Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Get files ready for 0.9.7 release0.9.7 | Arthur de Jong | 2016-08-14 | 1 | -2/+2 |
| | |||||
* | Support ${var:offset:length} in pynslcd | Arthur de Jong | 2016-06-03 | 1 | -1/+29 |
| | |||||
* | Fix pynslcd expression representation | Arthur de Jong | 2016-06-03 | 1 | -2/+2 |
| | | | | | | The problem was that the ExpressionMapping string value did not include the quotes which will cause problems when printing the expression (e.g. when logging or dumping config, etc.). | ||||
* | Work around bug in python-daemon | Arthur de Jong | 2015-07-19 | 1 | -2/+2 |
| | | | See https://bugs.debian.org/792871 | ||||
* | Implement disable_enumeration | Andrew Elble | 2015-05-01 | 4 | -1/+15 |
| | | | | | | | | | | If this option is present, functions which cause all user/group entries to be loaded (getpwent(), getgrent()) from the directory will not succeed in doing so. This can dramatically reduce ldap server load in situations where there are a great number of users and/or groups. Applications that depend on being able to sequentially read all users and/or groups may fail to operate correctly. This option is not recommended for most configurations. | ||||
* | Implement nss_getgrent_skipmembers | Arthur de Jong | 2015-04-20 | 2 | -4/+7 |
| | | | | | | | This option allows skipping group member list retrieval to improve performance with very large groups. This option results in inconsistent group membership information being presented that may confuse some applications. | ||||
* | Allow configuration of NSS and PAM names | Arthur de Jong | 2015-01-19 | 2 | -4/+8 |
| | | | | This introduces the --with-module-name configure option to allow building of NSS and PAM modules with different namespaces than ldap. | ||||
* | Fix comment | Arthur de Jong | 2014-06-05 | 1 | -1/+1 |
| | |||||
* | Get files ready for 0.9.3 release0.9.3 | Arthur de Jong | 2014-03-12 | 1 | -2/+2 |
| | |||||
* | Support blanking the member attribute | Arthur de Jong | 2014-01-05 | 1 | -13/+16 |
| | | | | | | This allows remapping the member attribute to an empty string which removes support for that attribute. This can reduce the number of search operations if the attribute is not used. | ||||
* | Also run invalidators on initial connect | Arthur de Jong | 2013-10-25 | 1 | -2/+6 |
| | | | | | | This also invalidates the caches configured with reconnect_invalidate on the first successful search. This should handle the case more gracefully where caches were filled with negative hits before nslcd was running. | ||||
* | Remove unneeded imports | Arthur de Jong | 2013-09-15 | 2 | -2/+0 |
| | |||||
* | Handle failure of getpeercred more gracefully | Arthur de Jong | 2013-08-25 | 1 | -9/+9 |
| | |||||
* | Rearrange Python imports | Arthur de Jong | 2013-08-25 | 4 | -5/+6 |
| | |||||
* | Have pynslcd handle mapped userPassword | Arthur de Jong | 2013-08-21 | 3 | -4/+17 |
| | | | | | | This fixes an error that could occur when the userPassword was retrieved from LDAP and insufficient privileges were available for reading the attribute. | ||||
* | Fix rootpwmodpw handling in pynslcd | Arthur de Jong | 2013-08-18 | 1 | -2/+2 |
| | |||||
* | Fix not logging passwords in pynslcd (7108b1f) | Arthur de Jong | 2013-08-18 | 1 | -1/+1 |
| | |||||
* | Rename isvalidname() to is_valid_name() in pynslcd | Arthur de Jong | 2013-08-18 | 4 | -7/+7 |
| | |||||
* | Do not log passwords in pynslcd | Arthur de Jong | 2013-08-18 | 1 | -1/+8 |
| | |||||
* | -n switch for pynslcd | Arthur de Jong | 2013-08-18 | 1 | -3/+10 |
| | |||||
* | Use retrieve_by, group_by and group_columns in the cache | Arthur de Jong | 2013-08-17 | 9 | -160/+229 |
| | | | | | | | | | | This removes custom retrieve() functions and Query classes from the database modules and uses retrieve_sql retrieve_by, group_by and group_columns to make a custom retrieval query. In the cache module this completely replaces how the query grouping is done. The Query class is now only used inside the cache and the CnAliasedQuery, RowGrouper and related classed have been removed. | ||||
* | Make Cache a context manager | Arthur de Jong | 2013-08-17 | 1 | -0/+6 |
| | |||||
* | Give cache tables friendlier names | Arthur de Jong | 2013-08-17 | 9 | -61/+74 |
| | | | | This also defined the tables for netgroup storage. | ||||
* | Explicitly define tables used for cache | Arthur de Jong | 2013-08-17 | 8 | -14/+35 |
| | | | | | | | This introduces the tables property in the Cache object that is used to define the used tables. This also fixes the storing of mulit-valued attributes in the cache. | ||||
* | Move cache table creation to modules | Arthur de Jong | 2013-08-17 | 12 | -177/+193 |
| | | | | | | This also moves the creation of a SQLite database connection to a _get_connection() function to ensure the cache is only created when the caches are instantiated. | ||||
* | Fix missing part of d659e83 | Arthur de Jong | 2013-07-30 | 1 | -2/+2 |
| | |||||
* | Use cleaner import and get rid of uid2dn function in pynslcd | Arthur de Jong | 2013-07-29 | 2 | -12/+5 |
| | |||||
* | Handle the nss_min_uid option in pynslcd | Arthur de Jong | 2013-07-29 | 2 | -4/+16 |
| | |||||
* | Handle the nss_initgroups_ignoreusers option in pynslcd | Arthur de Jong | 2013-07-29 | 2 | -1/+9 |
| | |||||
* | Fix handling of pam_password_prohibit_message in pynslcd | Arthur de Jong | 2013-07-29 | 2 | -2/+2 |
| | |||||
* | Implement config request handling in pynslcd | Arthur de Jong | 2013-07-29 | 3 | -3/+49 |
| | | | | This allows the PAM module to request the pam_password_prohibit_message option for denying password change. | ||||
* | Implement PAM session handling in pynslcd | Arthur de Jong | 2013-07-28 | 1 | -2/+61 |
| | | | | | Just like in nslcd this doesn't actually do anything with the session ids except generating them. | ||||
* | Properly handle start_tls in pynslcd | Arthur de Jong | 2013-07-28 | 1 | -0/+4 |
| | |||||
* | Fix errors in invalidator changes | Arthur de Jong | 2013-07-26 | 2 | -2/+2 |
| | | | | | This fixes a few typos and an omission in the configuration file parsing code. | ||||
* | Rename nscd_invalidate option to reconnect_invalidate | Arthur de Jong | 2013-07-26 | 5 | -19/+19 |
| | | | | | This also renames the internal nscd module to invalidator for both nslcd and pynslcd. The new invalidator module is now no longer nscd-specific. | ||||
* | Allow invalidating the nfsidmap cache | Arthur de Jong | 2013-07-26 | 2 | -16/+18 |
| | | | | This introduces an nfsidmap value for nscd_invalidate which will cause the nfsidmap -c command to be run. | ||||
* | Fix nscd cache flushing bug in pynslcd | Arthur de Jong | 2013-07-26 | 1 | -1/+1 |
| | | | | | The pynslcd implementation would always clear the passwd nscd cache regardless of the provided map. | ||||
* | Ignore errors in opening NSS module | Arthur de Jong | 2013-05-10 | 1 | -1/+4 |
| | |||||
* | Python style changes | Arthur de Jong | 2013-04-12 | 9 | -39/+36 |
| | | | | | | | This tries to conform more closely to PEP8. Imports have been checked and, if used only once, moved closer to the use to avoid potential import loops. This also includes a few other minor changes, like using __main__ for utility scripts and variable renames to avoid name clashes. | ||||
* | Raise an error with a missing old password on password ↵ | Arthur de Jong | 2013-04-12 | 1 | -1/+3 |
| | | | | modification | ||||
* | Fix getting caller's uid on password change (pynslcd) | Arthur de Jong | 2013-04-12 | 1 | -1/+1 |
| | |||||
* | Include the usermod.py file in the distribution | Arthur de Jong | 2013-04-05 | 1 | -1/+2 |
| | |||||
* | Update the shadowLastChange on password change in pynslcd | Arthur de Jong | 2013-03-30 | 1 | -0/+27 |
| | |||||
* | Implement password modification in pynslcd | Arthur de Jong | 2013-03-30 | 1 | -1/+69 |
| | |||||
* | Handle user modification requests in pynslcd | Arthur de Jong | 2013-03-30 | 2 | -0/+132 |
| | | | | | Similar to the nslcd implementation, this currently only covers modifying the homeDirectory and loginShell attributes. | ||||
* | Rename authentication function and return connection | Arthur de Jong | 2013-03-30 | 1 | -9/+9 |
| | |||||
* | Mark unsupported pynslcd configuration options | Arthur de Jong | 2013-03-30 | 1 | -17/+16 |
| | |||||
* | Detect and handle connection failure and recovery | Arthur de Jong | 2013-03-29 | 2 | -1/+28 |
| | | | | | Logs a connection recovery message and run a nscd cache invalidation if configured. | ||||
* | Start the nscd invalidator process if needed | Arthur de Jong | 2013-03-29 | 1 | -0/+4 |
| | |||||
* | Parse the nscd_invalidate option | Arthur de Jong | 2013-03-29 | 1 | -0/+11 |
| |