| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
Fixes 644bc62
|
|
|
|
|
| |
Some test systems have more local users and some systems prefer IPv4
addresses over IPv6 addresses.
|
| |
|
|
|
|
|
| |
Apparently some environments provide certain Python executables which
are not working Python interpreters.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Ensure that the Python interpreter that is passed to configure ends up
in the shebang of the Python scripts.
This allows one to pass PYTHON=python3 to configure to install the
scripts using the Python 3 interpreter.
|
|
|
|
|
|
| |
This also adds a flake8 test that checks code style. Note that this test
is not run by default because it requires network access to create the
virtualenv with the test software.
|
|
|
|
|
|
|
|
|
| |
This ensures that both pynslcd and the command-line utilities work with
Python3 as interpreter and runs some tests with all installed Python
interpreters.
This drops support for Python 2.6 and extends 5a84be2 to perform more
testing with Python 3.
|
|
|
|
|
| |
This avoids logging the client PID when the underlying socker layer
cannot provide the relevant information.
|
|
|
|
|
|
| |
Specify result type of getusershell.
Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/31
|
| |
|
| |
|
|
|
|
| |
Closes: https://github.com/arthurdejong/nss-pam-ldapd/pull/29
|
|
|
|
|
| |
Thanks to Têko Mihinto.
See https://bugzilla.redhat.com/show_bug.cgi?id=1612543
|
|
|
|
|
|
|
|
|
| |
This adds a domain variable (if it can be determined on the system) that
can be used in pam_authz_search and pam_authc_search filters to build
search filters that search on the domain name (the FQDN without the
starting host name).
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
|
|
|
|
|
|
| |
This ensures that the integration tests can be successfully run. It
configures a slapd instance with the test database, configures the
system to use LDAP authentication and runs the tests.
|
|
|
|
|
|
|
| |
This increases the buffer that holds log messages so longer messages can
be logged.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/26
|
|
|
|
|
|
|
|
|
|
| |
This is needed to avoid a problem where a call to initgroups() can
result in NSS lookups. If nscd is configured the mechanism to avoid
loopback lookups using nss_ldap_enablelookups will not work and cause
for delays on start-up.
Note that this changes ownership of the socket to the user running
nslcd.
|
| |
|
| |
|
|
|
|
|
| |
This sets PYTHONPATH so that both the source and build directories are
used to find constants.py.
|
|
|
|
|
| |
This avoids a gcc warning in non-empty case blocks without a break
statement by explicitly marking those blocks.
|
|
|
|
|
|
|
|
| |
This increases the host name buffer to support host names (that include
FQDNs) to 255 characters and removes the reliance on HOST_NAME_MAX and
_POSIX_HOST_NAME_MAX which may be smaller in some situations.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/22
|
|
|
|
|
|
|
|
| |
This increases the maximum size of tokens that are read from the
nslcd.conf configuration file to 256 characters. This was a problem for
some very long uri values.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/21
|
| |
|
| |
|
|
|
|
|
|
|
| |
This changes the getent and getent.ldap tests to ignore password hashes
that may be present in shadow lookups in a consistent manner.
This also adds minor compatibility improvements.
|
|
|
|
|
| |
This ensures that /var/run/nslcd is created (when it does not exist)
when starting pynslcd.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes an issue with the export statement in POSIX shell scripts,
ensures that the commands in the output match those in the script,
strips password hashes for shadow lookups (for systems without PAM where
these are exposed) and only runs the tests if we enabled the utils.
Fixes 246a1f3.
|
|
|
|
|
|
| |
The former seems to be available on more platforms than the latter.
Fixes be26510.
|
|
|
|
|
|
|
| |
The macro is supposed to be defined to 0 (instead of undefined) if
pam_info() and pam_error() are not found.
Fixes 3d5ab89.
|
| |
|
| |
|
|
|
|
|
|
| |
On FreeBSD these are functions while on Linux they are macros causing
them to be incorrectly replaced on FreeBSD. This resulted in a crash of
the PAM module when e.g. presenting messages about password expiry.
|
|
|
|
|
|
| |
This removes test_pamcmds.log that is generated by test_pamcmds.expect
when running the test suite. This avoids an error in the distcheck
target.
|
|
|
|
|
|
|
|
|
|
| |
This ensures that Python can find both getent.py (from source directory)
and constants.py (from build directory) when running the tests from the
distcheck target.
This also makes the script more similar to test_nsscmds.sh.
Fixes 9c803d7.
|
|\
| |
| |
| |
| | |
This option can be used to configure the search operation that should be
performed after authentication.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This function integrates the myldap_set_credentials() and
myldap_get_policy_response() and performs the bind operation witout
actually performing a search.
The function performs a "fake" search that returns after performing the
LDAP BIND operation.
This replaces a number of dummy search operations that were there to
ensure that the connection was open. This allows us to skip the search
operation after authentication.
|
| |
| |
| |
| |
| | |
This allows performing a different, configurable search from the default
BASE search after the BIND operation.
|
| | |
|
| | |
|
|/
|
|
|
|
|
|
|
|
| |
This moves the autzsearch_var_add(), autzsearch_vars_free(),
autzsearch_var_get() and do_autzsearches() functions to the top of the
file using more generic names and introduces search_vars_new() in
prepartion of other similar searches.
This also renames the remaining authzsearch functions to authz_search to
be consistent with the pam_authz_search option.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This ensures that when querying the address 0:18:8a:54:1a:8b both that
format and 00:18:8a:54:1a:8b is searched for in LDAP.
This was triggerred by the fact that ether_ntoa() on FreeBSD returns the
long format while glibc uses the compact format.
Since we are no longer using the libc version of ether_ntoa() we can
also drop the compatibility implementation of ether_ntoa_r().
|
|
|
|
|
|
| |
This logs (at debug level) any LDAP uidNumber attribute values (or
translated objectSid attribute values) that are lower than nss_min_uid.
It also logs getpwuid() requests for such uids.
|