History log of /sssd/src/responder/sudo/sudosrv_private.h
Revision Date Author Comments Expand
e3bb7b3fda4697fa9c6f80107cd01dd04a20c85f 11-May-2016 Petr Cech <pcech@redhat.com>

RESPONDER: Removing ncache from sudo_ctx This patch switches ncache from sudo_ctx to resp_ctx. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

e50bd9752c7c94bc06d384487fef890ef8cc0e17 11-May-2016 Petr Cech <pcech@redhat.com>

RESPONDER: Removing neg_timeout from sudo resp. Timout of negative cache is handled by context of negative cache. So this parameter is not needed now. Resolves: https://fedorahosted.org/sssd/ticket/2137 Reviewed-by: Pavel Březina <pbrezina@redhat.com>

b3ca35780617b2e5a7637f9888b089e8e26a4e8c 19-Apr-2016 Pavel Březina <pbrezina@redhat.com>

sudo: convert get_sudorules to tevent There was a lot of confusion with different error codes and where to call sudosrv_cmd_done to finish the client request. Converting it whole to tevent makes it much more simpler to read and follow the request logic. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

15d41c8f28259061e39715acdbbbaea778b6ecc8 19-Apr-2016 Pavel Březina <pbrezina@redhat.com>

sudo: do not use tevent when parsing query Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

52300e30a0ec0bbfa1b0918ee0b495f06f5d142a 19-Apr-2016 Pavel Březina <pbrezina@redhat.com>

sudo: use cache_req for initgroups This is just blind code change, the next patch will improve it so for example we don't do initgroups during query-parsing phase. Resolves: https://fedorahosted.org/sssd/ticket/1126 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

536dcc7fb975acfc126846a889d90332304e88ba 19-Apr-2016 Pavel Březina <pbrezina@redhat.com>

sudo: remove unused structure sudo_dp_request Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

52e3ee5c5ff2c5a4341041826a803ad42d2b2de7 14-Aug-2015 Pavel Březina <pbrezina@redhat.com>

sudo: use "higher value wins" when ordering rules This commit changes the default ordering logic (lower value wins) to a correct one that is used by native ldap support. It also adds a new option sudo_inverse_order to switch to the original SSSD (incorrect) behaviour if needed. Resolves: https://fedorahosted.org/sssd/ticket/2682 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

2a25713afc6beefb11a799903a43f695c5d7a4f9 14-Apr-2015 Adam Tkac <vonsch@gmail.com>

Option filter_users had no effect for retrieving sudo rules Previously sssd_sudo always obtained sudo rules for user from LDAP even when user was enlisted in filter_users. Resolves https://fedorahosted.org/sssd/ticket/2625 Reviewed-by: Pavel Březina <pbrezina@redhat.com>

5ff1c3c5a12930692cb6284d14f7fda3a974af8e 22-Jan-2013 Pavel Březina <pbrezina@redhat.com>

sudo responder: change num_rules type from size_t to uint32_t https://fedorahosted.org/sssd/ticket/1779 2^32 should be enough to store sudo rules. size_t type was causing troubles on big endian architectures, because it wasn't used correctly in combination with D-Bus.

e880949305cee3aca79441fe6113a9d79e7c98f2 18-Dec-2012 Jakub Hrozek <jhrozek@redhat.com>

RESPONDERS: Create a common file with service names and versions The monitor sends calls different sbus methods to different responders. Instead of including headers of the particular responders directly in monitor, which breaks layering a little, create a common header file that will be included from src/responder/common/

7379170a0860790f2739e07fffe3d6ec85264566 14-Nov-2012 Pavel Březina <pbrezina@redhat.com>

sudo: do not send domain name with username This caused troubles with subdomain users and it is not really necessary. This patch does not change the protocol itself, that should be done on the earliest possible occasion. Part of https://fedorahosted.org/sssd/ticket/1616

d38ffc9c92daeb62de7d28c409bdaeff98f82775 14-Nov-2012 Pavel Březina <pbrezina@redhat.com>

sudo: support users from subdomains https://fedorahosted.org/sssd/ticket/1616

20f82655b3a29cf0784ba5c912927d1ada1287df 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: schedule OOB full refresh when expired rule is deleted

e5b34f0166ae61468e53f369578e691ddb09cdd0 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: update dp interface

76db25eab9010a33657f35e5afc8477c996df7a3 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: new request enum type sss_sudo_type represents query type that comes to the responder sss_dp_sudo_type represents query type to DP that is issued by the responder I'm leaving current values of sss_dp_sudo_type untouched so the compilation is not broken. Hovewer, they will be changed to new DP types once the DP interface is updated.

b95c6b5485eee5f45f62f87df77c9178857d625e 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: discard in-memory cache

46d3d2c731e8c7e138462e5b60a39a279dc77d81 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo api: send uid, username and domainname https://fedorahosted.org/sssd/ticket/1239 Test client was changed accordingly. The new usage is: sss_sudo_cli username [uid] If uid is not set, getpwnam(username) is called. It will retrieve both default options and rules.

b0abb3bfdfd95951a23c9fc223c735805ffd2969 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: get rid of dctx where possible

710472d946f6c337a095699dfd79134fa8b9eab9 29-Jun-2012 Pavel Březina <pbrezina@redhat.com>

sudo responder: remove code duplication in commands

744dff21cc626efdc646dd293c97c6a19a9f6ed5 24-Feb-2012 Pavel Březina <pbrezina@redhat.com>

Move sudo_dom_ctx.user to local variable

278284224aa10805d58c978977e43b1d1126f9b1 24-Feb-2012 Pavel Březina <pbrezina@redhat.com>

Honor case_sensitive option in sudo responder https://fedorahosted.org/sssd/ticket/1205

c9aab1c04c399ca2d1abef74f6df22ced34983dc 04-Feb-2012 Pavel Březina <pbrezina@redhat.com>

SUDO Integration - responder 'sudo_timed' option https://fedorahosted.org/sssd/ticket/1116

41ef946f3f74a46b9e26118116e4811e259b30ef 04-Feb-2012 Pavel Březina <pbrezina@redhat.com>

SUDO Integration - in-memory cache in responder New sudo responder option: cache_timeout https://fedorahosted.org/sssd/ticket/1111

c47e9d522f0d87259e5074ea643daaa3dfcb8d92 27-Jan-2012 Pavel Březina <pbrezina@redhat.com>

SUDO Integration - responder command for cn=defaults https://fedorahosted.org/sssd/ticket/1143

3d55c65fbe50074f6a63dcb8ae866c038a9e6b2b 27-Jan-2012 Stephen Gallagher <sgallagh@redhat.com>

Rename sss_dp_type to sss_dp_sudo_type I pushed an older version of this patch that had the incorrect name. This is the interdiff.

3b121852048a7931f8a608527b760963e2ed2bb4 27-Jan-2012 Jakub Hrozek <jhrozek@redhat.com>

Use the new SUDO request in DP and sudo responder Also remove the old request implementation https://fedorahosted.org/sssd/ticket/1115

3b09b74bf65867d882af87ec60e2a517b15264a6 27-Jan-2012 Jakub Hrozek <jhrozek@redhat.com>

SUDO: Provide a sudo DP request based on the internal_req

2827b0d03f7b6bafa504d22a5d7ca39cbda048b3 16-Dec-2011 Pavel Březina <pbrezina@redhat.com>

SUDO Integration - responder