69e8b7fcb9e3dc814a9ffc2a97fa656521cc4505 |
|
27-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Share common code of save_{group,user}()
These two functions (save_user() and save_group()) share, between
themselves, the code preparing the attributes that are going to be
stored in the sysdb.
This patch basically splits this code out of those functions and
introduces the new prepare_attrs_for_saving_ops().
Related:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
9900d2b153ebb7d994ccd05275f18b973556d5b3 |
|
27-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Mention that save_user()'s parameters are already qualified
Those comments are similar to what we have in the save_group() function.
Related:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
221d70ae3c5b7bc7384f57ffd3f88f89a3e6ae6a |
|
27-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Remove cache_timeout attribute from save_group()
As this function already receives a struct sss_domain_info * parameter
as argument, we can simply get the cache_timeout attribute by accessing
domain->group_timeout.
Related:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
2537fe318a3866780abca100cf6eb7c258f9d02b |
|
27-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Remove cache_timeout attribute from save_user()
As this function already receives a struct sss_domain_info * parameter
as argument, we can simply get the cache_timeout attribute by accessing
domain->user_timeout.
Related:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
413aef1529fb3d5ed4d0f38e219f5456d7fe3ae0 |
|
27-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Remove lowercase attribute from save_user()
As this function already receives a struct sss_domain_info * parameter
as argument, we can simply check whether we will need a lowercase name
by accessing domain->case_sensitive.
Related:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
5691b2d668541585d2a8ae3ddb834f29d828036e |
|
24-Aug-2016 |
Fabiano Fidêncio <fidencio@redhat.com> |
PROXY: Use the fqname when converting to lowercase
When saving the user there is a comparison between the "cased alias"
and the "lowercase password name". However, the first doesn't use fully
qualified name while the second does, resulting in a not expected
override of the "nameAlias" attribute of a stored user when trying to
authenticate more than once using an alias.
Resolves:
https://fedorahosted.org/sssd/ticket/3134
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
3d29430867cf92b2d71afa95abb679711231117c |
|
15-Jul-2016 |
Pavel Březina <pbrezina@redhat.com> |
DP: rename be_acct_req to dp_id_data
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
526d4d5e5a916cf30a043836cba14eab529cb7b1 |
|
07-Jul-2016 |
Jakub Hrozek <jhrozek@redhat.com> |
PROXY: Use fully qualified names internally
Only user shortnames to interact with the system.
Reviewed-by: Sumit Bose <sbose@redhat.com> |
dea636af4d1902a081ee891f1b19ee2f8729d759 |
|
20-Jun-2016 |
Pavel Březina <pbrezina@redhat.com> |
DP: Switch to new interface
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> |
18e24f20a4aef66a4899367a0775a98ab2acd18e |
|
27-Feb-2015 |
Pavel Reichl <preichl@redhat.com> |
PROXY: add missing space in debug message
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
22e074249928605a1d5b926274ae2efb1596bc73 |
|
13-Nov-2014 |
Michal Zidek <mzidek@redhat.com> |
proxy: Do not try to store same alias twice
LDB does not store attributes if they have the
same name and value and errors out instead.
Fixes:
https://fedorahosted.org/sssd/ticket/2461
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> |
5c233380e1ebf641f6106a34d7b94f9e9a606589 |
|
12-Feb-2014 |
Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
Remove DEBUG macro support for old debug levels
Remove support for specifying old debug levels to the DEBUG macro:
* remove debug_get_level function which was used for conversion,
* remove debug_get_level tests,
* remove mentions of old/new levels from DEBUG and DEBUG_IS_SET
macro descriptions,
* rename "newlevel" argument of debug_fn to just "level".
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com> |
83bf46f4066e3d5e838a32357c201de9bd6ecdfd |
|
12-Feb-2014 |
Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
Update DEBUG* invocations to use new levels
Use a script to update DEBUG* macro invocations, which use literal
numbers for levels, to use bitmask macros instead:
grep -rl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e 'use strict;
use File::Slurp;
my @map=qw"
SSSDBG_FATAL_FAILURE
SSSDBG_CRIT_FAILURE
SSSDBG_OP_FAILURE
SSSDBG_MINOR_FAILURE
SSSDBG_CONF_SETTINGS
SSSDBG_FUNC_DATA
SSSDBG_TRACE_FUNC
SSSDBG_TRACE_LIBS
SSSDBG_TRACE_INTERNAL
SSSDBG_TRACE_ALL
";
my $text=read_file(\*STDIN);
my $repl;
$text=~s/
^
(
.*
\b
(DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM)
\s*
\(\s*
)(
[0-9]
)(
\s*,
)
(
\s*
)
(
.*
)
$
/
$repl = $1.$map[$3].$4.$5.$6,
length($repl) <= 80
? $repl
: $1.$map[$3].$4."\n".(" " x length($1)).$6
/xmge;
print $text;
' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com> |
a3c8390d19593b1e5277d95bfb4ab206d4785150 |
|
12-Feb-2014 |
Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> |
Make DEBUG macro invocations variadic
Use a script to update DEBUG macro invocations to use it as a variadic
macro, supplying format string and its arguments directly, instead of
wrapping them in parens.
This script was used to update the code:
grep -rwl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e \
'use strict;
use File::Slurp;
my $text=read_file(\*STDIN);
$text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs;
print $text;' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com> |
c9124effceb40890bc9dd157155618067a7b8d2f |
|
19-Dec-2013 |
Sumit Bose <sbose@redhat.com> |
Use sysdb_attrs_add_lc_name_alias to add case-insensitive alias |
7ff5374d0103f8e2e03ef15790838b85918153ae |
|
27-Nov-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Remove unused memory context in proxy |
19a410288778a3aaf6a01bc71cacb8cb46465875 |
|
27-Nov-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Remove unused parameter from save_netgroup |
29d85ae19933805622fdcead4ea43ba2d06cc3f0 |
|
27-Nov-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Remove unused parameter from save_user |
428f137041034362a1cc6b64d68011a1d3f67cd7 |
|
27-Nov-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Remove unused parameter from delete_user |
d115f40c7a3999e3cbe705a2ff9cf0fd493f80fb |
|
15-Nov-2013 |
Michal Zidek <mzidek@redhat.com> |
SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2) |
4c08db0fb0dda3d27b1184248ca5c800d7ce23f0 |
|
15-Nov-2013 |
Michal Zidek <mzidek@redhat.com> |
SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 1) |
4fcc50e133f90cd4c5931a3ac48c84cb628b16fc |
|
15-Nov-2013 |
Michal Zidek <mzidek@redhat.com> |
SYSDB: Drop the sysdb_ctx parameter from the sysdb_services module |
b3292840ebaa747a9fd596ff47cc5d18198361d0 |
|
15-Nov-2013 |
Michal Zidek <mzidek@redhat.com> |
SYSDB: Drop the sysdb_ctx parameter from the sysdb_search module |
a4bf85ccc902490c3b75b44532010fbb32169801 |
|
11-Sep-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Fix formating of variables with type: gid_t |
f2c346eaa486431ffa2a3adc05356159de834e2e |
|
11-Sep-2013 |
Lukas Slebodnik <lslebodn@redhat.com> |
Fix formating of variables with type: uid_t |
01d048293cba60cf45ca2791585a7d6dc3bf57b2 |
|
03-Sep-2013 |
Jakub Hrozek <jhrozek@redhat.com> |
PROXY: Handle empty GECOS
If the user's GECOS as returned by the proxied module is an empty string
(as opposed to NULL), the ldb transaction would error out. |
66d1f565dfb39325ab7daa264b5795b1f348756e |
|
22-Aug-2013 |
Simo Sorce <simo@redhat.com> |
proxy: Allow initgroup to return NOTFOUND
When the user is only member of its own primary group, initgroups_dyn may
return NOTFOUND as, at least for the 'files' nss provider the code skips the
passed in group.
Resolves:
https://fedorahosted.org/sssd/ticket/2051 |
206329d3901738036352f2ac1e8d7804f728861d |
|
02-May-2013 |
Sumit Bose <sbose@redhat.com> |
Add secid filter to responder-dp protocol
This patch add a new filter type to the data-provider interface which
can be used for SID-based lookups. |
cbaba2f47da96c4191971bce86f03afb3f88864a |
|
21-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add be_req_get_data() helper funciton.
In preparation for making struct be_req opaque. |
03abdaa21ecf562b714f204ca42379ff08626f75 |
|
21-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add be_req_get_be_ctx() helper.
In preparation for making be_req opaque |
8e5549e453558d4bebdec333a93e215d5d6ffaec |
|
21-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Introduce be_req_terminate() helper
Call it everywhere instead of directly dereferencing be_req->fn
This is in preparation of making be_req opaque. |
df0596ec12bc5091608371e2977f3111241e8caf |
|
21-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Remove sysdb as a be context structure member
The sysdb context is already available through the 'domain' structure. |
a58ccee5afc802c7560624929614616aeefa9bd0 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add domain argument to sysdb_delete_group()
Also remove sysdb_delete_domgroup() |
3412d14d65490c32414e72ac20fe21bad53ceb45 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add domain argument to sysdb_delete_user()
Also remove sysdb_delete_domuser() |
99c0cfdc5f065ba38f1ee91701d1d27f9e4fdb96 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add domain argument to sysdb_store_group()
Also remove sysdb_store_domgroup() |
6ac396bebb4cd3124711d26dce54263f6f9c7c45 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add domain argument to sysdb_store_user()
Also remove sysdb_store_domuser() |
2ce00e0d3896bb42db169d1e79553a81ca837a22 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Add domain to sysdb_search_user_by_name()
Also remove unused sysdb_search_domuser_by_name() |
2d66c2eee2e4364a52d5436b61759ef990108230 |
|
15-Jan-2013 |
Simo Sorce <simo@redhat.com> |
Pass domain to sysdb_get<pwu/grg><id() functions |
2bc09619e5c8f8c02bcd169ade1878ef28aedb4c |
|
17-Dec-2012 |
Ondrej Kos <okos@redhat.com> |
PROXY: fix groups caching
https://fedorahosted.org/sssd/ticket/1685
Properly react on deleting group which was not found in sysdb. |
9579839a00493830c10a856ad1f5e035b6fa3b45 |
|
10-Dec-2012 |
Ondrej Kos <okos@redhat.com> |
PROXY: fix negative cache
https://fedorahosted.org/sssd/ticket/1685
The PROXY provider wasn't storing credentials to negative cache due to
bad return value. This was delegated from attempt to delete these
credentials from local cache. Therefore ENOENT is replaced as EOK. |
e11c7dc43f4ff9897e37cc0d793f8e1fb3b8453a |
|
04-Dec-2012 |
Simo Sorce <simo@redhat.com> |
Use an entry type mask macro to filter entry types
Avoids hardcoding magic numbers everywhere and self documents why a
mask is being applied. |
8455d5ab61184e0d126fc074a9ce6e98391eb909 |
|
20-Nov-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
LDAP: Only convert direct parents' ghost attribute to member
https://fedorahosted.org/sssd/ticket/1612
This patch changes the handling of ghost attributes when saving the
actual user entry. Instead of always linking all groups that contained
the ghost attribute with the new user entry, the original member
attributes are now saved in the group object and the user entry is only
linked with its direct parents.
As the member attribute is compared against the originalDN of the user,
if either the originalDN or the originalMember attributes are missing,
the user object is linked with all the groups as a fallback.
The original member attributes are only saved if the LDAP schema
supports nesting. |
21d485184df986e1a123f70c689517386e51a5ce |
|
23-Aug-2012 |
Michal Zidek <mzidek@redhat.com> |
Unify usage of sysdb transactions
Removing bad examples of usage of sysdb_transaction_start/commit/end
functions and making it more consistent (all files except of
src/db/sysdb_*.c). |
499718cb04a534ba76ee9dfb055c2bfc96fdeeb3 |
|
09-Aug-2012 |
Ondrej Kos <okos@redhat.com> |
Backward GOTOs rewritten into do-while loops. |
d91efcea3cbdd7a617f35d3733c2fd14e7efeb86 |
|
06-Aug-2012 |
Ondrej Kos <okos@redhat.com> |
Removed unused variable assignment
https://fedorahosted.org/sssd/ticket/1453 |
8c8cbddeabe585377a5fb3d5df09cc9a236b77dd |
|
31-May-2012 |
Jan Zeleny <jzeleny@redhat.com> |
Ghost members - support in proxy provider |
c5eb0dc6c5ce2940f329c477aeecb57e2d8ec38d |
|
14-May-2012 |
Ariel Barria <arielb@fedoraproject.org> |
Potential NULL dereference in proxy provider |
c9041cb7addc1a49e0771246d17de101662fbcbc |
|
03-May-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
PROXY: return correct return codes
We were reporting on the value of "status" instead of "ret'. We also
didn't set ret to EOK in cases group contained no members. |
51773686d354b82081830444c048706d83d43d65 |
|
20-Apr-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
proxy: new option proxy_fast_alias |
28d1ff294f7d612f6d37c82ed426b8bf5c34bfaf |
|
20-Apr-2012 |
Jakub Hrozek <jhrozek@redhat.com> |
proxy: Canonicalize user and group names
https://fedorahosted.org/sssd/ticket/1249 |
b6a8bdebb40a63d2adc50c574fee88229d1e8f3d |
|
09-Mar-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
PROXY: Create fake user entries for group lookups |
de5dcfd8e6a8aabd2064cbb86e6c2a3f304b1ca5 |
|
13-Feb-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
Fix uninitialized value error in proxy provider
Coverity #12467 |
bd92e8ee315d4da9350b9ef0358c88a7b54aeebe |
|
04-Feb-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
NSS: Add individual timeouts for entry types
https://fedorahosted.org/sssd/ticket/1016 |
627d83dff183219826489949cb55ef71945e94ab |
|
27-Jan-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
PROXY: add support for enumerating services |
aec5785126354bd8b192f63fe04ea08dae9c0705 |
|
27-Jan-2012 |
Stephen Gallagher <sgallagh@redhat.com> |
PROXY: add support for service lookups (non-enumeration) |
4e9631a9f1ae87317eef53145622099c46196b56 |
|
16-Dec-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Use the case sensitivity flag in the proxy provider |
ac3a1f3da772cf101101c31675c63dc3549b21b5 |
|
22-Nov-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Cleanup: Remove unused parameters |
72c3fe563ad7a59b65ae7fa757fc602fe26164c2 |
|
07-Nov-2011 |
Jan Zeleny <jzeleny@redhat.com> |
Fixed empty loginShell in proxy provider
https://fedorahosted.org/sssd/ticket/892 |
684d1b48b5582a1bf7812b8c3c663592dc6dfed9 |
|
13-Oct-2011 |
Pavel Březina <pbrezina@redhat.com> |
SysDB commands that save lastUpdate allows this value to be passed in
https://fedorahosted.org/sssd/ticket/836 |
95d3cb8d4ff2e3e8fdc186f2ebf617fd29ddfdec |
|
03-Oct-2011 |
Jakub Hrozek <jhrozek@redhat.com> |
Use explicit base 10 for converting strings to integers
https://fedorahosted.org/sssd/ticket/1013 |
99dd40a885ed3d42af4bbbde7ee2fc98830544d0 |
|
25-Aug-2011 |
Pavel Březina <pbrezina@redhat.com> |
New DEBUG facility - conversion
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT) |
e79d23932ef9d52cf4eb32ddec2d0a9b3af9a9eb |
|
15-Aug-2011 |
Jan Zeleny <jzeleny@redhat.com> |
sysdb refactoring: memory context deleted
This patch deletes memory context parameter in those places in sysdb
where it is not necessary. The code using modified functions has been
updated. Tests updated as well. |
8a1738f9379a1b8fb5c95c3df649e014ff5a1434 |
|
15-Aug-2011 |
Jan Zeleny <jzeleny@redhat.com> |
sysdb refactoring: deleted domain variables in sysdb API
The patch also updates code using modified functions. Tests have also
been adjusted. |
4a305e734e2fb34905e62eecb4282bb87ebc5f24 |
|
15-Jun-2011 |
Sumit Bose <sbose@redhat.com> |
Fix proxy provider return code for secondary missing groups |
c6257286e9a31dfd42d28c99a22a69e2c4717a61 |
|
21-Jan-2011 |
Stephen Gallagher <sgallagh@redhat.com> |
Delete attributes that are removed from LDAP
Sometimes, a value in LDAP will cease to exist (the classic
example being shadowExpire). We need to make sure we purge that
value from SSSD's sysdb as well.
https://fedorahosted.org/sssd/ticket/750 |
d1571f8c173ca9172fa295e6aac48b8c0c367950 |
|
02-Dec-2010 |
Sumit Bose <sbose@redhat.com> |
Add a special filter type to handle enumerations |
f8a60e728780a8230ed4fa9c5350fa94534f0543 |
|
15-Nov-2010 |
Stephen Gallagher <sgallagh@redhat.com> |
Fix const cast issue with sysdb_attrs_users_from_str_list |
580374daba2ab2c6075a7d0de9512abff133e2e9 |
|
26-Oct-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
Always use uint32_t for UID/GID numbers |
04feeade1f6259368a6b23c6b3ecbad261161659 |
|
25-Oct-2010 |
Sumit Bose <sbose@redhat.com> |
Implement netgroups for proxy provider |
d7dc57bcc2468bee756bcd568daee0644e5b888d |
|
25-Oct-2010 |
Sumit Bose <sbose@redhat.com> |
Add netgroups infrastructure to proxy provider |
27c67307976a60088ca301e07404bdb52740c3af |
|
18-Oct-2010 |
Jakub Hrozek <jhrozek@redhat.com> |
Use unsigned long for conversion to id_t
We used strtol() on a number of places to convert into uid_t or gid_t
from a string representation such as LDAP attribute, but on some
platforms, unsigned long might be necessary to store big id_t values.
This patch converts to using strtoul() instead. |
87f2bb60510f31fec012d126411f09a99c72140e |
|
08-Sep-2010 |
Jan Zeleny <jzeleny@redhat.com> |
Dead assignments cleanup in providers code
Dead assignments were deleted. Also prototype of function
sdap_access_decide_offline() has been changed, since its return
code was never used.
Ticket: #586 |
e50c0f83b874288332c1c97a181b18206bfe1be2 |
|
02-Sep-2010 |
Jan Zeleny <jzeleny@redhat.com> |
Fixed uninialized value in proxy_id provider
In function get_pw_name when allocation of memory fails, there
were two codepaths which could cause printing of undefined value.
This patch fixes both cases.
Ticket: #580 |
2dd3faebcd3cfd00efda38ffd2585d675e696b12 |
|
30-Jun-2010 |
Stephen Gallagher <sgallagh@redhat.com> |
Split proxy.c into smaller files
proxy.c was growing too large to manage (and some graphical
development tools could no longer open it because of memory
limitations).
This patch splits proxy.c into the following files:
proxy_init.c: Setup routines for the plugin
proxy_id.c: Functions to handle user and group lookups
proxy_auth.c: Functions to handle PAM interactions
proxy_common.c: Common utility routines |