Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/nslcd.c
Commit message (Collapse)AuthorAgeFilesLines
* Ignore SIGUSR2 for future compatibilityArthur de Jong2013-08-231-1/+1
|
* Handle SIGUSR1 by resetting the retry timerArthur de Jong2013-08-211-14/+21
| | | | | | This implements and documents handling of the SIGUSR1 signal in nslcd to reset the reconnect_sleeptime and reconnect_retrytime timers to re-check availability of the LDAP server.
* Return partial shadow information to non-root usersArthur de Jong2013-08-211-4/+2
| | | | | | | | | | | | | | This also returns everything except the password hash from the shadow database to non-root users (nothing was returned before). This allows non-root users to do PAM authentication in some configurations. On some systems there is a setgid executable that is allowed to read /etc/shadow for authentication by e.g. screensavers. Returning no shadow information will cause pam_unix to deny authorisation in common configurations. See: http://bugs.debian.org/706913
* -n switch for nslcd (prevents process from forking)Caleb Callaway2013-08-181-2/+10
|
* Rename nscd_invalidate option to reconnect_invalidateArthur de Jong2013-07-261-3/+3
| | | | | This also renames the internal nscd module to invalidator for both nslcd and pynslcd. The new invalidator module is now no longer nscd-specific.
* Fix commentArthur de Jong2013-04-031-1/+1
|
* Handle user modification requests in nslcdArthur de Jong2013-03-301-0/+1
| | | | | | | This is currently limited to supporting modification of the homeDirectory and loginShell attributes. Modifications as root currently use the rootpwmoddn and rootpwmodpw options.
* start the nscd invalidator and invalidate the nscd cache ↵Arthur de Jong2013-03-091-0/+6
| | | | after reconnecting to the LDAP server after failure
* move signame() function to common.c to make it available ↵Arthur de Jong2013-03-091-55/+0
| | | | to all modules
* log version information from the NSS moduleArthur de Jong2013-02-231-1/+11
|
* extra sanity check to ensure not too many file ↵Arthur de Jong2013-02-231-0/+5
| | | | descriptors are open
* handle the log configuration option in nslcdArthur de Jong2013-02-231-8/+8
|
* implement a netgroup_all requestArthur de Jong2013-02-081-0/+1
|
* make checking dlsym() result a little saferArthur de Jong2013-01-181-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1925 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong2012-12-301-19/+19
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
* update C coding style to a more commonly used styleArthur de Jong2012-12-221-318/+331
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
* make nslcd actions hexadecimal values with some ↵Arthur de Jong2012-12-161-2/+2
| | | | | | structure to make debugging easier git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1866 ef36b2f9-881f-0410-afb5-c4e39611909c
* switch protocol from host byte order to network byte ↵Arthur de Jong2012-12-161-5/+6
| | | | | | order and switch use of uid_t and gid_t in the protocol to int32 git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1864 ef36b2f9-881f-0410-afb5-c4e39611909c
* if nslcd creates the state directory, try to set the ↵Arthur de Jong2012-10-141-2/+8
| | | | | | right ownership git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1795 ef36b2f9-881f-0410-afb5-c4e39611909c
* use poll() instead of select() for checking file ↵Arthur de Jong2012-10-121-7/+7
| | | | | | descriptor activity to also correctly work if more than FD_SETSIZE files are already open git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1783 ef36b2f9-881f-0410-afb5-c4e39611909c
* include an explicit cast to int when printing gid_t ↵Arthur de Jong2012-09-011-2/+2
| | | | | | (fixes r1723) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1744 ef36b2f9-881f-0410-afb5-c4e39611909c
* on startup have the gid option default to the primary ↵Arthur de Jong2012-07-201-9/+20
| | | | | | group of the specified user and load the user's supplementary groups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1723 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a pam_password_prohibit_message nslcd.conf ↵Arthur de Jong2012-07-081-0/+1
| | | | | | option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
* get rid of a few compiler warnings on FreeBSDArthur de Jong2012-05-181-0/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1693 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide a compatibility definition of SUN_LEN() for ↵Arthur de Jong2012-05-091-0/+1
| | | | | | systems that lack it git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1686 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove duplicate debug from log messageArthur de Jong2012-05-091-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1685 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't try to close _SC_OPEN_MAX file descriptorArthur de Jong2012-05-041-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1678 ef36b2f9-881f-0410-afb5-c4e39611909c
* update copyright yearsArthur de Jong2012-02-291-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1624 ef36b2f9-881f-0410-afb5-c4e39611909c
* clarify error messages and fix typo in commentArthur de Jong2012-01-201-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1605 ef36b2f9-881f-0410-afb5-c4e39611909c
* pass the correct size of named socket address (fixes ↵Arthur de Jong2012-01-171-1/+1
| | | | | | FreeBSD issue, fixes r1295) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1596 ef36b2f9-881f-0410-afb5-c4e39611909c
* Warn if fd cannot be closed in is_locked()Jakub Hrozek2012-01-091-2/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1592 ef36b2f9-881f-0410-afb5-c4e39611909c
* typo fix in commentArthur de Jong2011-12-281-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1575 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly handle failures to truncate the pid fileArthur de Jong2011-12-101-1/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1568 ef36b2f9-881f-0410-afb5-c4e39611909c
* ensure that uid, gid and pid vars are properly ↵Arthur de Jong2011-12-011-5/+7
| | | | | | initialised and log denied requests git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1558 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix r1429 to properly handle absence of RTLD_NODELETEArthur de Jong2011-04-181-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1430 ef36b2f9-881f-0410-afb5-c4e39611909c
* support systems without RTLD_NODELETEArthur de Jong2011-04-181-1/+7
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1429 ef36b2f9-881f-0410-afb5-c4e39611909c
* no longer indefinitely wait for all worker threads to ↵Arthur de Jong2011-03-251-33/+30
| | | | | | finish before exiting (but wait a few seconds on platforms with pthread_timedjoin_np()) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1414 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide a definition of daemon() for systems that lack itArthur de Jong2011-03-231-2/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1403 ef36b2f9-881f-0410-afb5-c4e39611909c
* small code improvementsArthur de Jong2011-03-191-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1400 ef36b2f9-881f-0410-afb5-c4e39611909c
* ensure that session id is only logged while handling a ↵Arthur de Jong2011-03-061-2/+4
| | | | | | connection git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1375 ef36b2f9-881f-0410-afb5-c4e39611909c
* create the directory for the socket and pidfileArthur de Jong2011-02-111-11/+24
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1369 ef36b2f9-881f-0410-afb5-c4e39611909c
* in each worker wake up once in a while to check whether ↵Arthur de Jong2010-12-081-6/+44
| | | | | | any existing LDAP connections should be closed git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1319 ef36b2f9-881f-0410-afb5-c4e39611909c
* close all open file descriptors on startArthur de Jong2010-11-261-0/+8
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1316 ef36b2f9-881f-0410-afb5-c4e39611909c
* move acceptconnection() function body inside the ↵Arthur de Jong2010-11-041-51/+63
| | | | | | worker() so we can more easily break out of the connection handling thread, close the server socket inside the signal handler to cause all threads waiting on accept() to fail and ensure that signals are handled in the main thread by blocking them in the worker threads (r1290 from -solaris branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1298 ef36b2f9-881f-0410-afb5-c4e39611909c
* pass the actual size of the address family and the path ↵Arthur de Jong2010-11-041-1/+1
| | | | | | length to bind() and connect() for named sockets git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1295 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix log messageArthur de Jong2010-10-161-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1287 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-3/+2
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow configuring NSS module's SONAME from configure and ↵Arthur de Jong2010-07-071-1/+1
| | | | | | use this in nslcd to dlopen() the correct library (thanks to Alexander V. Chernikov for the idea) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1161 ef36b2f9-881f-0410-afb5-c4e39611909c
* use RTLD_NODELETE during dlopen() instead of not using ↵Arthur de Jong2010-06-161-3/+4
| | | | | | dlclose() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1144 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a global symbol inside the NSS module to allow ↵Arthur de Jong2010-06-141-8/+38
| | | | | | applications to disable NSS lookups over LDAP and use it in nslcd to avoid deadlocks git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1141 ef36b2f9-881f-0410-afb5-c4e39611909c