Cross Reference: /sssd/src/providers/ipa/ipa_subdomains_ext

Make DEBUG macro invocations variadic Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*$[^(]+)\((.*?)$\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>

History log of /sssd/src/providers/ipa/ipa_subdomains_ext_groups.c
Revision	Date	Author	Comments Expand
3d29430867cf92b2d71afa95abb679711231117c	15-Jul-2016	Pavel Březina <pbrezina@redhat.com>	DP: rename be_acct_req to dp_id_data Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd/src/providers/ad/ad_id.c /sssd/src/providers/ad/ad_id.h /sssd/src/providers/ad/ad_init.c /sssd/src/providers/ad/ad_pac.c /sssd/src/providers/ad/ad_pac.h /sssd/src/providers/data_provider/dp_custom_data.h /sssd/src/providers/data_provider/dp_target_id.c ipa_id.c ipa_id.h ipa_init.c ipa_s2n_exop.c ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c ipa_views.c /sssd/src/providers/ldap/ldap_common.h /sssd/src/providers/ldap/ldap_id.c /sssd/src/providers/ldap/ldap_init.c /sssd/src/providers/ldap/sdap_refresh.c /sssd/src/providers/proxy/proxy.h /sssd/src/providers/proxy/proxy_id.c /sssd/src/providers/proxy/proxy_init.c /sssd/src/providers/simple/simple_access_check.c /sssd/src/tests/cmocka/test_ad_common.c
e3d447a682164d1f6490227af2df6864ee7d6e1d	07-Jul-2016	Sumit Bose <sbose@redhat.com>	IPA: expand name in ipa_add_ad_memberships_get_next() Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_subdomains_ext_groups.c
dea636af4d1902a081ee891f1b19ee2f8729d759	20-Jun-2016	Pavel Březina <pbrezina@redhat.com>	DP: Switch to new interface Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd/Makefile.am /sssd/src/providers/ad/ad_access.c /sssd/src/providers/ad/ad_access.h /sssd/src/providers/ad/ad_autofs.c /sssd/src/providers/ad/ad_common.h /sssd/src/providers/ad/ad_id.c /sssd/src/providers/ad/ad_id.h /sssd/src/providers/ad/ad_init.c /sssd/src/providers/ad/ad_subdomains.c /sssd/src/providers/ad/ad_subdomains.h /sssd/src/providers/ad/ad_sudo.c /sssd/src/providers/backend.h /sssd/src/providers/data_provider/dp_custom_data.h /sssd/src/providers/data_provider/dp_iface.c /sssd/src/providers/data_provider/dp_iface.h /sssd/src/providers/data_provider/dp_target_auth.c /sssd/src/providers/data_provider/dp_target_autofs.c /sssd/src/providers/data_provider/dp_target_hostid.c /sssd/src/providers/data_provider/dp_target_id.c /sssd/src/providers/data_provider/dp_target_subdomains.c /sssd/src/providers/data_provider/dp_target_sudo.c /sssd/src/providers/data_provider_be.c /sssd/src/providers/data_provider_req.c /sssd/src/providers/data_provider_req.h ipa_access.c ipa_access.h ipa_auth.c ipa_auth.h ipa_autofs.c ipa_common.h ipa_hbac_common.c ipa_hostid.c ipa_hostid.h ipa_id.c ipa_id.h ipa_init.c ipa_selinux.c ipa_selinux.h ipa_subdomains.c ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c ipa_subdomains_server.c ipa_sudo.c /sssd/src/providers/krb5/krb5_auth.c /sssd/src/providers/krb5/krb5_auth.h /sssd/src/providers/krb5/krb5_common.h /sssd/src/providers/krb5/krb5_init.c /sssd/src/providers/ldap/ldap_access.c /sssd/src/providers/ldap/ldap_auth.c /sssd/src/providers/ldap/ldap_common.c /sssd/src/providers/ldap/ldap_common.h /sssd/src/providers/ldap/ldap_id.c /sssd/src/providers/ldap/ldap_init.c /sssd/src/providers/ldap/sdap_access.h /sssd/src/providers/ldap/sdap_autofs.c /sssd/src/providers/ldap/sdap_autofs.h /sssd/src/providers/ldap/sdap_idmap.c /sssd/src/providers/ldap/sdap_online_check.c /sssd/src/providers/ldap/sdap_sudo.c /sssd/src/providers/ldap/sdap_sudo.h /sssd/src/providers/proxy/proxy.h /sssd/src/providers/proxy/proxy_auth.c /sssd/src/providers/proxy/proxy_client.c /sssd/src/providers/proxy/proxy_id.c /sssd/src/providers/proxy/proxy_init.c /sssd/src/providers/simple/simple_access.c /sssd/src/providers/simple/simple_access_check.c /sssd/src/responder/autofs/autofssrv_dp.c /sssd/src/responder/common/responder_dp.c /sssd/src/responder/ssh/sshsrv_dp.c /sssd/src/responder/sudo/sudosrv_dp.c /sssd/src/tests/cmocka/test_nested_groups.c /sssd/src/tests/simple_access-tests.c
22eead9590e11c7adab33ec5ab8b46d3c3cb4406	12-Apr-2016	Lukas Slebodnik <lslebodn@redhat.com>	IPA: Check RDN in ipa_add_ad_memberships_get_next LDB functions ldb_dn_get_component_val and ldb_dn_get_rdn_val validate dn before returning component value. It should be valid DN according to RFC4514. IPA/389ds might return problematic DN due to replication conflicts. e.g. "cn=System: Read Service Delegations+nsuniqueid=b0736336-d06e11e5-8e8acabe-ce8d458d,cn=permissions,dc=example,dc=com" It's better to check return value of these LDb function rather than crash because of dereference of NULL pointer. Resolves: https://fedorahosted.org/sssd/ticket/2980 Reviewed-by: Sumit Bose <sbose@redhat.com> ipa_subdomains_ext_groups.c
b4456f3944e7d02f2976ac77f74aa379a7b06032	05-Apr-2016	Lukas Slebodnik <lslebodn@redhat.com>	IPA: Remove unused parameter from ipa_ext_group_member_check Reviewed-by: Pavel Reichl <preichl@redhat.com> ipa_subdomains_ext_groups.c
401d8b0600dd2d36f6d62ee1d72f56a245cc3158	25-Feb-2016	Jakub Hrozek <jhrozek@redhat.com>	IPA: Use the common if-else coding style Reviewed-by: Petr Cech <pcech@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> ipa_subdomains_ext_groups.c
e2d96566aeb881bd89e5c9236d663f6a9a88019a	24-Feb-2016	Jakub Hrozek <jhrozek@redhat.com>	IPA: Add interface to call into IPA provider from LDAP provider https://fedorahosted.org/sssd/ticket/2522 Adds a pluggable interface that is able to resolve the IPA group's external members. At the moment, the request calls the full be_ interface to make sure all corner cases like id-views are handled internally. Reviewed-by: Sumit Bose <sbose@redhat.com> ipa_id.c ipa_init.c ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c /sssd/src/providers/ldap/sdap.h
d81d8d3dc151ebc95cd0e3f3b14c1cdaa48980f1	17-Mar-2015	Sumit Bose <sbose@redhat.com>	LDAP/AD: do not resolve group members during tokenGroups request During initgroups requests we try to avoid to resolve the complete member list of groups if possible, e.g. if there are no nested groups. The tokenGroups LDAP lookup return the complete list of memberships for a user hence it is not necessary lookup the other group member and un-roll nested groups. With this patch only the group entry is looked up and saved as incomplete group to the cache. This is achieved by adding a new boolean parameter no_members to groups_get_send() and sdap_get_groups_send(). The difference to config options like ldap_group_nesting_level = 0 or ignore_group_members is that if no_members is set to true groups which are missing in the cache are created a incomplete groups. As a result a request to lookup this group will trigger a new LDAP request to resolve the group completely. This way no information is ignored but the time needed to read all data is better distributed between different requests. https://fedorahosted.org/sssd/ticket/2601 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_subdomains_ext_groups.c /sssd/src/providers/ldap/ldap_common.h /sssd/src/providers/ldap/ldap_id.c /sssd/src/providers/ldap/sdap_async.h /sssd/src/providers/ldap/sdap_async_enum.c /sssd/src/providers/ldap/sdap_async_groups.c /sssd/src/providers/ldap/sdap_async_initgroups.c /sssd/src/providers/ldap/sdap_async_initgroups_ad.c /sssd/src/providers/ldap/sdap_async_private.h
b07a3b729892d2bc2ffa73d93de95e19003cc6c8	27-Jan-2015	Pavel Reichl <preichl@redhat.com>	add missing '\n' in debug messages Also reformat debug strings not to exceed 80 columns long lines. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd/src/providers/data_provider_be.c ipa_subdomains_ext_groups.c /sssd/src/providers/ldap/sdap_access.c /sssd/src/responder/pac/pacsrv_cmd.c /sssd/src/tools/sss_cache.c /sssd/src/util/domain_info_utils.c
63748c69a2c6785d949c82f94749704e0408e5a7	26-Jan-2015	Sumit Bose <sbose@redhat.com>	IPA: resolve IPA group-memberships for AD users So far only for initgroups requests the IPA group memberships where resolved for AD users and due to 6fac5e5f0c54a0f92872ce1450606cfcb577a920 those memberships are not overridden by other request. But it turned out that the originalMemberOf attributes related to the IPA group memberships can be overridden by user lookups. Since the originalMemberOf attribute is important in the HBAC evaluation this patch makes sure that the originalMemberOf attribute is not removed but updated during user lookups. Related to https://fedorahosted.org/sssd/ticket/2560 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_subdomains_ext_groups.c ipa_subdomains_id.c
a3c8390d19593b1e5277d95bfb4ab206d4785150	12-Feb-2014	Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>	Make DEBUG macro invocations variadic Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '.[hc]' DEBUG . \| while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\STDIN); $text=~s#(\bDEBUG\s\([^(]+)\((.?)\)\s\)\s;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> /sssd/src/confdb/confdb.c /sssd/src/confdb/confdb_setup.c /sssd/src/db/sysdb.c /sssd/src/db/sysdb_autofs.c /sssd/src/db/sysdb_idmap.c /sssd/src/db/sysdb_ops.c /sssd/src/db/sysdb_ranges.c /sssd/src/db/sysdb_search.c /sssd/src/db/sysdb_selinux.c /sssd/src/db/sysdb_services.c /sssd/src/db/sysdb_ssh.c /sssd/src/db/sysdb_subdomains.c /sssd/src/db/sysdb_sudo.c /sssd/src/db/sysdb_upgrade.c /sssd/src/monitor/monitor.c /sssd/src/monitor/monitor_netlink.c /sssd/src/monitor/monitor_sbus.c /sssd/src/providers/ad/ad_access.c /sssd/src/providers/ad/ad_common.c /sssd/src/providers/ad/ad_domain_info.c /sssd/src/providers/ad/ad_dyndns.c /sssd/src/providers/ad/ad_id.c /sssd/src/providers/ad/ad_init.c /sssd/src/providers/ad/ad_srv.c /sssd/src/providers/ad/ad_subdomains.c /sssd/src/providers/data_provider_be.c /sssd/src/providers/data_provider_callbacks.c /sssd/src/providers/data_provider_fo.c /sssd/src/providers/data_provider_opts.c /sssd/src/providers/dp_auth_util.c /sssd/src/providers/dp_dyndns.c /sssd/src/providers/dp_pam_data_util.c /sssd/src/providers/dp_ptask.c /sssd/src/providers/dp_refresh.c /sssd/src/providers/fail_over.c /sssd/src/providers/fail_over_srv.c ipa_access.c ipa_auth.c ipa_autofs.c ipa_common.c ipa_config.c ipa_dyndns.c ipa_hbac_common.c ipa_hbac_hosts.c ipa_hbac_rules.c ipa_hbac_services.c ipa_hbac_users.c ipa_hostid.c ipa_hosts.c ipa_id.c ipa_idmap.c ipa_init.c ipa_netgroups.c ipa_s2n_exop.c ipa_selinux.c ipa_selinux_maps.c ipa_srv.c ipa_subdomains.c ipa_subdomains_ext_groups.c ipa_subdomains_id.c ipa_sudo.c /sssd/src/providers/krb5/krb5_access.c /sssd/src/providers/krb5/krb5_auth.c /sssd/src/providers/krb5/krb5_become_user.c /sssd/src/providers/krb5/krb5_child.c /sssd/src/providers/krb5/krb5_child_handler.c /sssd/src/providers/krb5/krb5_common.c /sssd/src/providers/krb5/krb5_delayed_online_authentication.c /sssd/src/providers/krb5/krb5_init.c /sssd/src/providers/krb5/krb5_init_shared.c /sssd/src/providers/krb5/krb5_renew_tgt.c /sssd/src/providers/krb5/krb5_utils.c /sssd/src/providers/krb5/krb5_wait_queue.c /sssd/src/providers/ldap/ldap_access.c /sssd/src/providers/ldap/ldap_auth.c /sssd/src/providers/ldap/ldap_child.c /sssd/src/providers/ldap/ldap_common.c /sssd/src/providers/ldap/ldap_id.c /sssd/src/providers/ldap/ldap_id_cleanup.c /sssd/src/providers/ldap/ldap_id_enum.c /sssd/src/providers/ldap/ldap_id_netgroup.c /sssd/src/providers/ldap/ldap_id_services.c /sssd/src/providers/ldap/ldap_init.c /sssd/src/providers/ldap/sdap.c /sssd/src/providers/ldap/sdap_access.c /sssd/src/providers/ldap/sdap_async.c /sssd/src/providers/ldap/sdap_async_autofs.c /sssd/src/providers/ldap/sdap_async_connection.c /sssd/src/providers/ldap/sdap_async_enum.c /sssd/src/providers/ldap/sdap_async_groups.c /sssd/src/providers/ldap/sdap_async_groups_ad.c /sssd/src/providers/ldap/sdap_async_initgroups.c /sssd/src/providers/ldap/sdap_async_initgroups_ad.c /sssd/src/providers/ldap/sdap_async_nested_groups.c /sssd/src/providers/ldap/sdap_async_netgroups.c /sssd/src/providers/ldap/sdap_async_services.c /sssd/src/providers/ldap/sdap_async_sudo.c /sssd/src/providers/ldap/sdap_async_sudo_hostinfo.c /sssd/src/providers/ldap/sdap_async_sudo_timer.c /sssd/src/providers/ldap/sdap_async_users.c /sssd/src/providers/ldap/sdap_autofs.c /sssd/src/providers/ldap/sdap_child_helpers.c /sssd/src/providers/ldap/sdap_dyndns.c /sssd/src/providers/ldap/sdap_fd_events.c /sssd/src/providers/ldap/sdap_id_op.c /sssd/src/providers/ldap/sdap_idmap.c /sssd/src/providers/ldap/sdap_range.c /sssd/src/providers/ldap/sdap_refresh.c /sssd/src/providers/ldap/sdap_reinit.c /sssd/src/providers/ldap/sdap_sudo.c /sssd/src/providers/ldap/sdap_sudo_cache.c /sssd/src/providers/proxy/proxy_auth.c /sssd/src/providers/proxy/proxy_child.c /sssd/src/providers/proxy/proxy_id.c /sssd/src/providers/proxy/proxy_init.c /sssd/src/providers/proxy/proxy_netgroup.c /sssd/src/providers/proxy/proxy_services.c /sssd/src/providers/simple/simple_access.c /sssd/src/providers/simple/simple_access_check.c /sssd/src/resolv/async_resolv.c /sssd/src/resolv/async_resolv_utils.c /sssd/src/responder/autofs/autofssrv.c /sssd/src/responder/autofs/autofssrv_cmd.c /sssd/src/responder/autofs/autofssrv_dp.c /sssd/src/responder/common/negcache.c /sssd/src/responder/common/responder_cmd.c /sssd/src/responder/common/responder_common.c /sssd/src/responder/common/responder_dp.c /sssd/src/responder/common/responder_get_domains.c /sssd/src/responder/nss/nsssrv.c /sssd/src/responder/nss/nsssrv_cmd.c /sssd/src/responder/nss/nsssrv_mmap_cache.c /sssd/src/responder/nss/nsssrv_netgroup.c /sssd/src/responder/nss/nsssrv_private.h /sssd/src/responder/nss/nsssrv_services.c /sssd/src/responder/pac/pacsrv.c /sssd/src/responder/pac/pacsrv_cmd.c /sssd/src/responder/pac/pacsrv_utils.c /sssd/src/responder/pam/pam_LOCAL_domain.c /sssd/src/responder/pam/pam_helpers.c /sssd/src/responder/pam/pamsrv.c /sssd/src/responder/pam/pamsrv_cmd.c /sssd/src/responder/pam/pamsrv_dp.c /sssd/src/responder/ssh/sshsrv.c /sssd/src/responder/ssh/sshsrv_cmd.c /sssd/src/responder/ssh/sshsrv_dp.c /sssd/src/responder/sudo/sudosrv.c /sssd/src/responder/sudo/sudosrv_cmd.c /sssd/src/responder/sudo/sudosrv_dp.c /sssd/src/responder/sudo/sudosrv_get_sudorules.c /sssd/src/responder/sudo/sudosrv_query.c /sssd/src/sbus/sbus_client.c /sssd/src/sbus/sssd_dbus_common.c /sssd/src/sbus/sssd_dbus_connection.c /sssd/src/sbus/sssd_dbus_server.c /sssd/src/sss_client/ssh/sss_ssh_authorizedkeys.c /sssd/src/sss_client/ssh/sss_ssh_knownhostsproxy.c /sssd/src/tests/auth-tests.c /sssd/src/tests/cmocka/test_dyndns.c /sssd/src/tests/cmocka/test_fqnames.c /sssd/src/tests/cmocka/test_nss_srv.c /sssd/src/tests/cmocka/test_utils.c /sssd/src/tests/common_dom.c /sssd/src/tests/common_tev.c /sssd/src/tests/debug-tests.c /sssd/src/tests/files-tests.c /sssd/src/tests/krb5_child-test.c /sssd/src/tests/resolv-tests.c /sssd/src/tests/simple_access-tests.c /sssd/src/tests/sysdb-tests.c /sssd/src/tests/sysdb_ssh-tests.c /sssd/src/tools/files.c /sssd/src/tools/selinux.c /sssd/src/tools/sss_cache.c /sssd/src/tools/sss_debuglevel.c /sssd/src/tools/sss_groupadd.c /sssd/src/tools/sss_groupdel.c /sssd/src/tools/sss_groupmod.c /sssd/src/tools/sss_groupshow.c /sssd/src/tools/sss_seed.c /sssd/src/tools/sss_sync_ops.c /sssd/src/tools/sss_useradd.c /sssd/src/tools/sss_userdel.c /sssd/src/tools/sss_usermod.c /sssd/src/tools/tools_mc_util.c /sssd/src/tools/tools_util.c /sssd/src/tools/tools_util.h /sssd/src/util/authtok.c /sssd/src/util/backup_file.c /sssd/src/util/check_and_open.c /sssd/src/util/child_common.c /sssd/src/util/crypto/libcrypto/crypto_base64.c /sssd/src/util/crypto/libcrypto/crypto_obfuscate.c /sssd/src/util/crypto/nss/nss_obfuscate.c /sssd/src/util/crypto/nss/nss_util.c /sssd/src/util/debug.c /sssd/src/util/domain_info_utils.c /sssd/src/util/find_uid.c /sssd/src/util/nscd.c /sssd/src/util/server.c /sssd/src/util/signal.c /sssd/src/util/sss_ini.c /sssd/src/util/sss_krb5.c /sssd/src/util/sss_krb5.h /sssd/src/util/sss_ldap.c /sssd/src/util/sss_nss.c /sssd/src/util/sss_selinux.c /sssd/src/util/sss_ssh.c /sssd/src/util/sss_tc_utf8.c /sssd/src/util/user_info_msg.c /sssd/src/util/usertools.c /sssd/src/util/util.c /sssd/src/util/util.h /sssd/src/util/util_lock.c /sssd/src/util/well_known_sids.c
d115f40c7a3999e3cbe705a2ff9cf0fd493f80fb	15-Nov-2013	Michal Zidek <mzidek@redhat.com>	SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2) /sssd/src/db/sysdb.h /sssd/src/db/sysdb_autofs.c /sssd/src/db/sysdb_ops.c /sssd/src/db/sysdb_services.c /sssd/src/db/sysdb_ssh.c /sssd/src/db/sysdb_sudo.c ipa_access.c ipa_hbac_common.c ipa_hbac_hosts.c ipa_hbac_services.c ipa_hbac_users.c ipa_id.c ipa_netgroups.c ipa_s2n_exop.c ipa_subdomains_ext_groups.c /sssd/src/providers/krb5/krb5_auth.c /sssd/src/providers/ldap/ldap_auth.c /sssd/src/providers/ldap/ldap_id.c /sssd/src/providers/ldap/ldap_id_cleanup.c /sssd/src/providers/ldap/ldap_id_netgroup.c /sssd/src/providers/ldap/sdap_async_groups.c /sssd/src/providers/ldap/sdap_async_initgroups.c /sssd/src/providers/ldap/sdap_async_initgroups_ad.c /sssd/src/providers/ldap/sdap_async_nested_groups.c /sssd/src/providers/ldap/sdap_async_netgroups.c /sssd/src/providers/ldap/sdap_async_users.c /sssd/src/providers/ldap/sdap_reinit.c /sssd/src/providers/proxy/proxy_auth.c /sssd/src/providers/proxy/proxy_id.c /sssd/src/providers/proxy/proxy_netgroup.c /sssd/src/providers/simple/simple_access_check.c /sssd/src/responder/nss/nsssrv_cmd.c /sssd/src/responder/pac/pacsrv_cmd.c /sssd/src/responder/pac/pacsrv_utils.c /sssd/src/responder/pam/pamsrv_cmd.c /sssd/src/responder/sudo/sudosrv_get_sudorules.c /sssd/src/tests/cmocka/test_nss_srv.c /sssd/src/tests/simple_access-tests.c /sssd/src/tests/sysdb-tests.c /sssd/src/tools/sss_cache.c /sssd/src/tools/sss_groupshow.c /sssd/src/tools/sss_seed.c /sssd/src/tools/sss_sync_ops.c
b3292840ebaa747a9fd596ff47cc5d18198361d0	15-Nov-2013	Michal Zidek <mzidek@redhat.com>	SYSDB: Drop the sysdb_ctx parameter from the sysdb_search module /sssd/src/db/sysdb.c /sssd/src/db/sysdb.h /sssd/src/db/sysdb_search.c /sssd/src/providers/data_provider_be.c ipa_subdomains_ext_groups.c /sssd/src/providers/krb5/krb5_access.c /sssd/src/providers/krb5/krb5_auth.c /sssd/src/providers/krb5/krb5_utils.c /sssd/src/providers/ldap/ldap_auth.c /sssd/src/providers/ldap/sdap_access.c /sssd/src/providers/ldap/sdap_async_initgroups.c /sssd/src/providers/proxy/proxy_id.c /sssd/src/python/pysss.c /sssd/src/responder/nss/nsssrv_cmd.c /sssd/src/responder/nss/nsssrv_netgroup.c /sssd/src/responder/pac/pacsrv_cmd.c /sssd/src/responder/pam/pam_LOCAL_domain.c /sssd/src/responder/pam/pamsrv_cmd.c /sssd/src/responder/ssh/sshsrv_cmd.c /sssd/src/responder/sudo/sudosrv_get_sudorules.c /sssd/src/tests/cmocka/test_nss_srv.c /sssd/src/tests/sysdb-tests.c /sssd/src/tools/sss_groupdel.c /sssd/src/tools/sss_groupmod.c /sssd/src/tools/sss_seed.c /sssd/src/tools/sss_sync_ops.c /sssd/src/tools/sss_sync_ops.h /sssd/src/tools/sss_useradd.c /sssd/src/tools/sss_userdel.c /sssd/src/tools/sss_usermod.c /sssd/src/tools/tools_util.c
1412a7655c53452721d19813b0ab4a1afd2b0744	11-Sep-2013	Lukas Slebodnik <lslebodn@redhat.com>	Use right formating to print string format specifies type 'int' but the argument has type 'const char *' ipa_subdomains_ext_groups.c
0e65abe5cf2abf5d4b431cf6bd161b419f07901d	11-Sep-2013	Lukas Slebodnik <lslebodn@redhat.com>	Fix formating of variables with type: size_t /sssd/src/db/sysdb_autofs.c /sssd/src/db/sysdb_ops.c /sssd/src/db/sysdb_search.c /sssd/src/providers/ad/ad_srv.c /sssd/src/providers/fail_over_srv.c ipa_config.c ipa_idmap.c ipa_netgroups.c ipa_selinux.c ipa_selinux_maps.c ipa_srv.c ipa_subdomains_ext_groups.c /sssd/src/providers/krb5/krb5_child.c /sssd/src/providers/krb5/krb5_child_handler.c /sssd/src/providers/krb5/krb5_renew_tgt.c /sssd/src/providers/ldap/ldap_child.c /sssd/src/providers/ldap/ldap_id_cleanup.c /sssd/src/providers/ldap/sdap_access.c /sssd/src/providers/ldap/sdap_async_autofs.c /sssd/src/providers/ldap/sdap_async_groups.c /sssd/src/providers/ldap/sdap_async_groups_ad.c /sssd/src/providers/ldap/sdap_async_initgroups.c /sssd/src/providers/ldap/sdap_async_initgroups_ad.c /sssd/src/providers/ldap/sdap_async_nested_groups.c /sssd/src/providers/ldap/sdap_async_netgroups.c /sssd/src/providers/ldap/sdap_async_services.c /sssd/src/providers/ldap/sdap_async_sudo.c /sssd/src/providers/ldap/sdap_async_users.c /sssd/src/providers/ldap/sdap_child_helpers.c /sssd/src/providers/simple/simple_access_check.c /sssd/src/responder/nss/nsssrv_mmap_cache.c /sssd/src/responder/pam/pamsrv_cmd.c /sssd/src/util/child_common.c
bb421d65102218cc50ed4a7840090a6cdb6a04c4	05-Sep-2013	Lukas Slebodnik <lslebodn@redhat.com>	Fix warning missing arguments ipa_subdomains_ext_groups.c
caee9828ee30609e9f433957dbb3d0163390a207	28-Aug-2013	Sumit Bose <sbose@redhat.com>	ipa-server-mode: add IPA group memberships to AD users When IPA trusts an AD domain the AD user or groups can be placed into IPA groups e.g. to put AD users under the control of HBAC. Since IPA group can only have members from the IPA directory tree and the AD users and groups are not stored there a special IPA object called external group was introduced. SIDs of users and groups can be added to the external group and since the external groups are in the IPA directory tree they can be member of IPA groups. To speed things up and to remove some load from the IPA servers SSSD reads all external groups and stores them in memory for some time before rereading the data. Enhances https://fedorahosted.org/sssd/ticket/1962 /sssd/Makefile.am /sssd/src/db/sysdb.h ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c