c6ea2a 29-Apr-2015 Sumit Bose <sbose@redhat.com>

IPA: allow initgroups by SID for AD users If a user from a trusted AD domain is search with the help of an override name the SID from the override anchor is used to search the user in AD. Currently the initgroups request only allows searches by name. With this patch a SID can be used as well. Resolves https://fedorahosted.org/sssd/ticket/2632 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
4ea6bc6dea87ac8cb37eb271ea86350e89695670 14-Apr-2015 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: test return value before output arguments Output arguments needn't be initialized if function failed. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
4a73eb4c8136f8e5fd47aa63e5b7c10afc10046e 14-Apr-2015 Lukas Slebodnik <lslebodn@redhat.com>

sysdb-tests: Add missing assertions The return valuee of functions test_remove_group_member sysdb_attrs_add_time_t were ignored and therefore this part of code was not tested. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
108db0e3b9e06e530364ef8228634f5e3f6bd3b5 30-Jan-2015 Jakub Hrozek <jhrozek@redhat.com>

LDAP: Add UUID when saving incomplete groups Related to: https://fedorahosted.org/sssd/ticket/2571 Reviewed-by: Sumit Bose <sbose@redhat.com>
ee8dccf5f0a7de4aba16ab73a53872df9a65175c 08-Jan-2015 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Cover sysdb_gpo.c with unit tests Untested code is risky to change. Reviewed-by: Pavel Reichl <preichl@redhat.com>
a28d949e66785a0e2c28612d095cc491876cf46f 08-Jan-2015 Pavel Reichl <preichl@redhat.com>

TESTS: typo in 'assert message' Reviewed-by: Pavel Březina <pbrezina@redhat.com>
4bbcc2d6d3f16b015796818746a45134861c93a4 17-Dec-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: sysdb_search_object_by_sid returns ENOENT sysdb_search_object_by_sid returns ENOENT if no results are found. Part od solution for: https://fedorahosted.org/sssd/ticket/1991 Fixes: https://fedorahosted.org/sssd/ticket/2520 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
13c0cf829eca7891ad9d0087e91c72650f990149 17-Dec-2014 Pavel Reichl <preichl@redhat.com>

TESTS: sysdb_delete_by_sid() test return value Check that return value of sysdb_delete_by_sid() is not changed as called SYSDB functions have changed the return value. Part of patches for: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
c9eaf8c1e02c155b7ca7ffb2b1edade8a23ce1ff 02-Dec-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: sysdb_get_bool() return ENOENT & unit tests sysdb_get_bool() return ENOENT if no result is found. Unit test for sysdb_get_bool() & sysdb_set_bool() was added. This patch also fixes ldap_setup_enumeration() to handle ENOENT returned by sysdb_has_enumerated(). Resolves: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
907a7c626db407d19d4cae85c2db7d3561120349 20-Nov-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_search_object_by_uuid() Related to https://fedorahosted.org/sssd/ticket/2481 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
a5b55bdfcda8bfce8cb2ced981773998093d7857 19-Nov-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: sysdb_idmap_get_mappings returns ENOENT sysdb_idmap_get_mappings returns ENOENT if no results were found. Part od solution for: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
8a2a503fa5c01ea037d28b7c902b8821a11084bd 16-Oct-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_attrs_add_val_safe() and sysdb_attrs_add_string_safe() sysdb_attrs_add_val_safe() works like sysdb_attrs_add_val() but checks if the attribute value to add already exists. In this case the value list is not changed. This is useful if values are added from different sources at different times to avoid LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS errors from ldb_modify() later on. sysdb_attrs_add_string_safe() does the same for string arguments Reviewed-by: Pavel Březina <pbrezina@redhat.com>
25072dd5274f07255cdc930f6257c4cbf74692de 09-Oct-2014 Pavel Březina <pbrezina@redhat.com>

tests: add test for sysdb_get_user_attr with subdomain user Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
d7d3ee1b8ab7a05129c83da8a185351d7c751c1c 06-Oct-2014 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: move sysdb_get_real_name() from sysdb.c to sysdb_search.c The sysdb.c should be reserved for utility and setup functions. Search functions belong to sysdb_search.c Keeping functions in specialized modules helps to maintain nice dependencies and in overall makes unit testing easier. Moreover, the function was not unit tested, which needed fixing. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
89e18b38259e9c5f1aa1a35ef30f13aee5ea6bd2 18-Sep-2014 Jakub Hrozek <jhrozek@redhat.com>

tests: Add a test for storing custom attrs with automatic ID Reviewed-by: Daniel Gollub <dgollub@brocade.com>
d580dde031bca7588555e8f2857a0fcc2977f1e0 17-Sep-2014 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Add a case-insensitive group search sysdb test A recent fix enabled searching for groups by name in a case-insensitive domain. This patch adds a unit test to check that behaviour. Reviewed-by: Sumit Bose <sbose@redhat.com>
61602026ed8c91efd166000562899670449f1b50 05-Sep-2014 Pavel Reichl <preichl@redhat.com>

SYSDB: SSS_LDB_SEARCH - macro around ldb_search This patch amends previous patch 5153e8b9793dea1e212ca08af0f77ea1d023cbb7. Macro SSS_LDB_SEARCH is used instead of using fuction sss_ldb_search as a wrapper around ldb_search which could lead to premature expansion of variadic parameters. Part of solution for: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
8cfd1e0d696a573a92ef011a64317b9054f5c45f 01-Sep-2014 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Add unit tests for the GPO interface Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
6b57784f0f175275fd900eca21c77415e3a5ea52 09-Jul-2014 Jakub Hrozek <jhrozek@redhat.com>

TOOLS: Always debug to stderr https://fedorahosted.org/sssd/ticket/2348 Programs that are supposed to only be executed on the foreground should log to stderr automatically. Reviewed-by: Michal Židek <mzidek@redhat.com>

auth-tests.c cmocka/sbus_internal_tests.c cmocka/test_ad_access_filter.c cmocka/test_ad_common.c cmocka/test_ad_gpo.c cmocka/test_dp_opts.c cmocka/test_dyndns.c cmocka/test_fqnames.c cmocka/test_ifp.c cmocka/test_ipa_idmap.c cmocka/test_nested_groups.c cmocka/test_nss_srv.c cmocka/test_responder_common.c cmocka/test_sdap.c cmocka/test_sss_idmap.c cmocka/test_sss_sifp.c cmocka/test_utils.c crypto-tests.c fail_over-tests.c files-tests.c krb5_child-test.c krb5_utils-tests.c refcount-tests.c resolv-tests.c responder_socket_access-tests.c simple_access-tests.c strtonum-tests.c sysdb-tests.c sysdb_ssh-tests.c util-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_debuglevel.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/util/util.h
50c009a3d51521880ddf568e7173d1ed9d5c2685 25-Jun-2014 Pavel Reichl <preichl@redhat.com>

TESTS: sysdb_getnetgr - return ENOENT Resolves: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
940dd08102ac8527ef9e367dc5d6fb88cd53a8a2 25-Jun-2014 Pavel Reichl <preichl@redhat.com>

TESTS: add tests for sss_ldb_search Resolves: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
7ecb5aea65cb1899f16e7a41bffa93d074defd4a 20-Jun-2014 Sumit Bose <sbose@redhat.com>

sysdb: add sysdb_search_user_by_upn() with tests Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
af63cdbfe0c917e0dc921232f67295fdc48d1e32 20-Jun-2014 Pavel Reichl <preichl@redhat.com>

TESTS: sysdb_search_return_ENOENT - check mem leaks Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
8ddcc64e343d6023f358a72a9515a0fa112db83b 28-May-2014 Pavel Reichl <preichl@redhat.com>

TEST: simple_access & sysdb tests - cleanup Before running tests do cleanup. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
fa0e2bc21e1cca4d2196a0682d2b440977923b25 28-May-2014 Pavel Reichl <preichl@redhat.com>

TEST: unused variable Remove unused variable causing warning. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
c61aa53b0d4631630e6757c62193a10b50c8c2e0 28-May-2014 Jakub Hrozek <jhrozek@redhat.com>

tests: Add test for confdb_list_all_domain_names Reviewed-by: Pavel Březina <pbrezina@redhat.com>
4b0c83e022c396e984d862ced5b6219e4ef04429 27-May-2014 Lukas Slebodnik <lslebodn@redhat.com>

TEST: Test empty results from functions sysdb_search_* Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
cf2cc44d6293165379d6470b8bf6bb6a87d62b31 14-May-2014 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: return SYSDB_NAME from sysdb_initgroups For the GetGroupsList function it would be handy to get the user names as well with a single sysdb_initgroups() call. This patch adds SYSDB_NAME to the default attribute list. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
83bf46f4066e3d5e838a32357c201de9bd6ecdfd 12-Feb-2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>

Update DEBUG* invocations to use new levels Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>

/sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_ranges.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/db/sysdb_upgrade.c /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_init_shared.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_wait_queue.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_enum.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/ldap/sdap_fd_events.c /sssd-io/src/providers/ldap/sdap_id_op.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/responder/common/negcache.c /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/nss/nsssrv_private.h /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_server.c auth-tests.c files-tests.c resolv-tests.c sysdb-tests.c sysdb_ssh-tests.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/check_and_open.c /sssd-io/src/util/child_common.c /sssd-io/src/util/crypto/nss/nss_obfuscate.c /sssd-io/src/util/crypto/nss/nss_util.c /sssd-io/src/util/debug.c /sssd-io/src/util/find_uid.c /sssd-io/src/util/nscd.c /sssd-io/src/util/signal.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c
a3c8390d19593b1e5277d95bfb4ab206d4785150 12-Feb-2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>

Make DEBUG macro invocations variadic Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>

/sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb_autofs.c /sssd-io/src/db/sysdb_idmap.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_ranges.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/db/sysdb_selinux.c /sssd-io/src/db/sysdb_services.c /sssd-io/src/db/sysdb_ssh.c /sssd-io/src/db/sysdb_subdomains.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_upgrade.c /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/ad/ad_access.c /sssd-io/src/providers/ad/ad_common.c /sssd-io/src/providers/ad/ad_domain_info.c /sssd-io/src/providers/ad/ad_dyndns.c /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_init.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/ad/ad_subdomains.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_dyndns.c /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/dp_ptask.c /sssd-io/src/providers/dp_refresh.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/fail_over_srv.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_autofs.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_config.c /sssd-io/src/providers/ipa/ipa_dyndns.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_hostid.c /sssd-io/src/providers/ipa/ipa_hosts.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_idmap.c /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_s2n_exop.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_srv.c /sssd-io/src/providers/ipa/ipa_subdomains.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/ipa/ipa_subdomains_id.c /sssd-io/src/providers/ipa/ipa_sudo.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_become_user.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_init_shared.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_wait_queue.c /sssd-io/src/providers/ldap/ldap_access.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/ldap_id_services.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async_autofs.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_enum.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_groups_ad.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_services.c /sssd-io/src/providers/ldap/sdap_async_sudo.c /sssd-io/src/providers/ldap/sdap_async_sudo_hostinfo.c /sssd-io/src/providers/ldap/sdap_async_sudo_timer.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_autofs.c /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/ldap/sdap_dyndns.c /sssd-io/src/providers/ldap/sdap_fd_events.c /sssd-io/src/providers/ldap/sdap_id_op.c /sssd-io/src/providers/ldap/sdap_idmap.c /sssd-io/src/providers/ldap/sdap_range.c /sssd-io/src/providers/ldap/sdap_refresh.c /sssd-io/src/providers/ldap/sdap_reinit.c /sssd-io/src/providers/ldap/sdap_sudo.c /sssd-io/src/providers/ldap/sdap_sudo_cache.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/proxy/proxy_services.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/resolv/async_resolv_utils.c /sssd-io/src/responder/autofs/autofssrv.c /sssd-io/src/responder/autofs/autofssrv_cmd.c /sssd-io/src/responder/autofs/autofssrv_dp.c /sssd-io/src/responder/common/negcache.c /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/common/responder_get_domains.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_mmap_cache.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/nss/nsssrv_private.h /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pac/pacsrv.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pac/pacsrv_utils.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pam_helpers.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/responder/ssh/sshsrv.c /sssd-io/src/responder/ssh/sshsrv_cmd.c /sssd-io/src/responder/ssh/sshsrv_dp.c /sssd-io/src/responder/sudo/sudosrv.c /sssd-io/src/responder/sudo/sudosrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_dp.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c /sssd-io/src/responder/sudo/sudosrv_query.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/sss_client/ssh/sss_ssh_authorizedkeys.c /sssd-io/src/sss_client/ssh/sss_ssh_knownhostsproxy.c auth-tests.c cmocka/test_dyndns.c cmocka/test_fqnames.c cmocka/test_nss_srv.c cmocka/test_utils.c common_dom.c common_tev.c debug-tests.c files-tests.c krb5_child-test.c resolv-tests.c simple_access-tests.c sysdb-tests.c sysdb_ssh-tests.c /sssd-io/src/tools/files.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_debuglevel.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_mc_util.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/authtok.c /sssd-io/src/util/backup_file.c /sssd-io/src/util/check_and_open.c /sssd-io/src/util/child_common.c /sssd-io/src/util/crypto/libcrypto/crypto_base64.c /sssd-io/src/util/crypto/libcrypto/crypto_obfuscate.c /sssd-io/src/util/crypto/nss/nss_obfuscate.c /sssd-io/src/util/crypto/nss/nss_util.c /sssd-io/src/util/debug.c /sssd-io/src/util/domain_info_utils.c /sssd-io/src/util/find_uid.c /sssd-io/src/util/nscd.c /sssd-io/src/util/server.c /sssd-io/src/util/signal.c /sssd-io/src/util/sss_ini.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_krb5.h /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/sss_nss.c /sssd-io/src/util/sss_selinux.c /sssd-io/src/util/sss_ssh.c /sssd-io/src/util/sss_tc_utf8.c /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h /sssd-io/src/util/util_lock.c /sssd-io/src/util/well_known_sids.c
37171a92dc9c5e4fe1a0663901fc965b49a78151 29-Jan-2014 Jakub Hrozek <jhrozek@redhat.com>

DB: Add sss_ldb_el_to_string_list
48eb2ca157f7cdc625d0eacdcdc085a3fe1a0fc8 19-Dec-2013 Sumit Bose <sbose@redhat.com>

Add sysdb_attrs_add_lc_name_alias
e60b425ddc0e24178d044bef04ab7349ac7a7826 28-Nov-2013 Lukas Slebodnik <lslebodn@redhat.com>

SYSDB: Sanitize filter before removing ghost attrs sysdb_add_user fails with EIO if enumeration is disabled and user contains backslashes. We try to remove ghost attributes from groups with disabled enumeration, but unsanitized filter is used to find ghost attributes "(|(ghost=usr\\\\002)" and ldb cannot parse this filter. Resolves: https://fedorahosted.org/sssd/ticket/2163
e167b504d0cb3f3e69c9f556fe7dfabacd6bb694 28-Nov-2013 Lukas Slebodnik <lslebodn@redhat.com>

SYSDB: Sanitize filter before sysdb_search_groups sysdb_delete_user fails with EIO if user does not exist and contains backslashes. ldb could not parse filter (&(objectclass=group)(ghost=usr\\\\001)), because ghost value was not sanitized Resolves: https://fedorahosted.org/sssd/ticket/2163
e2ac9be4f293b96f3c8992f1171e44bc1da5cfca 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop redundant sysdb_ctx parameter from sysdb.c
d115f40c7a3999e3cbe705a2ff9cf0fd493f80fb 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2)

/sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_autofs.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_services.c /sssd-io/src/db/sysdb_ssh.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_s2n_exop.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/ldap/sdap_async_nested_groups.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/ldap/sdap_reinit.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pac/pacsrv_utils.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c cmocka/test_nss_srv.c simple_access-tests.c sysdb-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c
4c08db0fb0dda3d27b1184248ca5c800d7ce23f0 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 1)

/sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/ldap/sdap_async_initgroups_ad.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv_cmd.c sysdb-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/tools_mc_util.c /sssd-io/src/util/sss_selinux.c
4fcc50e133f90cd4c5931a3ac48c84cb628b16fc 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter from the sysdb_services module
b3292840ebaa747a9fd596ff47cc5d18198361d0 15-Nov-2013 Michal Zidek <mzidek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter from the sysdb_search module

/sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_search.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_initgroups.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/python/pysss.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/ssh/sshsrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c cmocka/test_nss_srv.c sysdb-tests.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c
e7d1cd14ce1a427007b1a7e9789dcb7e9619f84f 15-Nov-2013 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Drop the sysdb_ctx parameter from the autofs API
8b64ca35eb73667a589067788a6f9fb1f7d281c1 25-Oct-2013 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Add sysdb_delete_by_sid
c5711b0279ea85d69fe3c77dfb194360c346e1d7 27-Sep-2013 Sumit Bose <sbose@redhat.com>

IPA: store forest name for forest member domains In order to fix https://fedorahosted.org/sssd/ticket/2093 the name of the forest must be known for a member domain of the forest.
6ff294ac06863ea76463c3fa3549cc46a60b75ad 26-Sep-2013 Pavel Březina <pbrezina@redhat.com>

sysdb: sysdb_update_members can take either name or dn We need to work with distinguish names when processing cross-domain membership, because groups and users may be stored in different sysdb tree. Resolves: https://fedorahosted.org/sssd/ticket/2066
abc398cba9d11d3da047636992ec14c2d4535161 10-Sep-2013 Ondrej Kos <okos@redhat.com>

DB: Add user/group lookup by SID
a6cca9c284724fafd670a3163812f248ba53ad97 28-Aug-2013 Jakub Hrozek <jhrozek@redhat.com>

Read enumerate state for subdomains from cache The enumerate flag will be read from the cache for subdomains and the domain object will be created accordingly.
b3458bbb5315b05d7ac1abc58f1c380761756603 28-Aug-2013 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Store enumerate flag for subdomain
75dd4b05e1dacc76dc9d5f16be31978f84a71dc5 19-Aug-2013 Sumit Bose <sbose@redhat.com>

sysdb_add_incomplete_group: store SID string is available During initgroups request we read the SID of a group from the server but do not save it to the cache. This patch fixes this and might help to avoid an additional lookup of the SID later.
93bd0fbd1147371122612af88ed8a3c4534112ae 09-Jul-2013 Jakub Hrozek <jhrozek@redhat.com>

DB: sysdb_search_user_by_name: search by both name and alias
9822d4d468ec74e4e173f5adf0db12d02974cd18 28-Jun-2013 Sumit Bose <sbose@redhat.com>

Read mpg state for subdomains from cache The mpg flag will be read from the cache for subdomains and the domain object will be created accordingly.
09d7c105839bfc7447ea0f766413ed86675ca075 28-Jun-2013 Sumit Bose <sbose@redhat.com>

Save mpg state for subdomains The information of a subdomain will use magic private groups (mpg) or not will be stored together with other information about the domain in the cache.
b36153ce4c3eeb19274ce32e82949da446184406 30-May-2013 Lukas Slebodnik <lslebodn@redhat.com>

Remove empty directories after tests run. Empty directory tests_path is removed in function test_dom_suite_cleanup. Function test_dom_suite_cleanup is reused in other tests.
36c50faf2674a3ebd8a6458f3c53fb72a68d1f28 29-Apr-2013 Jakub Hrozek <jhrozek@redhat.com>

Only try to relink ghost users if we're not enumerating https://fedorahosted.org/sssd/ticket/1893 When SSSD is not enumerating (which is the default), we are trying to link any "ghost" entries with a newly created user entry. However, when enumeration is on, this means a spurious search on adding any user.
00181f32b25d4050d7d4769def31b609a098fd2f 21-Mar-2013 Lukas Slebodnik <lslebodn@redhat.com>

Fixing duplicate const const char const * --> const char *const
dfe84158c49e44f2207b94d25e61ab4f3fe38366 20-Mar-2013 Michal Zidek <mzidek@redhat.com>

tests: Print warning if LDB_MODULES_PATH is not set Print warning if sysdb-tests or sysdb-ssh test are run individually and LDB_MODULES_PATH was not set. https://fedorahosted.org/sssd/ticket/1820
ab967283b710dfa05d11ee5b30c7ac916486ceec 04-Mar-2013 Simo Sorce <simo@redhat.com>

Use SSSD specific errors for offline auth This prevents reportin false errors when internal functions return a generic EINVAL or EACCES that should just be treated as internal errors.
bba1a5fd62cffcae076d1351df5a83fbc4a6ec17 10-Feb-2013 Simo Sorce <simo@redhat.com>

Change the way domains are linked. - Use a double-linked list for domains and subdomains. - Never remove a subdomain, simply mark it as disabled if it becomes unused. - Rework the way subdomains are refreshed. Now sysdb_update_subdomains() actually updates the current subdomains and marks as disabled the ones not found in the sysdb or add new ones found. It never removes them. Removal of missing domains from sysdb is deferred to the providers, which will perform it at refresh time, for the ipa provider that is done by ipa_subdomains_write_mappings() now. sysdb_update_subdomains() is then used to update the memory hierarchy of the subdomains. - Removes sysdb_get_subdomains() - Removes copy_subdomain() - Add sysdb_subdomain_delete()
95e94691178297f2b8225a83d43ae388cab04b45 10-Feb-2013 Simo Sorce <simo@redhat.com>

Remove sysdb_subdom completely struct sss_domain_info is always used to represent domains now. Adjust tests accordingly.
aab938c5975f0e3b85c7c79a5d718e5fefed7217 10-Feb-2013 Simo Sorce <simo@redhat.com>

Avoid sysdb_subdom in sysdb_get_subdomains()
b8dcd1216e5ea7065213c750a92dabfe01fa3b70 10-Feb-2013 Simo Sorce <simo@redhat.com>

Add realm info to sss_domain_info
c931d373501bff1d7386a6f7f5c955380d3a61ed 29-Jan-2013 Ondrej Kos <okos@redhat.com>

TESTS: include error message on fail
6478da8aa5349bf2df715f66eb24ec46b578b5a9 29-Jan-2013 Ondrej Kos <okos@redhat.com>

TESTS: Fix coverity issues 13126, 13127 https://fedorahosted.org/sssd/ticket/1763
8f6776b1c5d0de8cd6e79f5e175c7aedf1ae5bbb 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: unit test for sysdb_remove_attrs
197b0bc25315fc1e4d2606b283dd035375d30be9 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: add unit test for sysdb_get_new_id
02c5498293019e6639674e4e4fa9f673e022f92d 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: test sysdb_initgroups
78bc44b944c9fc861229d991220681f3d3560d8e 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: adda a unit test for test_sysdb_search_groups
25d978f2c4eea0c869da8d844996601281f0a7d4 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: unit test for test_sysdb_search_users
a294438ef32b2a453f8cc8933056f8969a7ca510 15-Jan-2013 Jakub Hrozek <jhrozek@redhat.com>

tests: add a unit test for sysdb_netgroup_base_dn
681742138b2afbbefa7f14de937beb438409208e 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arguments to sysdb services functions also fix sysdb_svc_add declarations
2913240aee51ce81195148a4d814e967f66839c4 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb autofs functions
2ca23577d3a25aead24ba759a1f6f67ffc24decf 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_remove_attrs()
80c6afa474d8a1e0198832bddfe5da75a9818b29 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_has/set_enumerated()
84c986f9bb2767d8930b6f5d92d34b09b8fabe60 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arg to sysdb_search/delete_netgroup()
a58ccee5afc802c7560624929614616aeefa9bd0 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_delete_group() Also remove sysdb_delete_domgroup()
3412d14d65490c32414e72ac20fe21bad53ceb45 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_delete_user() Also remove sysdb_delete_domuser()
a703ed242523c145133f522085ee3180452b3743 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_delete_custom
770896b194b7b66b09c2a30545b4d091fd86b1f4 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_search_custom() Also changes sysdb_search_custom_by_name()
dd7192379e5fc5bb852863e60ad4b6a20c5da183 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_store_custom()
74ac1c2834cd8961ed9e7cadcfe28b113bffe4de 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_cache_auth()
777f5bc1fb5f2ba4267de83843beee51090eb8d5 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_cache_password()
363ce75bfe2f73198e1ae7feeed97b6009ae24b8 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arg to sysdb group member functions
99c0cfdc5f065ba38f1ee91701d1d27f9e4fdb96 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_store_group() Also remove sysdb_store_domgroup()
6ac396bebb4cd3124711d26dce54263f6f9c7c45 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_store_user() Also remove sysdb_store_domuser()
b7427d63bd328be32991f9d437c4a3d46bcabe03 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arguments to sysdb_add_inetgroup fns.
5c1135221ff3ea9132b6ebf073f2dcae88b73b3f 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arguments to sysdb_add_group functions.
7c26e3568d0d789067feef945086dff367408a1c 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_add_user()
efc81d1b44169206a2e55bb8e900d3859375abe3 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_add_basic_user()
3187afe4aafa562f2a6747846181ac06d0659dff 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_set_netgroup_attr()
20d2466dbce2bb950813e3f739bc40b511020efb 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_set_group_attr()
3f94d6718d44185137e13b6d326dfd63e8dc61c6 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_set_user_attr()
e6f266656ead48452673389835125db7a1a34baf 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain arg to sysdb_search_netgroup_by_name()
5d72a91a37273c8c874640906fd2f7a70e606812 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_search_group_by_gid() Also remove unused sysdb_search_domgroup_by_gid()
b23539e420b9962ad3bfd8f305b9d5acf47e7efb 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_search_group_by_name() Also remove unused sysdb_search_domgroup_by_name()
a5a4e5b4836fdd693bab6e1c7f9d633d1440447d 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_search_user_by_uid() Also remove unused sysdb_search_domuser_by_uid()
2ce00e0d3896bb42db169d1e79553a81ca837a22 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_search_user_by_name() Also remove unused sysdb_search_domuser_by_name()
5d78919c955c945e78865f322726aac075c71203 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain argument to sysdb_get_user_attr()
1826891a4869450994ae82adb60215ca564f9f4d 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain option to sysdb_get/netgr/attrs() fns
a0593a02a5d2c7a8b4dda330a69fb1f10cc12cdb 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_enum<pw/gr>ebt() functions
2d66c2eee2e4364a52d5436b61759ef990108230 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_get<pwu/grg><id() functions
58fd3aa25c5292bc67432647ab7e5059439fcc6d 15-Jan-2013 Simo Sorce <simo@redhat.com>

Pass domain to sysdb_get<pw/gr>nam() functions Also allows us to remove sysdb_subdom_get<pw/gr>nam() wrappers and restore fqnames proper value in subdomains, by testing for a parent domain being present or not.
4b49384056874e7999d8338ce5288f3d5c27a7b8 15-Jan-2013 Simo Sorce <simo@redhat.com>

Make sysdb_domain_dn() require a domain.
7c974e792beef952ceb19a01775c6d0ee71a1253 15-Jan-2013 Simo Sorce <simo@redhat.com>

Make sysdb_netgroup_dn() require a domain explictly.
52c72ae8587d8d47393a891ccd4ef06bd4bef856 15-Jan-2013 Simo Sorce <simo@redhat.com>

Make sysdb_group_dn() require a domain explictly.
3613cc1eba1337256a2d06ba7a84532156139ccd 15-Jan-2013 Simo Sorce <simo@redhat.com>

Make sysdb_user_dn() require a domain explictly.
234958be042980242fff6da936af674da877c5ef 15-Jan-2013 Simo Sorce <simo@redhat.com>

Refactor single domain initialization Bring it out of sysdb, which will slowly remove internal dependencies on domains and instead will always require them to be passed by callers.
c83e409297711e6012a164cc929c758a3f38e9b9 10-Jan-2013 Simo Sorce <simo@redhat.com>

Code can only check for cached passwords Make it clear to the API users that we can not take arbitrary auth tokens. We can only take a password for now so simplify and clarify the interface.
849aa25d7511a44e8f755c6f0a79b2746007a539 08-Jan-2013 Simo Sorce <simo@redhat.com>

Remove dead netgroup functions
a7b0fa042d58c31140eee6927585c70c18f61584 05-Dec-2012 Jakub Hrozek <jhrozek@redhat.com>

MEMBEROF: Keep inherited ghost users around on modify operation https://fedorahosted.org/sssd/ticket/1652 It is possible to simply reset the list of ghost users to a different one during a modify operation. It is also actually how we update entries that are expired in the SSSD cache. In this case, we must be careful and retain the ghost users that are not native to the group we are processing but are rather inherited from child groups. The intention of the replace operation after all is to set the list of direct members of that group, not direct and indirect.
521bc8907ac558320042f229691274d5aa7e55f0 05-Dec-2012 Jakub Hrozek <jhrozek@redhat.com>

MEMBEROF: Implement the modify operation for ghost users Similar to the add and delete operation, we also need to propagate the changes of the ghost user attribute to the parent groups so that if a nested group updates memberships, its parents also get the membership updated.
fe9516c6cc4e41b00bc7b88431fc42250d98041f 05-Dec-2012 Jakub Hrozek <jhrozek@redhat.com>

MEMBEROF: Implement delete operation for ghost users https://fedorahosted.org/sssd/ticket/1668 The memberof plugin did only expand the ghost users attribute to parents when adding a nested group, but didn't implement the reverse operation. This bug resulted in users being reported as group members even after the direct parent went away as the expanded ghost attributes were never removed from the parent entry. When a ghost entry is removed from a group, all its parent groups are expired from the cache by setting the expire timestamp to 1. Doing so would force the SSSD to re-read the group next time it is requested in order to make sure its members are really up-to-date.
62b36cdae054b915da4d29fd3812f3799c27de69 26-Nov-2012 Jakub Hrozek <jhrozek@redhat.com>

TESTS: Test ghosts users in the RFC2307 schema
6826edf9cbda1b26300340e9e83f7bb491562d00 26-Nov-2012 Jakub Hrozek <jhrozek@redhat.com>

MEMBEROF: Do not add the ghost attribute to self When a nested group with ghost users is added, its ghost attribute should propagate within the nested group structure much like the memberuid attribute. Unlike the memberuid attribute, the ghost attribute is only semi-managed by the memberof plugin and added manually to the original entry. This bug caused LDB errors saying that attribute or value already exists when a group with a ghost user was added to the hierarchy as groups were updated with an attribute they already had.
8455d5ab61184e0d126fc074a9ce6e98391eb909 20-Nov-2012 Jakub Hrozek <jhrozek@redhat.com>

LDAP: Only convert direct parents' ghost attribute to member https://fedorahosted.org/sssd/ticket/1612 This patch changes the handling of ghost attributes when saving the actual user entry. Instead of always linking all groups that contained the ghost attribute with the new user entry, the original member attributes are now saved in the group object and the user entry is only linked with its direct parents. As the member attribute is compared against the originalDN of the user, if either the originalDN or the originalMember attributes are missing, the user object is linked with all the groups as a fallback. The original member attributes are only saved if the LDAP schema supports nesting.
9e2c64c6d4f5560e27207193efea6536a566865e 29-Oct-2012 Michal Zidek <mzidek@redhat.com>

Include talloc log in our debug facility https://fedorahosted.org/sssd/ticket/1495

/sssd-io/src/monitor/monitor.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/responder/autofs/autofssrv.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/pac/pacsrv.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/ssh/sshsrv.c /sssd-io/src/responder/sudo/sudosrv.c /sssd-io/src/sss_client/ssh/sss_ssh_authorizedkeys.c /sssd-io/src/sss_client/ssh/sss_ssh_knownhostsproxy.c auth-tests.c crypto-tests.c fail_over-tests.c files-tests.c krb5_child-test.c krb5_utils-tests.c refcount-tests.c resolv-tests.c responder_socket_access-tests.c simple_access-tests.c strtonum-tests.c sysdb-tests.c sysdb_ssh-tests.c util-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_debuglevel.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/util/debug.c /sssd-io/src/util/util.h
95f5e7963a36b7b68859ce91ae4b232088bbaa09 24-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Remove unnecessary domain parameter from several sysdb calls The domain can be read from the sysdb object. Removing the domain string makes the API more self-contained.
e75a152157e054a2ed46acecbe8b5cfb9853773c 24-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

AUTOFS: Use both key and value in entry RDN This patch switches from using just key in the RDN to using both key and value. That is neccessary to allow multiple direct mounts in a single map.
f17d26a8db285622a5cd5f21c7488b62eedc2cf8 24-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

AUTOFS: Add entry objects below map objects https://fedorahosted.org/sssd/ticket/1506 Changes how the new autofs entry objects are handled. Instead of creating the entry on the cn=autofs,cn=custom level, the entry is created below the map it belongs to.
c7efe2545f691fc81478e0cfe61a43bbc83acc72 24-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

AUTOFS: Add sysdb tests
6a8999bf933f72923a271831d85a01ef88a81f39 10-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: NULL-terminate the output of sysdb_get_{ranges,subdomains}
51fbec23eb60317dcdefc33794477a0e36f16097 05-Sep-2012 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Abort unit test if sysdb_getpwnam fails
efea50efda58be66638e5d38c8e57fdf9992f204 01-Aug-2012 Simo Sorce <simo@redhat.com>

Change refreshing of subdomains This patch keeps a local copy of the subdomains in the ipa subdomains plugin context. This has 2 advantages: 1. allows to check if anything changed w/o always hitting the sysdb. 2. later will allows us to dump this information w/o having to retrieve it again. The timestamp also allows to avoid refreshing too often.
204cfc89a076fd32bf34f2abb3f809304aaa88ab 01-Aug-2012 Simo Sorce <simo@redhat.com>

Add realm paramter to subdomain list This will be used later for setting domain_realm mappings in krb5.conf
982d15f56291a0a9e624dac568d0366166431494 01-Aug-2012 Simo Sorce <simo@redhat.com>

tests: Remove useless consts Declaring a bunch of structures as const and then wrapping all uses in discard_const_p() is a bit silly. Remove all these useless decorations.
b58460076fe843c11d736ae244c1ac979a6473a4 01-Aug-2012 Simo Sorce <simo@redhat.com>

Change subdomain_info Rename the structure to use a standard name prefix so it is properly name-spaced, in preparation for changing the structure itself.
2bdb99e3578fa8ff606632d9e7242bc753737752 10-Jul-2012 Jakub Hrozek <jhrozek@redhat.com>

Cast uid_t to unsigned long long in DEBUG messages
0d492cf0d3bf44cac68e8606ac977da21f0628f6 31-May-2012 Jan Zeleny <jzeleny@redhat.com>

Ghost members - various small changes
79a93ba6dc35ebe525e2d7587bc7e293e8cf3b81 11-May-2012 Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Handle user and group renames better Fixes a regression in the local domain tools where sss_groupadd no longer detected a GID duplicate. The check for EEXIST is moved one level up into more high level function. The patch also adds the same rename support for users. I found it odd that we allowed a rename of groups but not users. There is a catch when storing a user -- his cached password would be gone. I think that renaming a user is such a rare operation that it's not severe, plus there is a warning in the logs.
e76d78338026fa47dca32eaf7f5c15eabb1b951a 24-Apr-2012 Jan Zeleny <jzeleny@redhat.com>

Sysdb routines for subdomains
d2d2d6ae0c436461bcc8f881df059eb036314c44 29-Feb-2012 Sumit Bose <sbose@redhat.com>

Keep sysdb context in domain info struct
277a0187190fd417696590b303a5d7a204ed0555 24-Feb-2012 Jan Zeleny <jzeleny@redhat.com>

Delete missing attributes from netgroups to be stored https://fedorahosted.org/sssd/ticket/1136
e299638926171e0e92a36122aeff6611cd52418d 31-Jan-2012 Stephen Gallagher <sgallagh@redhat.com>

SYSDB: extend sysdb_store_service() to accept additional attributes
ff907ba7a9b5e429de086515642f97a0447e546a 27-Jan-2012 Stephen Gallagher <sgallagh@redhat.com>

SYSDB: Add indexes for servicePort and serviceProtocol
4c1bf6607060cea867fccf667063c028dfd51e96 27-Jan-2012 Stephen Gallagher <sgallagh@redhat.com>

SYSDB: Add sysdb routines for manipulating service entries
684d1b48b5582a1bf7812b8c3c663592dc6dfed9 13-Oct-2011 Pavel Březina <pbrezina@redhat.com>

SysDB commands that save lastUpdate allows this value to be passed in https://fedorahosted.org/sssd/ticket/836
89caf5edcc99f5731e89bd51e6ffaad3ec11c304 25-Aug-2011 Pavel Březina <pbrezina@redhat.com>

New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0 Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);

/sssd-io/src/monitor/monitor.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/pam/pamsrv.c auth-tests.c crypto-tests.c debug-tests.c fail_over-tests.c files-tests.c krb5_utils-tests.c refcount-tests.c resolv-tests.c simple_access-tests.c strtonum-tests.c sysdb-tests.c util-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/util/debug.c /sssd-io/src/util/server.c /sssd-io/src/util/util.h
99dd40a885ed3d42af4bbbde7ee2fc98830544d0 25-Aug-2011 Pavel Březina <pbrezina@redhat.com>

New DEBUG facility - conversion https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)

/sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/child_common.c /sssd-io/src/providers/data_provider.h /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_fd_events.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/sbus/sssd_dbus_common.c auth-tests.c crypto-tests.c fail_over-tests.c files-tests.c find_uid-tests.c krb5_utils-tests.c refcount-tests.c resolv-tests.c simple_access-tests.c strtonum-tests.c sysdb-tests.c util-tests.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/util/debug.c /sssd-io/src/util/server.c /sssd-io/src/util/util.h
e79d23932ef9d52cf4eb32ddec2d0a9b3af9a9eb 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

sysdb refactoring: memory context deleted This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
8a1738f9379a1b8fb5c95c3df649e014ff5a1434 15-Aug-2011 Jan Zeleny <jzeleny@redhat.com>

sysdb refactoring: deleted domain variables in sysdb API The patch also updates code using modified functions. Tests have also been adjusted.

/sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_id_netgroup.c /sssd-io/src/providers/ldap/sdap_access.c /sssd-io/src/providers/ldap/sdap_async_accounts.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/python/pysss.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv_cmd.c sysdb-tests.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c
ace07a7d75c5a7c3f5613e5349fa8c1ffd05863a 02-Jun-2011 Jan Zeleny <jzeleny@redhat.com>

Non-posix group processing - sysdb changes
d03617ab9106c14b46ab3dc85d5c8ced393da533 25-Apr-2011 Jakub Hrozek <jhrozek@redhat.com>

Case insensitive originalDN test
278e1768a158a73b7769bcfe17035a17e2b81f70 23-Mar-2011 Jakub Hrozek <jhrozek@redhat.com>

Add originalDN to fake groups
c6257286e9a31dfd42d28c99a22a69e2c4717a61 21-Jan-2011 Stephen Gallagher <sgallagh@redhat.com>

Delete attributes that are removed from LDAP Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
84bb9ec1bba8e60d1d87febd48749edd18e16787 20-Dec-2010 Stephen Gallagher <sgallagh@redhat.com>

Add sysdb_has_enumerated and sysdb_set_enumerated helper functions Includes a unit test
e742a3ef2d7cab398bf1f387aa694fd763971d74 17-Dec-2010 Stephen Gallagher <sgallagh@redhat.com>

Fix unchecked return value in test_sysdb_attrs_to_list https://fedorahosted.org/sssd/ticket/714
e194940b169691939c5c8f2a29754df1c7678a42 15-Nov-2010 Stephen Gallagher <sgallagh@redhat.com>

Fix const cast warnings in tests
3fa7380908997eda5e45c5f4d6b512a954d3bc3c 15-Nov-2010 Stephen Gallagher <sgallagh@redhat.com>

Fix const cast warning for sysdb_update_members
3e4ffc5cef28741454015c04aadc16da78aa1209 15-Nov-2010 Stephen Gallagher <sgallagh@redhat.com>

Add unit tests for users and groups with odd characters
8059574092a96396dea64dae13696a7f95b423b1 18-Oct-2010 Stephen Gallagher <sgallagh@redhat.com>

Modify sysdb_[add|remove]_group_member to accept users and groups Previously, it assumed that all members were users. This changes the interface so that either a user or a group can be specified. Also, it eliminates the need for a memory context to be passed, since the internal memory should be self-contained.
7e15d2ed3c01ab3c1f5f882fe8fa974058097bc6 15-Oct-2010 Jakub Hrozek <jhrozek@redhat.com>

sysdb interface for adding incomplete groups Useful for optimizing the initgroups operation.
8c64b46e923ec590984325beedb29fcd09aac0e4 13-Oct-2010 Sumit Bose <sbose@redhat.com>

Also return member groups to the client
8cced6fd66a3243122e0d820ff09b0dcd654cdd2 13-Oct-2010 Stephen Gallagher <sgallagh@redhat.com>

netgroup tests
daa53f46d3ddcba0cbe2d23251c250794e576cf1 13-Oct-2010 Sumit Bose <sbose@redhat.com>

Use POPT_TABLEEND to close option table
e36ec25b898ecba4e28b244683c57a4372731042 22-Sep-2010 Jakub Hrozek <jhrozek@redhat.com>

Fix sysdb_group_dn_name
95126debf6fc78d63ab29dbae19993ef4992e123 15-Sep-2010 Jakub Hrozek <jhrozek@redhat.com>

Add parameter to skip cleanup in sysdb test This might be useful for examining the test database manually with LDB tools
d59e1d2397c92a2c9f43eb310d99d81cc835b37e 03-Aug-2010 Stephen Gallagher <sgallagh@redhat.com>

Add sysdb_update_members function This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
0286d59c82657abe96ccaa3eebea7240ac30ca81 03-Aug-2010 Stephen Gallagher <sgallagh@redhat.com>

Add sysdb_attrs_to_list() utility function
02e38eae1b9cb5df2036a707dafd86f6047c17de 26-May-2010 Sumit Bose <sbose@redhat.com>

Add support for delayed kinit if offline If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.

/sssd-io/contrib/sssd.spec.in /sssd-io/src/Makefile.am /sssd-io/src/config/SSSDConfig.py /sssd-io/src/config/SSSDConfigTest.py /sssd-io/src/config/etc/sssd.api.d/sssd-krb5.conf /sssd-io/src/configure.ac /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_ops.c /sssd-io/src/external/libkeyutils.m4 /sssd-io/src/man/sssd-krb5.5.xml /sssd-io/src/providers/data_provider.h /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_common.h /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_auth.h /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_common.h /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/responder/pam/pamsrv_cmd.c sysdb-tests.c
e5cb301a8cc1272542772715ee9c603a44057b24 14-Apr-2010 Stephen Gallagher <sgallagh@redhat.com>

Fix warning in sysdb-tests.c When we converted to the synchronous sysdb interface, the synchronous-simulating function test_loop() became unnecessary, but we forgot to remove it.
9db5a5140356479a58f2e7212fc5c4ad6135bb7f 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysydb: Finally stop using a common event context This commit completes the migration to a synchronous sysdb
e5e32021c23f3726d68ee756e8e3de48b3214063 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: remove remaining traces of sysdb_handle
88e7576d8bf00bfd0eaed8731b7eee1d6b6e05a1 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_enumgrent
fa362558a3f89644dab60debfbc423fe31a39f00 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_enumpwent
08d9d10747da6900971cdd8fced05ca66f5111e2 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_get_user_attr
ac660a221255b761615f6ecdb63b92a6391a58a2 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getgrgid
25465215742b9c78566d44cd06a886c4a4e43ffa 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getgrnam
a298e5b4050a69238593017ccc774336eb332e16 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getpwuid
7ffaa2afb9e03a6f0b9c602c0f03b2074ea33eac 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_getpwnam
24a947aac2ead046940e9c23ee8393a115ee47a3 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

tests: remove use of asynchronus transactions now all calls are synchronous
c38706faa07a380c542cd1bda3ee54edfaf275d4 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_cache_auth
3b3dc1a8ad19100951d19abe4038791f01faa0b7 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: delete sysdb_delete_group
ed80c73efa51780a39dfc9c72821cf88e95d264c 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_delete_user
4c898e1bb31ccf2af4039a7c3c5fcd82fb5667ed 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_asq_search
a137f77b4ddff7f0651ffda710cec1f01618d7a9 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_store_custom
9def019030f844e429c067c7cca27ff99c921527 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_search_custom
bb0b6b4e39242577f60729fbcbd9e46e7a7af30d 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_cache_password
02a9d8a40dc3a5fd671ede0e4fa7dac5178fbc75 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_mod/add/remove_group_member
ace612f5998f619ba41828d2ba4b80d02a965162 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_store/add(_basic)_group
a6ecb562529430be5a4cd6e8cdd541a383c9a2e1 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_store/add(_basic)_user
506d34d2e84268c6589f613de0cb3992b8fb87a6 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_set_entry/user/group_attr
5c69fd7c03e762a6fb08a7224eb1d6fd2967d09c 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_search_group_by_name/gid
0995e4cc173577122bea5a1d4698262fd0e9c200 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_search_entry and sysdb_delete_recursive
79c090e8c25ac13454b9f12f4d6dc635029a0c9d 12-Apr-2010 Simo Sorce <ssorce@redhat.com>

sysdb: convert sysdb_delete_custom
cae9c9fbdebc3f6a4c390a20e75447217439dff7 12-Apr-2010 Stephen Gallagher <sgallagh@redhat.com>

sysdb: convert sysdb_delete_entry
9fb59763bce293c2490e0b9f8e97bb1f74ba0910 04-Mar-2010 Stephen Gallagher <sgallagh@redhat.com>

Add --with-test-dir option to configure All 'make check' tests will chdir() into this directory before running the suite. This provides the option of having temporary files generated in a tmpfs or ramdisk
1c48b5a62f73234ed26bb20f0ab345ab61cda0ab 18-Feb-2010 Stephen Gallagher <sgallagh@redhat.com>

Rename server/ directory to src/ Also update BUILD.txt

/sssd-io/BUILD.txt /sssd-io/Makefile.am /sssd-io/configure.ac /sssd-io/contrib/sssd.spec.in /sssd-io/src/Makefile.am /sssd-io/src/build_macros.m4 /sssd-io/src/conf_macros.m4 /sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb.h /sssd-io/src/confdb/confdb_private.h /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/confdb/confdb_setup.h /sssd-io/src/config/SSSDConfig.py /sssd-io/src/config/SSSDConfigTest.py /sssd-io/src/config/etc/sssd.api.conf /sssd-io/src/config/etc/sssd.api.d/sssd-ipa.conf /sssd-io/src/config/etc/sssd.api.d/sssd-krb5.conf /sssd-io/src/config/etc/sssd.api.d/sssd-ldap.conf /sssd-io/src/config/etc/sssd.api.d/sssd-local.conf /sssd-io/src/config/etc/sssd.api.d/sssd-proxy.conf /sssd-io/src/config/ipachangeconf.py /sssd-io/src/config/setup.py /sssd-io/src/config/testconfigs/noparse.api.conf /sssd-io/src/config/testconfigs/sssd-badversion.conf /sssd-io/src/config/testconfigs/sssd-invalid-badbool.conf /sssd-io/src/config/testconfigs/sssd-invalid.conf /sssd-io/src/config/testconfigs/sssd-noversion.conf /sssd-io/src/config/testconfigs/sssd-valid.conf /sssd-io/src/config/upgrade_config.py /sssd-io/src/configure.ac /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_private.h /sssd-io/src/db/sysdb_search.c /sssd-io/src/doxy.config.in /sssd-io/src/examples/sssd.conf /sssd-io/src/examples/sssdproxytest /sssd-io/src/examples/sudo /sssd-io/src/external/crypto.m4 /sssd-io/src/external/docbook.m4 /sssd-io/src/external/krb5.m4 /sssd-io/src/external/ldap.m4 /sssd-io/src/external/libcares.m4 /sssd-io/src/external/libcollection.m4 /sssd-io/src/external/libdhash.m4 /sssd-io/src/external/libini_config.m4 /sssd-io/src/external/libldb.m4 /sssd-io/src/external/libpcre.m4 /sssd-io/src/external/libpopt.m4 /sssd-io/src/external/libtalloc.m4 /sssd-io/src/external/libtdb.m4 /sssd-io/src/external/libtevent.m4 /sssd-io/src/external/pam.m4 /sssd-io/src/external/pkg.m4 /sssd-io/src/external/platform.m4 /sssd-io/src/external/python.m4 /sssd-io/src/external/selinux.m4 /sssd-io/src/external/sizes.m4 /sssd-io/src/krb5_plugin/sssd_krb5_locator_plugin.c /sssd-io/src/ldb_modules/memberof.c /sssd-io/src/m4/.dir /sssd-io/src/man/include/failover.xml /sssd-io/src/man/include/param_help.xml /sssd-io/src/man/include/upstream.xml /sssd-io/src/man/sss_groupadd.8.xml /sssd-io/src/man/sss_groupdel.8.xml /sssd-io/src/man/sss_groupmod.8.xml /sssd-io/src/man/sss_groupshow.8.xml /sssd-io/src/man/sss_useradd.8.xml /sssd-io/src/man/sss_userdel.8.xml /sssd-io/src/man/sss_usermod.8.xml /sssd-io/src/man/sssd-ipa.5.xml /sssd-io/src/man/sssd-krb5.5.xml /sssd-io/src/man/sssd-ldap.5.xml /sssd-io/src/man/sssd.8.xml /sssd-io/src/man/sssd.conf.5.xml /sssd-io/src/man/sssd_krb5_locator_plugin.8.xml /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor.h /sssd-io/src/monitor/monitor_interfaces.h /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/po/LINGUAS /sssd-io/src/po/Makevars /sssd-io/src/po/POTFILES.in /sssd-io/src/po/de.po /sssd-io/src/po/es.po /sssd-io/src/po/fr.po /sssd-io/src/po/it.po /sssd-io/src/po/ja.po /sssd-io/src/po/nl.po /sssd-io/src/po/pl.po /sssd-io/src/po/pt.po /sssd-io/src/po/sss_daemon.pot /sssd-io/src/po/sv.po /sssd-io/src/providers/child_common.c /sssd-io/src/providers/child_common.h /sssd-io/src/providers/data_provider.h /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_backend.h /sssd-io/src/providers/dp_sbus.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/fail_over.h /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_access.h /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_auth.h /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_common.h /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_timerules.c /sssd-io/src/providers/ipa/ipa_timerules.h /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_auth.h /sssd-io/src/providers/krb5/krb5_become_user.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_common.h /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_utils.h /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_child.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_common.h /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_id_cleanup.c /sssd-io/src/providers/ldap/ldap_id_enum.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap.c /sssd-io/src/providers/ldap/sdap.h /sssd-io/src/providers/ldap/sdap_async.c /sssd-io/src/providers/ldap/sdap_async.h /sssd-io/src/providers/ldap/sdap_async_accounts.c /sssd-io/src/providers/ldap/sdap_async_connection.c /sssd-io/src/providers/ldap/sdap_async_private.h /sssd-io/src/providers/ldap/sdap_child_helpers.c /sssd-io/src/providers/providers.h /sssd-io/src/providers/proxy.c /sssd-io/src/providers/sssd_be.exports /sssd-io/src/python/pysss.c /sssd-io/src/resolv/ares/ares_data.c /sssd-io/src/resolv/ares/ares_data.h /sssd-io/src/resolv/ares/ares_dns.h /sssd-io/src/resolv/ares/ares_parse_srv_reply.c /sssd-io/src/resolv/ares/ares_parse_srv_reply.h /sssd-io/src/resolv/ares/ares_parse_txt_reply.c /sssd-io/src/resolv/ares/ares_parse_txt_reply.h /sssd-io/src/resolv/async_resolv.c /sssd-io/src/resolv/async_resolv.h /sssd-io/src/responder/common/responder.h /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/common/responder_packet.c /sssd-io/src/responder/common/responder_packet.h /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv.h /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_nc.c /sssd-io/src/responder/nss/nsssrv_nc.h /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv.h /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sbus_client.h /sssd-io/src/sbus/sssd_dbus.h /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_private.h /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/sss_client/common.c /sssd-io/src/sss_client/group.c /sssd-io/src/sss_client/man/pam_sss.8.xml /sssd-io/src/sss_client/pam_sss.c /sssd-io/src/sss_client/pam_test_client.c /sssd-io/src/sss_client/passwd.c /sssd-io/src/sss_client/protos.h /sssd-io/src/sss_client/sss_cli.h /sssd-io/src/sss_client/sss_nss.exports /sssd-io/src/sss_client/sss_pam.exports /sssd-io/src/sss_client/sss_pam_macros.h /sssd-io/src/sysv/SUSE/sssd /sssd-io/src/sysv/sssd auth-tests.c check_and_open-tests.c common.c common.h fail_over-tests.c files-tests.c find_uid-tests.c ipa_ldap_opt-tests.c ipa_timerules-tests.c krb5_utils-tests.c python-test.py refcount-tests.c resolv-tests.c stress-tests.c strtonum-tests.c sysdb-tests.c /sssd-io/src/tools/files.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_sync_ops.h /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/backup_file.c /sssd-io/src/util/check_and_open.c /sssd-io/src/util/crypto_sha512crypt.c /sssd-io/src/util/debug.c /sssd-io/src/util/dlinklist.h /sssd-io/src/util/find_uid.c /sssd-io/src/util/find_uid.h /sssd-io/src/util/memory.c /sssd-io/src/util/nss_sha512crypt.c /sssd-io/src/util/refcount.c /sssd-io/src/util/refcount.h /sssd-io/src/util/server.c /sssd-io/src/util/sha512crypt.h /sssd-io/src/util/signal.c /sssd-io/src/util/signal.m4 /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_krb5.h /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/sss_ldap.h /sssd-io/src/util/strtonum.c /sssd-io/src/util/strtonum.h /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/user_info_msg.h /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h