| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
This updates the test framework to support --with-module-name, ensures
that exports.map is rebuilt when configure is re-ran, fixes parsing of
nsswitch.conf (to determine what to return for passwd lookups) and fixes
the check for _nss_ldap_version.
|
|
|
|
|
| |
Adjust the Linux OOM (Out-Of-Memory) killer score by -1000 for nslcd so
that it should not be killed.
|
|
|
|
| |
This introduces the --with-module-name configure option to allow building of NSS and
PAM modules with different namespaces than ldap.
|
|
|
| |
Thanks Jianhai Luan.
|
| |
|
|
|
|
|
|
|
|
|
| |
mmkfilter_passwd_byuid()/mkfilter_group_bygid() get wrong filter string
because "%d" will return negative when uid/gid larger than 2^31, and
result to "Authentiction failure".
This also changes the other places where uid_t or gid_t values are
formatted.
|
|
|
|
|
| |
This also clears errno in the main function to ensure that no incorrect
errno value is logged on errors.
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a new daemonize module that provides functions for
closing all file descriptors, redirecting stdin/stdout/stderr to
/dev/null and a function for backgrounding an application while only
exiting the original process after the daemon process has indicated
readiness.
This is used to exit the original process only after the listening
socket has been set up and the worker threads have been started.
|
|
|
|
|
| |
This includes a number of small fixes for issues that were formerly
masked by the incorrect AC_LANG_PROGRAM check.
|
|
|
|
|
|
| |
This causes the pidfile to be written as the first thing after
daemonising nslcd to minimise the race between service script completion
and pidfile being locked.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By using bigger write buffers in nslcd we reduce the number of writes in
nslcd and consequently the number of reads in the NSS and PAM modules
for bigger responses.
This reduces the number of system calls that are made during a request
and brings a small performance improvement that is mainly measurable in
the NSS module. A measurement showed 30-80% reduction in the number of
system calls in the NSS module and around 10% reduction in CPU usage
(CPU time, only small reduction in wallclock time).
Thanks John Sullivan for pointing this out.
|
| |
|
|
|
|
|
|
| |
This implements and documents handling of the SIGUSR1 signal in nslcd to
reset the reconnect_sleeptime and reconnect_retrytime timers to re-check
availability of the LDAP server.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also returns everything except the password hash from the shadow
database to non-root users (nothing was returned before). This allows
non-root users to do PAM authentication in some configurations.
On some systems there is a setgid executable that is allowed to read
/etc/shadow for authentication by e.g. screensavers. Returning no shadow
information will cause pam_unix to deny authorisation in common
configurations.
See:
http://bugs.debian.org/706913
|
| |
|
|
|
|
|
| |
This also renames the internal nscd module to invalidator for both nslcd
and pynslcd. The new invalidator module is now no longer nscd-specific.
|
| |
|
|
|
|
|
|
|
| |
This is currently limited to supporting modification of the homeDirectory and
loginShell attributes.
Modifications as root currently use the rootpwmoddn and rootpwmodpw options.
|
|
|
|
| |
after reconnecting to the LDAP server after failure
|
|
|
|
| |
to all modules
|
| |
|
|
|
|
| |
descriptors are open
|
| |
|
| |
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1925 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
structure to make debugging easier
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1866 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
order and switch use of uid_t and gid_t in the protocol to int32
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1864 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
right ownership
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1795 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
descriptor activity to also correctly work if more than FD_SETSIZE files are already open
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1783 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
(fixes r1723)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1744 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
group of the specified user and load the user's supplementary groups
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1723 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1693 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
systems that lack it
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1686 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1685 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1678 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1624 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1605 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
FreeBSD issue, fixes r1295)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1596 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1592 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1575 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1568 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
initialised and log denied requests
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1558 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1430 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1429 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
finish before exiting (but wait a few seconds on platforms with pthread_timedjoin_np())
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1414 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1403 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1400 ef36b2f9-881f-0410-afb5-c4e39611909c
|