Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/cfg.h
Commit message (Collapse)AuthorAgeFilesLines
* Add the ability to offset UID and GID numbersSeth Wright2017-06-201-0/+2
|
* Add pam_authc_search option parsingArthur de Jong2017-06-151-1/+2
|
* Add pam_authc_ppolicy optionMathieu Baeumler2016-01-061-0/+3
| | | | This option allows completely disabling ppolicy handling.
* Implement disable_enumerationAndrew Elble2015-05-011-0/+1
| | | | | | | | | | If this option is present, functions which cause all user/group entries to be loaded (getpwent(), getgrent()) from the directory will not succeed in doing so. This can dramatically reduce ldap server load in situations where there are a great number of users and/or groups. Applications that depend on being able to sequentially read all users and/or groups may fail to operate correctly. This option is not recommended for most configurations.
* Implement nss_getgrent_skipmembersArthur de Jong2015-04-201-1/+2
| | | | | | | This option allows skipping group member list retrieval to improve performance with very large groups. This option results in inconsistent group membership information being presented that may confuse some applications.
* Implement a cache configuration optionArthur de Jong2013-12-211-0/+4
| | | | | This adds the cache nslcd.conf configuration option to configure the dn2uid cache in nslcd with a positive and negative cache lifetime.
* Increase NSS_LDAP_CONFIG_MAX_BASES to 31Arthur de Jong2013-10-071-1/+1
| | | | This allows more search bases which may be useful in some environments.
* Rename nscd_invalidate option to reconnect_invalidateArthur de Jong2013-07-261-1/+1
| | | | | This also renames the internal nscd module to invalidator for both nslcd and pynslcd. The new invalidator module is now no longer nscd-specific.
* Allow invalidating the nfsidmap cacheArthur de Jong2013-07-261-0/+1
| | | | This introduces an nfsidmap value for nscd_invalidate which will cause the nfsidmap -c command to be run.
* Fix comment for nss_nested_groups config optionArthur de Jong2013-03-281-1/+1
|
* Implement a nss_nested_groups configuration optionArthur de Jong2013-03-241-0/+1
| | | | | | This option can be used in both nslcd and pynslcd to enable recursive group member lookups. By default the functionality is disabled. This also updates the documentation.
* spelling fixesArthur de Jong2013-03-241-1/+1
|
* implement parsing of the nscd_invalidate optionArthur de Jong2013-03-091-0/+1
|
* dump full nslcd configuration at debug level on start-upArthur de Jong2013-01-181-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1920 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove undocumented restart configuration optionArthur de Jong2012-12-301-2/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1889 ef36b2f9-881f-0410-afb5-c4e39611909c
* reorganise and rename configuration options to be in ↵Arthur de Jong2012-12-301-73/+45
| | | | | | line with manual page git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1888 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong2012-12-301-32/+32
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
* re-order enum values to use the same order as elsewhereArthur de Jong2012-12-281-6/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1880 ef36b2f9-881f-0410-afb5-c4e39611909c
* update C coding style to a more commonly used styleArthur de Jong2012-12-221-9/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
* introduce a sasl_canonicalize option that will now, by ↵Arthur de Jong2012-08-141-0/+4
| | | | | | default, disable reverse host name lookups in OpenLDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1733 ef36b2f9-881f-0410-afb5-c4e39611909c
* on startup have the gid option default to the primary ↵Arthur de Jong2012-07-201-0/+2
| | | | | | group of the specified user and load the user's supplementary groups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1723 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a pam_password_prohibit_message nslcd.conf ↵Arthur de Jong2012-07-081-0/+3
| | | | | | option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow the pam_authz_search option to be specified ↵Arthur de Jong2012-05-041-5/+8
| | | | | | multiple times git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1679 ef36b2f9-881f-0410-afb5-c4e39611909c
* make whether or not to do case-sensitive filtering ↵Arthur de Jong2012-03-131-0/+2
| | | | | | configurable (patch by Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a validnames option that can be used to ↵Arthur de Jong2011-03-251-1/+4
| | | | | | fine-tune the test for valid user and group names using a regular expression git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1411 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a nss_min_uid option to filter user entries ↵Arthur de Jong2010-12-201-0/+2
| | | | | | returned by LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove obsolete noteArthur de Jong2010-10-161-2/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1286 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-0/+2
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove warning messages from parsing the sasl_* options ↵Arthur de Jong2010-06-181-4/+4
| | | | | | and document them in the nslcd.conf(5) manual page (they should be functional) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1150 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the use_sasl option and instead rely on sasl_mech ↵Arthur de Jong2010-06-181-2/+0
| | | | | | being specified git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1148 ef36b2f9-881f-0410-afb5-c4e39611909c
* make include guard names consistent throughout the ↵Arthur de Jong2010-06-141-3/+3
| | | | | | source and avoid conflicts with system headers git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1140 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename reconnect_maxsleeptime option to reconnect_retrytimeArthur de Jong2010-05-091-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1094 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor retry timing mechanism to use time between ↵Arthur de Jong2010-05-091-2/+2
| | | | | | first and last error to determin when to rerty and only try once (and don't sleep) when we have been failing for a long time git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1091 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename authz_search option to pam_authz_searchArthur de Jong2010-05-081-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1089 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement an authz_search option to test whether the ↵Arthur de Jong2010-05-071-0/+2
| | | | | | user is authorised git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1088 ef36b2f9-881f-0410-afb5-c4e39611909c
* add an nss_initgroups_ignoreusers option to ignore ↵Arthur de Jong2010-03-201-0/+4
| | | | | | username to group lookups for the specified users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1076 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename admindn option to rootpwmoddnArthur de Jong2010-02-271-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1067 ef36b2f9-881f-0410-afb5-c4e39611909c
* add admindn configuration file option that is used when ↵Arthur de Jong2010-01-241-1/+3
| | | | | | modifying another user's password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1059 ef36b2f9-881f-0410-afb5-c4e39611909c
* some small simplifcations and clarificationsArthur de Jong2009-12-291-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1046 ef36b2f9-881f-0410-afb5-c4e39611909c
* some compatibility improvementsArthur de Jong2009-10-051-0/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@998 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-241-1/+4
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* set most SSL/TLS related options globally instead of per ↵Arthur de Jong2009-05-011-14/+0
| | | | | | connection git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@853 ef36b2f9-881f-0410-afb5-c4e39611909c
* move debugging initialisation to myldap_set_debuglevel() ↵Arthur de Jong2009-04-301-2/+0
| | | | | | function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@852 ef36b2f9-881f-0410-afb5-c4e39611909c
* include ldap.h to ensure that struct ldap_config will be ↵Arthur de Jong2009-04-251-1/+2
| | | | | | the same in every file git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@849 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename the tls_checkpeer option to tls_reqcert, ↵Arthur de Jong2008-12-061-1/+1
| | | | | | deprecating the old name and supporting all options that OpenLDAP supports for that value git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@805 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove sslpath option because it wasn't used for anythingArthur de Jong2008-11-291-2/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@801 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement SASL authentication based on a patch by Dan ↵Arthur de Jong2008-06-141-2/+8
| | | | | | White <dwhite@olp.net> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@762 ef36b2f9-881f-0410-afb5-c4e39611909c
* add uid and gid configuration keywords that set the user ↵Arthur de Jong2008-06-061-0/+11
| | | | | | id and group id of the running nslcd process git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@745 ef36b2f9-881f-0410-afb5-c4e39611909c
* make number of threads configurable with the threads keywordArthur de Jong2008-05-041-0/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@725 ef36b2f9-881f-0410-afb5-c4e39611909c