| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This includes a few tweaks to the test scripts to make debugging easier
and to avoid issues on Github action runners.
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
|
|
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/41
|
|
|
|
|
|
| |
This ensures that if a Python interpreter was previously supplied to
configure it is also used for subsequent calls to run a distribution
check.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check the result of the BIND operation instead of that of the
ldap_result() call when pam_authc_ppolicy is set to "no".
This could have resulted in successful authentication if the BIND
operation to the LDAP server timed out and pam_authc_ppolicy was set to
"no" but should not result in successful authentication otherwise so it
is unlikely that setting pam_authc_ppolicy to "no" ever worked as
intended. The timeout also would have to occur on the BIND operation,
not on setting up the connection.
Fixes 31cd2cf
|
|
|
|
|
|
| |
Thanks Filip Dvorak
See https://bugzilla.redhat.com/show_bug.cgi?id=1825240
|
|
|
|
|
|
|
| |
Thanks Benedict Reuschling for pointing this out.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/39
Fixes b93838d
|
|
|
|
|
|
| |
This fixes logging of the LDAP_OPT_TIMEOUT, LDAP_OPT_NETWORK_TIMEOUT and
LDAP_X_OPT_CONNECT_TIMEOUT options to actually log the value of the
bind_timelimit option instead of the timelimit option.
|
|
|
|
| |
See https://bugs.debian.org/900253
|
| |
|
| |
|
|
|
|
| |
Fixes 644bc62
|
|
|
|
|
| |
Some test systems have more local users and some systems prefer IPv4
addresses over IPv6 addresses.
|
| |
|
|
|
|
|
| |
Apparently some environments provide certain Python executables which
are not working Python interpreters.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Ensure that the Python interpreter that is passed to configure ends up
in the shebang of the Python scripts.
This allows one to pass PYTHON=python3 to configure to install the
scripts using the Python 3 interpreter.
|
|
|
|
|
|
| |
This also adds a flake8 test that checks code style. Note that this test
is not run by default because it requires network access to create the
virtualenv with the test software.
|
|
|
|
|
|
|
|
|
| |
This ensures that both pynslcd and the command-line utilities work with
Python3 as interpreter and runs some tests with all installed Python
interpreters.
This drops support for Python 2.6 and extends 5a84be2 to perform more
testing with Python 3.
|
|
|
|
|
| |
This avoids logging the client PID when the underlying socker layer
cannot provide the relevant information.
|
|
|
|
|
|
| |
Specify result type of getusershell.
Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/31
|
| |
|
| |
|
|
|
|
| |
Closes: https://github.com/arthurdejong/nss-pam-ldapd/pull/29
|
|
|
|
|
| |
Thanks to Têko Mihinto.
See https://bugzilla.redhat.com/show_bug.cgi?id=1612543
|
|
|
|
|
|
|
|
|
| |
This adds a domain variable (if it can be determined on the system) that
can be used in pam_authz_search and pam_authc_search filters to build
search filters that search on the domain name (the FQDN without the
starting host name).
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
|
|
|
|
|
|
| |
This ensures that the integration tests can be successfully run. It
configures a slapd instance with the test database, configures the
system to use LDAP authentication and runs the tests.
|
|
|
|
|
|
|
| |
This increases the buffer that holds log messages so longer messages can
be logged.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/26
|
|
|
|
|
|
|
|
|
|
| |
This is needed to avoid a problem where a call to initgroups() can
result in NSS lookups. If nscd is configured the mechanism to avoid
loopback lookups using nss_ldap_enablelookups will not work and cause
for delays on start-up.
Note that this changes ownership of the socket to the user running
nslcd.
|
| |
|
| |
|
|
|
|
|
| |
This sets PYTHONPATH so that both the source and build directories are
used to find constants.py.
|
|
|
|
|
| |
This avoids a gcc warning in non-empty case blocks without a break
statement by explicitly marking those blocks.
|
|
|
|
|
|
|
|
| |
This increases the host name buffer to support host names (that include
FQDNs) to 255 characters and removes the reliance on HOST_NAME_MAX and
_POSIX_HOST_NAME_MAX which may be smaller in some situations.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/22
|
|
|
|
|
|
|
|
| |
This increases the maximum size of tokens that are read from the
nslcd.conf configuration file to 256 characters. This was a problem for
some very long uri values.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/21
|
| |
|
| |
|
|
|
|
|
|
|
| |
This changes the getent and getent.ldap tests to ignore password hashes
that may be present in shadow lookups in a consistent manner.
This also adds minor compatibility improvements.
|
|
|
|
|
| |
This ensures that /var/run/nslcd is created (when it does not exist)
when starting pynslcd.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes an issue with the export statement in POSIX shell scripts,
ensures that the commands in the output match those in the script,
strips password hashes for shadow lookups (for systems without PAM where
these are exposed) and only runs the tests if we enabled the utils.
Fixes 246a1f3.
|
|
|
|
|
|
| |
The former seems to be available on more platforms than the latter.
Fixes be26510.
|
|
|
|
|
|
|
| |
The macro is supposed to be defined to 0 (instead of undefined) if
pam_info() and pam_error() are not found.
Fixes 3d5ab89.
|
| |
|
| |
|
|
|
|
|
|
| |
On FreeBSD these are functions while on Linux they are macros causing
them to be incorrectly replaced on FreeBSD. This resulted in a crash of
the PAM module when e.g. presenting messages about password expiry.
|