History log of /sssd-io/src/util/sss_selinux.h
Revision Date Author Comments Expand
c0d1eaeed0bc267fd395ee151a7e0f9f50cb7300 27-Nov-2013 Lukas Slebodnik <lslebodn@redhat.com>

Remove unused parameter from sss_selinux_extract_user
b42bb7d9dbf9a4c44a03e7bf1bab471a8a85e858 19-Mar-2013 Michal Zidek <mzidek@redhat.com>

Move SELinux processing to provider. The SELinux processing was distributed between provider and pam responder which resulted in hard to maintain code. This patch moves the logic to provider. IT ALSO REQUIRES CHANGE IN THE SELINUX POLICY, because the provider also writes the content of selinux login file to disk (which was done by responder before). https://fedorahosted.org/sssd/ticket/1743
2ce00e0d3896bb42db169d1e79553a81ca837a22 15-Jan-2013 Simo Sorce <simo@redhat.com>

Add domain to sysdb_search_user_by_name() Also remove unused sysdb_search_domuser_by_name()
1a3e6221b38a7cae27d7e84a30bb8ea3c3900a47 18-Jul-2012 Jan Zeleny <jzeleny@redhat.com>

Modify priority evaluation in SELinux user maps The functionality now is following: When rule is being matched, its priority is determined as a combination of user and host specificity (host taking preference). After the rule is matched in provider, only its host priority is stored in sysdb for later usage. When rules are matched in the responder, their user priority is determined. After that their host priority is retrieved directly from sysdb and sum of both priorities is user to determine whether to use that rule or not. If more rules have the same priority, the order given in IPA config is used. https://fedorahosted.org/sssd/ticket/1360 https://fedorahosted.org/sssd/ticket/1395
823a5b3f4375f12b6edae4dd5169ee01771baebe 06-Feb-2012 Jan Zeleny <jzeleny@redhat.com>

Added some SELinux-related utility functions