f3347a0c72afc75b4d829e9981d1bac6b05a8306 |
|
14-Oct-2016 |
Sumit Bose <sbose@redhat.com> |
libwbclient-sssd: update interface to version 0.13
This patch adds wbcCtxUnixIdsToSids() and wbcUnixIdsToSids() to SSSD's
libwbclient and implements the latter.
Resolves:
https://fedorahosted.org/sssd/ticket/3181
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> |
b1ce544568eff89f2263ae180e323f263f1cff3a |
|
29-Jun-2016 |
Simo Sorce <simo@redhat.com> |
Secrets: Add autoconf macros to build with secrets
Prepares autoconf for the new Secrets Provider
Related:
https://fedorahosted.org/sssd/ticket/2913
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
1d1a0a019d8d4d9ab0f51ada03604cd2cada287e |
|
21-Jun-2016 |
Sumit Bose <sbose@redhat.com> |
Add winbind idmap plugin
With this plugin winbind can use the same id-mapping as SSSD which makes
it possible to run both together in a consistent way.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
5484044ea7bb632b915f706685fce509f6eacc48 |
|
26-Nov-2015 |
Jakub Hrozek <jhrozek@redhat.com> |
BUILD: Only install polkit rules if the directory is available
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
d9378e64499642e86989158f274372187314d5b2 |
|
26-Sep-2015 |
Lukas Slebodnik <lslebodn@redhat.com> |
CONFIGURE: Remove bashism
There were errors in configure script when /bin/sh was not bash
./configure: 15889: test: xfedora: unexpected operator
./configure: 19981: test: xyes: unexpected operator
./configure: 23103: test: x1: unexpected operator
The equality operator "==" works in bash but it's not a standard.
The man page test(1) also does not mention it.
There is only short version "="
STRING1 = STRING2
the strings are equal |
2b490bc947dbe0094417304840bd721417a162d9 |
|
03-Sep-2015 |
Pavel Reichl <preichl@redhat.com> |
Remove trailing whitespace
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
a5bb518446d5ce565d7ba819590a009cabb0b0b4 |
|
16-Jun-2015 |
Jakub Hrozek <jhrozek@redhat.com> |
CONFIG: Add SSS_STATEDIR as VARDIR/lib/sss
Reviewed-by: Michal Židek <mzidek@redhat.com> |
64ea4127f463798410a2c20e0261c6b15f60257f |
|
14-Jun-2015 |
Jakub Hrozek <jhrozek@redhat.com> |
IPA: Fetch keytab for 1way trusts
Uses the ipa-getkeytab call to retrieve keytabs for one-way trust
relationships.
https://fedorahosted.org/sssd/ticket/2636
Reviewed-by: Sumit Bose <sbose@redhat.com> |
772464c842968d6e544118ae1aa7c49a7cda2ad6 |
|
28-May-2015 |
Stephen Gallagher <sgallagh@redhat.com> |
AD GPO: Change default to "enforcing"
When a user enrolls a system against Active Directory, the expectation
is that the client will honor the centrally-managed settings. In the
past, we avoided changing the default (and left it in permissive mode,
to warn admins that the security policy wasn't being honored) in order
to avoid breaking existing Active Directory enrollments.
However, sufficient time has likely passed for users to become
accustomed to using GPOs to manage access-control for their systems.
This patch changes the default to enforcing and adds a configure flag
for distributions to use if they wish to provide a different default
value.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
1270ffe9f3809f2fd488ef4a320d344ae107ab87 |
|
26-May-2015 |
Sumit Bose <sbose@redhat.com> |
libwbclient-sssd: update interface to version 0.12
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
889706cbc739358c2a0aac2ba6bc054fdc8e048b |
|
25-Feb-2015 |
Lukas Slebodnik <lslebodn@redhat.com> |
SPEC: Build python3 bindings on available platforms
Resolves:
https://fedorahosted.org/sssd/ticket/2574
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> |
4a5a18f489f4d19aa0571528a7f0c7a8d35ac83f |
|
25-Feb-2015 |
Lukas Slebodnik <lslebodn@redhat.com> |
BUILD: Add possibility to build python{2,3} bindings
Resolves:
https://fedorahosted.org/sssd/ticket/2574
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> |
5bb0c0596765dd5dd1973b7fc2d1e830bca3e345 |
|
08-Dec-2014 |
Lukas Slebodnik <lslebodn@redhat.com> |
sss_client: Work around glibc bug
glibc is inconsistent with how it treats and returns NSS_STATUS_UNAVAIL.
The sss nss plugin is present in nsswitch by default on some platforms
due to glibc caching and problem with long living applications (e.g. GNOME).
But sssd needn't be configuread and it cause problems in some programs.
In this situation, the SSSD nss plugin should behave as if it was functioning
but had no data even thought sssd is not running. The errors have to be passed
from nss plugin up to the user with minimal moidiffication.
Thanks to Stephen Gallagher for initial patch.
Resolves:
https://fedorahosted.org/sssd/ticket/2439
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
eaaeaa7e00c3d4bfa792cc4d3c6770dc1e28ef0c |
|
25-Nov-2014 |
Sumit Bose <sbose@redhat.com> |
Fix KRB5_CONF_PATH
Currently a shell/Makefile variable is used in the definition of
KRB5_CONF_PATH for C code. This patch replaces it with a complier macro.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
bc13c352ba9c2877f1e9bc62e55ad60fc000a55d |
|
22-Oct-2014 |
Jakub Hrozek <jhrozek@redhat.com> |
BUILD: Add a config option for sssd user, own private directories as the user
Adds a new configure-time option that lets you select the user to run
SSSD as. The default is 'root' for backwards compatibility.
The directories the deamon stores its private data at are also created
as owned by this user during install time.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com> |
fe008197e415e10994e1fd96a9ff060be77ac6c4 |
|
02-Sep-2014 |
Lukas Slebodnik <lslebodn@redhat.com> |
AUTOCONF: Update detection of libnfsidmap
Reviewed-by: Michal Židek <mzidek@redhat.com>
Reviewed-by: Roland Mainz <rmainz@redhat.com> |
a9c287bda3fc2a1e12cef2135ade96945f11ad01 |
|
02-Sep-2014 |
Sumit Bose <sbose@redhat.com> |
libwbclient: make build optional
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
b9c8ce2bdd4045782c243605a1b999098bedcffc |
|
02-Sep-2014 |
Noam Meltzer <tsnoam@gmail.com> |
NFSv4 client: add to build system
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Roland Mainz <rmainz@redhat.com> |
32381402a4a9afc003782c9e2301fc59c9bda2a9 |
|
20-Jul-2014 |
Yassir Elley <yelley@redhat.com> |
AD-GPO: Store policy settings in local files
Reviewed-by: Sumit Bose <sbose@redhat.com> |
5377441d7a846461c2d9a7a870cea711360a529a |
|
19-Jun-2014 |
Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
build: Augment systemdconfdir at configure stage
Add "/sssd.service.d" to systemdconfdir at configure stage, instead of
the make stage. This way, if systemd is not used, systemdconfdir
variable stays empty. That in turn, works around the attempt by older
versions of Automake to create the installation directory even though no
files are installed there [1].
This fixes installation and distcheck target on RHEL6, where an
"/sssd.service.d" directory creation would otherwise be attempted.
[1] http://debbugs.gnu.org/cgi/bugreport.cgi?bug=11030
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
4bd20c075f0f187db0181dc53d00ab6cd47fdb4d |
|
30-May-2014 |
Jakub Hrozek <jhrozek@redhat.com> |
BUILD: Disable dbus tests when running distcheck
https://fedorahosted.org/sssd/ticket/2291
The dbus tests that mock an sbus server were failing when make distcheck
was ran by a user logged in through the SSSD.
The reason was that the libtool wrapper around the test library alters
the LD_LIBRARY_PATH and as a consequence, the standard getpwuid_r() calls
the dbus server performs would load the in-tree NSS library and not the
system one. The-in tree library would then attempt to talk to an in-tree
NSS socket, fail, which would fail the getpwuid_r call with an error such as:
"""
Could not get password database information for UID of current process:
User "???" unknown or no memory to allocate password entry
"""
This patch adds a new configure-time option called --enable-dbus-tests
that is enabled by default and disabled during distcheck. When the
option is disabled, the tests that require a mocked dbus server are not
compiled at all. |
a2e417f38c57ed87c956ddcecf4dafca93842b65 |
|
16-May-2014 |
Lukas Slebodnik <lslebodn@redhat.com> |
BUILD: Make samba4 libraries optional
Samba 4 libraries are necessary for building {ad, ipa} provider,
but samba4 needn't be available on older distributions.
This patch add possibility to build SSSD without {ad, ipa} provider
and thus without Samba 4 libraries.
The script configure have new argument --with-samba with default value yes.
Reviewed-by: Michal Židek <mzidek@redhat.com> |
cb4d5b588e704114b7090678752d33512baa718e |
|
04-Apr-2014 |
Jakub Hrozek <jhrozek@redhat.com> |
IFP: Re-add the InfoPipe server
Related:
https://fedorahosted.org/sssd/ticket/2072
This commit only adds the responder and the needed plumbing. No DBus
related code is in yet. |
d880cd72bf9ac203da973a56c4737b3ac05706a8 |
|
03-Apr-2014 |
Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
Remove --with-distro-version
Remove support for "--with-distro-version" configure option as unused.
The option was added in August 2011 (d3da1c1). As of now nothing seems
to use it. Packaging checked: rpm, deb, pacman, ebuilds, FreeBSD ports.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
9542512d7be40f2000298c86d3d2b728f4f0f65a |
|
19-Feb-2014 |
Stephen Gallagher <sgallagh@redhat.com> |
BUILD: Simplify enabling journald on installed systems
systemd supports overrides of the standard service file to be placed in
/etc/systemd/system/<service>.service.d/
With this patch, we will install a commented-out override file to /etc
that will instruct the user on how to enable logging to journald.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
af4ffe1001adcc0a96897e426d26444f07af9aa1 |
|
15-Oct-2013 |
Benjamin Franzke <benjaminfranzke@googlemail.com> |
Add CIFS idmap plugin
https://fedorahosted.org/sssd/ticket/1534 |
77c0d1f6074059dafd2293f9c42ea0f9d60f8aad |
|
18-Sep-2013 |
Jakub Hrozek <jhrozek@redhat.com> |
Add journald support |
36ccdecd053a9ad88dce86b8c84770dc2aa11d21 |
|
09-Sep-2013 |
Simo Sorce <simo@redhat.com> |
tests: Add dlopen test to make sure modules works
This tests dlopens and resolves all symbols to make sure there are no missing
symbols in our provider modules. |
dcc6877aa2e2dd63a9dc9c411a9c58feaeb36b9a |
|
28-Aug-2013 |
Stephen Gallagher <sgallagh@redhat.com> |
krb5: Fetch ccname template from krb5.conf
In order to use the same defaults in all system daemons that needs to know how
to generate or search for ccaches we introduce ode here to take advantage of
the new option called default_ccache_name provided by libkrb5.
If set this variable we establish the same default for all programs that surce
it out of krb5.conf therefore providing a consistent experience across the
system.
Related:
https://fedorahosted.org/sssd/ticket/2036 |
07d82f79d2970a08628ebf71343441ec55faa6fa |
|
25-Jun-2013 |
Pavel Březina <pbrezina@redhat.com> |
init script: source /etc/sysconfig/sssd
https://fedorahosted.org/sssd/ticket/1959 |
03713859dffacc7142393e53c73d8d4cf7dee8d5 |
|
16-Jun-2013 |
Pavel Březina <pbrezina@redhat.com> |
subdomains: touch krb5.conf when creating new domain-realm mappings
https://fedorahosted.org/sssd/ticket/1815 |
574a1c20f114851071ae74112b34488c3d1aeeb3 |
|
21-May-2013 |
Ondrej Kos <okos@redhat.com> |
Check NSCD configuration file
https://fedorahosted.org/sssd/ticket/1785
nscd.conf file is now checked for the presence of caching settings for
databases controlled by SSSD. Syslog warning is now written only if NSCD
is running with interfering configuration or if configuration file
couldn't be loaded.
New configure option added to support non-standard locations
--with-nscd-conf=PATH (defaultly set to /etc/nscd.conf)
This is just a workaround until the following bugzilla is resolved:
https://bugzilla.redhat.com/show_bug.cgi?id=963908 |
9a0255c508ede92423a1f8a02c6c38328482c55f |
|
02-May-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Default TEST_DIR to cwd, not empty string if not set explicitly
If configure isn't being run with argument --with-test-dir, then variable
TEST_DIR will be defined, but its value will be empty (""). In this case
opendir will fail with uncatched error "Directory does not exist, or name is
an empty string". Finally function call dirfd will segfault because its
argument is NULL.
I changed default value of TEST_DIR (if --with-test-dir was not used).
Function tests_set_cwd does not ignore return value of chdir, because
TEST_DIR should not be the empty string. |
539b1be3507abdf8ac235b06eeed5011b0b5cde2 |
|
27-Mar-2013 |
Ondrej Kos <okos@redhat.com> |
Provide libnl3 support
https://fedorahosted.org/sssd/ticket/812
Update the monitor code to be using the new libnl3 API.
Changed configure option
--with-libnl
By default, it tries to build with libnl3, if not found, then with
libnl1, if this isn't found either, build proceeds without libnl, just
with warning.
Specifing --with-libnl=<libnl3|libnl1|no> checks for the specific given
version, if not found, configure ends with error. |
b2f9e5b7d553172401a340eb4a9c3abda6b5db43 |
|
24-Sep-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
autofs, sudo, ssh and PAC are not experimental anymore |
d783d4562c704ccc65143370a4e0c2dfd91c61d2 |
|
25-Jun-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
BUILD: Change default unicode library to glib2
This patch also removes the references to 'cvs' and 'nscd' from
BUILD.txt, as they are no longer necessary. |
90fd1bbd6035cdab46faa3a695a2fb2be6508b17 |
|
21-Jun-2012 |
Sumit Bose <sbose@redhat.com> |
PAC client: add krb5 authdata plugin |
bc9235cfb80bd64a3bfa959e8d26d5ad1be0bdf4 |
|
14-Jun-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
Make krb5_ccname_template and krb5_ccachedir configurable |
eb2e21b764d03544d8161e9956d7f70b07b75f77 |
|
19-Mar-2012 |
Simo Sorce <simo@redhat.com> |
nsssrv: shared memory cache server initialization |
3b917f1d971d034cc758ceb5e215edb59afd9105 |
|
27-Feb-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
Eliminate build-time requirement for nscd
We will now use the autodetected location if available, or else
fall back to a value provided by --with-nscd in configure and
finally resort to a hard-coded default of /usr/sbin/nscd. |
e124844907ed6973915e4d56f5442ecd07535a12 |
|
07-Feb-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
Make sudo installation path configurable, install into libdir by default |
34c78b745eb349eef2b0f13ef2b722632aebe619 |
|
07-Feb-2012 |
Jan Cholasta <jcholast@redhat.com> |
BUILD: Introduce a --with-ssh config option |
f36078af138f052cd9a30360867b0ebd0805af5e |
|
06-Feb-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
BUILD: Introduce a --with-autofs config option
This would allow to select the autofs feature during build without
having to select the other features. |
5f5a6990e027cb822bced67b662296b9d9a8b618 |
|
04-Feb-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
Fix configure with old autoconf versions |
be65f065fef1d387281096ef095a2acef39ecc12 |
|
04-Feb-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
SUDO: introduce a new config option --with-sudo
At the time being the option is also turned on when
--enable-all-experimental-features is specified.
https://fedorahosted.org/sssd/ticket/1145 |
98ce3c3e85a4bb2e1822bf8ab2a1c2ab9e3dd61d |
|
17-Jan-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
Add a configure switch to specify 3rd party app libraries location |
d3da1c165cdb4c1ec126a8f4b6b544ca415b9d20 |
|
08-Dec-2011 |
Pavel Březina <pbrezina@redhat.com> |
Added sssd --version option
https://fedorahosted.org/sssd/ticket/953 |
b32159300fea63222d8dd9200ed634087704ea74 |
|
05-Dec-2011 |
Stephen Gallagher <sgallagh@redhat.com> |
Allow using Glib for UTF8 support |
4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256 |
|
02-Sep-2011 |
Stephen Gallagher <sgallagh@redhat.com> |
Add option to specify the kerberos replay cache dir
Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.
https://fedorahosted.org/sssd/ticket/980 |
f7cfc227904771bccfda4f03f552923794dbb0c0 |
|
08-Jul-2011 |
Sumit Bose <sbose@redhat.com> |
Add support for experimental features
New experimental features should have their own configure switch to
enable or disable them at compile time. Additionally they can check if
the configure variable build_all_experimental_features is set and enable
the feature. This variable will be set if the command line option
--enable-all-experimental-features is used to configure sssd. This will
make it easy to enable all experimental features.
Experimental features should be marked in the man pages. To simplify
this include/experimental.xml can be used. |
068dbee9ca7bf5b37330eff91c94ae10f288d09f |
|
20-May-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Add new options to override shell value
https://fedorahosted.org/sssd/ticket/742 |
172c07013d1ea99447a780fd36f49d5c3a76981b |
|
27-Apr-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Require openssl-devel is libcrypto backend is selected |
2a5790216f57e9bdfb2930d52860bb5300366536 |
|
12-Apr-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Provide a configuration option to use systemd unit file
https://fedorahosted.org/sssd/ticket/837 |
5352c9b3609bca63814f9f6f03dbbbadf6c6333a |
|
17-Jan-2011 |
Stephen Gallagher <sgallagh@redhat.com> |
Remove support for pre-1.1 netlink
Netlink 1.0 and older is buggy and unreliable, occasionally
causing tight-loops. We're no longer going to try to support it.
https://fedorahosted.org/sssd/ticket/755 |
327127bb7fcc07f882209f029e14026de1b23c94 |
|
02-Sep-2010 |
Maxim <kolmax94@gmail.com> |
Add gentoo-specific init dir
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> |
90acbcf20b5f896ca8f631923afe946c90d90de7 |
|
09-Jul-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
Use netlink to detect going online
Integrates libnl to detect adding routes. When a route is added, the
offline status of all back ends is reset. This patch adds no heuristics
to detect whether back end went offline.
Fixes: #456 |
c8b9cf339e84576293113df914498a80ec1989dc |
|
21-May-2010 |
Petter Reinholdtsen <pere@hungry.com> |
Remove bash-isms from configure macros |
9c124af8868a7d3908c03ec369e28daef17d5f12 |
|
08-Apr-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
SELinux login management
Adds a new option -Z to sss_useradd and sss_usermod. This option allows
user to specify the SELinux login context for the user. On deleting the
user with sss_userdel, the login mapping is deleted, so subsequent
adding of the same user would result in the default login context unless
-Z is specified again.
MLS security is not supported as of this patch. |
a7ba548f366ee4b0805000f7e339ac7e18e1f74e |
|
15-Mar-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
Remove unused M4 code |
e45fcd9e478300e6be8a49402fcea81fce623804 |
|
15-Mar-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
Flush NSCD cache after modifying local database
Fixes: #221 |
9fb59763bce293c2490e0b9f8e97bb1f74ba0910 |
|
04-Mar-2010 |
Stephen Gallagher <sgallagh@redhat.com> |
Add --with-test-dir option to configure
All 'make check' tests will chdir() into this directory before
running the suite. This provides the option of having temporary
files generated in a tmpfs or ramdisk |
1c48b5a62f73234ed26bb20f0ab345ab61cda0ab |
|
18-Feb-2010 |
Stephen Gallagher <sgallagh@redhat.com> |
Rename server/ directory to src/
Also update BUILD.txt |