nss-pam-ldapd branch master updated. 0.9.0
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd branch master updated. 0.9.0
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd branch master updated. 0.9.0
- Date: Fri, 5 Apr 2013 16:24:31 +0200 (CEST)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".
The branch, master has been updated
via 187c626daac51ae1d6ce100930e61612650719c8 (commit)
from 2616f43f952259afdf6a1a8da5610f4b9cf1a896 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=187c626daac51ae1d6ce100930e61612650719c8
commit 187c626daac51ae1d6ce100930e61612650719c8
Author: Arthur de Jong <arthur@arthurdejong.org>
Date: Fri Apr 5 16:16:02 2013 +0200
Get files ready for 0.9.0 release
diff --git a/ChangeLog b/ChangeLog
index e69de29..b435fae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -0,0 +1,616 @@
+2013-04-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * ChangeLog, NEWS, TODO, configure.ac, man/getent.ldap.1.xml,
+ man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml,
+ man/pynslcd.8.xml: Get files ready for 0.9.0 release
+
+2013-04-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/Makefile.am: Include the usermod.py file in the
+ distribution
+
+2013-04-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/chsh.ldap.1.xml: Fix docbook validation
+
+2013-04-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: Ignore missing Python in initial test
+
+2013-04-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/nslcd.c: Fix comment
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: Update the shadowLastChange on password change in
+ pynslcd
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: Implement password modification in pynslcd
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * : Implement used modification functionality This adds user
information modification functionality to nslcd and
+ pynslcd and implements a chsh.ldap utility that can be used to
+ change the login shell of a user (similar to the normal chsh
+ command). The user modification functionality should allow for generic
+ modifications of user information. More utility commands to perform
+ modifications remain to be implemented.
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pynslcd.py, pynslcd/usermod.py: Handle user modification
+ requests in pynslcd Similar to the nslcd implementation, this currently
only covers
+ modifying the homeDirectory and loginShell attributes.
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/Makefile.am, nslcd/common.h, nslcd/nslcd.c, nslcd/usermod.c:
+ Handle user modification requests in nslcd This is currently limited to
supporting modification of the
+ homeDirectory and loginShell attributes. Modifications as root
currently use the rootpwmoddn and rootpwmodpw
+ options.
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd.h: Define a NSLCD_ACTION_USERMOD request The modification can
either be requested by root or by the user
+ itself. Modifications by the user should be done by connecting to the
LDAP
+ server with the user-supplied credentials. It is expected that
+ access controls in the LDAP server prevent unwanted modifications.
+ The nslcd process is expected to check whether supplied values are
+ sensible.
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: Rename authentication function and return
+ connection
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: Fix test for absence of Python
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cfg.py: Mark unsupported pynslcd configuration options
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: Preset default configure values consistently
+
+2013-03-30 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: Give an error when the Python interpreter is missing
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: Build command-line utilities by default if Python is
+ available
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * : Implement clearing of nscd cache in pynslcd
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pynslcd.py: Start the nscd invalidator process if needed
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cfg.py: Parse the nscd_invalidate option
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/Makefile.am, pynslcd/nscd.py: Functionality for clearing
+ the nscd cache in pynslcd
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pynslcd.py: Switch to using os.environ instead of
+ os.putenv() The os.putenv() call doesn't update os.environ and Python
+ documentation recommends using os.environ.
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: Rename validate_request to validate
+
+2013-03-29 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: Also perform authentication search using
+ LDAPSearch class
+
+2013-03-28 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test_nsscmds.sh: Make the NSS tests dependant on the
+ configuration of nsswitch.conf
+
+2013-03-28 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test_myldap.c: Do not rely on printf() being able to print
+ NULL strings
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml: Fix manual page generation
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.h: Fix comment for nss_nested_groups config option
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * : Implement support for nested groups
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * README, man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h,
+ nslcd/group.c, pynslcd/cfg.py, pynslcd/group.py: Implement a
+ nss_nested_groups configuration option This option can be used in both
nslcd and pynslcd to enable
+ recursive group member lookups. By default the functionality is
+ disabled. This also updates the documentation.
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/common.py, pynslcd/group.py: Implement support for nested
+ groups in pynslcd
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/group.c: Implement support for nested groups in nslcd This
differs from the code provided by Steve Hill in that it avoids (recursively)
performing parallel LDAP searches by queueing groups
+ and check for extra members per queued group (in the forward lookup)
+ or check for extra parents (for the user to groups lookup). For the
reverse lookup handling the NSLCD_HANDLE macro could no
+ longer be used because extra care should be taken to free the sets
+ before returning and two search phases are needed.
+
+2013-03-20 Steve Hill <steve@opendium.com>
+
+ * AUTHORS, nslcd/group.c: Implement a mkfilter_group_bymemberdn()
+ function This was part of a bigger change to implement nested groups,
however
+ most of the other parts were re-implemented differently. For the
original changes, see:
+ http://lists.arthurdejong.org/nss-pam-ldapd-users/2013/msg00034.html
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test.ldif: Unpack the LDIF file to make diffs clearer
+
+2013-03-24 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.h, nslcd/myldap.c: spelling fixes
+
+2013-03-22 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/service.c: fix service request logging
+
+2013-03-19 Jakub Hrozek <jhrozek@redhat.com>
+
+ * nss/common.h: NSS: Return TRYAGAIN on zero-length buffer One of our
customers was running into a situation where glibc
+ provided a zero buffer, which is a condition that is retriable and
+ the nss module should return NSS_STATUS_TRYAGAIN not
+ NSS_STATUS_UNAVAIL.
+
+2013-03-11 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nss/shadow.c: fix the text representation of shadow information
+ for nscd on Solaris
+
+2013-03-11 Arthur de Jong <arthur@arthurdejong.org>
+
+ * .gitignore, tests/Makefile.am, tests/lookup_shadow.c: implement a
+ lookup_shadow test command for use on systems that don't allow
+ querying shadow via getent
+
+2013-03-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, nslcd/nscd.c: fix a few compiler warnings
+
+2013-03-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: guess the value for --with-pam-seclib-dir if it is
+ not specified
+
+2013-03-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test_pamcmds.sh: small portability fix in test_pamcmds.sh
+
+2013-03-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/service.c: only log protocol name if it is present
+
+2013-03-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/ldap_parse_passwordpolicy_control.c, configure.ac: also
+ support systems without bet_get_enum()
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pynslcd.py: log hex value of action id to make debugging
+ easier
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: ensure consistent naming of DN variables
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/attmap.py, pynslcd/group.py, pynslcd/netgroup.py,
+ pynslcd/pam.py, pynslcd/search.py, pynslcd/service.py,
+ pynslcd/shadow.py: clean up imports and use
+ ldap.filter.escape_filter_chars() directly
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py, pynslcd/pynslcd.py, pynslcd/search.py: move
+ get_connection function to search module as Connection class as
+ subclass of ReconnectLDAPObject to automatically reconnect to the
+ LDAP server
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/Makefile.am, pynslcd/alias.py, pynslcd/common.py,
+ pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py,
+ pynslcd/netgroup.py, pynslcd/network.py, pynslcd/pam.py,
+ pynslcd/passwd.py, pynslcd/protocol.py, pynslcd/rpc.py,
+ pynslcd/search.py, pynslcd/service.py, pynslcd/shadow.py: move
+ Search class to search module
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cfg.py: fix default logging configuration setting in
+ pynslcd
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * common/tio.c: fix the description of the tio_time_remaining()
+ function
+
+2013-03-08 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml: document the nscd_invalidate option
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c, nslcd/nscd.c, nslcd/nslcd.c: start the nscd
+ invalidator and invalidate the nscd cache after reconnecting to the
+ LDAP server after failure
+
+2013-03-08 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, nslcd/cfg.h: implement parsing of the nscd_invalidate
+ option
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac, nslcd/Makefile.am, nslcd/common.h, nslcd/nscd.c,
+ tests/Makefile.am: implement functionality to send a cache
+ invalidation signal to nscd
+
+2013-03-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/common.c, nslcd/common.h, nslcd/nslcd.c: move signame()
+ function to common.c to make it available to all modules
+
+2013-03-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml: document the trimming expressions in the
+ nslcd.conf(5) manual page
+
+2013-03-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/expr.py: support trimming expressions with full shell glob
+ matching in pynslcd
+
+2013-03-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test_expr.c: add tests for trimming expressions
+
+2013-01-04 Arthur de Jong <arthur@arthurdejong.org>
+
+ * common/expr.c: update the trimming expressions code to follow the
+ new coding style
+
+2012-12-03 Thorsten Glaser <t.glaser@tarent.de>
+
+ * AUTHORS, common/expr.c: allow trimming expressions with ${foo#bar}
+ syntax in nslcd
+
+2013-03-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c: return the password
+ policy bind information via PAM
+
+2013-01-04 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/Makefile.am, compat/ldap_compat.h,
+ compat/ldap_passwordpolicy_err2txt.c, configure.ac: provide a basic
+ replacement implementation of ldap_passwordpolicy_err2txt() for
+ systems that don't have it
+
+2013-01-04 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/Makefile.am, compat/ldap_compat.h,
+ compat/ldap_parse_passwordpolicy_control.c, configure.ac: provide a
+ replacement implementation of ldap_parse_passwordpolicy_control()
+ for systems that don't have it
+
+2013-03-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/ldap_compat.h, configure.ac, nslcd/myldap.c: request and
+ parse password policy controls when doing user authentication in
+ nslcd
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: pass the session along to the do_bind() function
+
+2013-03-03 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: add some missing checks to the configure script
+
+2013-03-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/pam.c: log a more meaningful error in nslcd when trying to
+ authenticate as administrator when rootpwmoddn is not set
+
+2013-03-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/common.h, nslcd/pam.c, nslcd/shadow.c: move
+ update_lastchange() function from shadow to pam code
+
+2013-03-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * utils/getent.py: move parsing to command line arguments to main
+ body
+
+2013-02-28 Arthur de Jong <arthur@arthurdejong.org>
+
+ * TODO: update TODO (setnetgrent() returns an error since r1874)
+
+2013-02-27 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml: include information about when some of the
+ options were added
+
+2013-02-27 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nss/common.c: add missing include statement for NULL definition
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/nslcd.c, pynslcd/pynslcd.py: log version information from
+ the NSS module
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nss/common.c, nss/exports.freebsd, nss/exports.glibc,
+ nss/exports.solaris: define and export an _nss_ldap_version symbol
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/ether.py: also search for alternative macAddress
+ representation in pynslcd
+
+2013-02-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/nslcd.c: extra sanity check to ensure not too many file
+ descriptors are open
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd.h: clarify NSLCD_ACTION_SERVICE_* request parameter
+ description
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml, nslcd/cfg.c, tests/test_common.c: allow
+ names with one character in default validnames option and allow
+ parentheses (taken from Fedora packages)
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml: document the log option
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cfg.py, pynslcd/pynslcd.py: handle the log configuration
+ option in pynslcd
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, nslcd/log.c, nslcd/log.h, nslcd/nslcd.c: handle the
+ log configuration option in nslcd
+
+2013-02-23 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/log.c, nslcd/log.h: implement functions for configuring
+ alternative logging
+
+2013-02-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/getent.ldap.1.xml: fix docbook tag for file name
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * Makefile.am: generate ChangeLog with git2cl
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * ChangeLog, ChangeLog-2012: archive 2012 changelog messages into a
+ year file including the change from Subversion
+
+2013-01-28 Arthur de Jong <arthur@arthurdejong.org>
+
+ * .gitignore, man/Makefile.am, man/getent.ldap.1.xml: add
+ getent.ldap(1) manual page
+
+2013-01-28 Arthur de Jong <arthur@arthurdejong.org>
+
+ * utils/Makefile.am, utils/cmdline.py, utils/getent.py,
+ utils/nslcd.py: implement a getent command to query nslcd while
+ bypassing NSS stack
+
+2013-01-26 Arthur de Jong <arthur@arthurdejong.org>
+
+ * .gitignore, Makefile.am, configure.ac, utils/Makefile.am: add an
+ --enable-utils option to configure to build command-line utilities
+
+2013-01-09 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cache.py, pynslcd/common.py: disable pynslcd cache for now
+
+2013-01-27 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd.h, nslcd/common.h, nslcd/netgroup.c, nslcd/nslcd.c,
+ pynslcd/netgroup.py: implement a netgroup_all request
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/nslcd.c: make checking dlsym() result a little safer
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/ldap_passwd_s.c: fix copyright year
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * common/tio.c: restructure timeout calculation in tio to reduce the
+ number of times gettimeofday() is called
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/log.c: use pthreads thread-local storage as fallback
+ mechanism if compiler doesn't provide a keyword for TLS
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac, m4/ax_tls.m4, nslcd/log.c, nss/aliases.c,
+ nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c,
+ nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c,
+ nss/services.c, nss/shadow.c: use the AX_TLS macro to find correct
+ thread-local storage class compiler directive
+
+2013-01-18 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, nslcd/cfg.h: dump full nslcd configuration at debug
+ level on start-up
+
+2013-01-16 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/Makefile.am: fix the way manual pages are generated and
+ distributed
+
+2013-01-14 Arthur de Jong <arthur@arthurdejong.org>
+
+ * man/nslcd.conf.5.xml, nslcd/cfg.c, pynslcd/cfg.py,
+ tests/test_cfg.c: support children search scope for systems that
+ have it
+
+2013-01-14 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/cfg.py: fix parsing of scope option in pynslcd
+
+2013-01-14 Arthur de Jong <arthur@arthurdejong.org>
+
+ * tests/test_tio.c: support systems without ETIME
+
+2013-01-14 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac, tests/lookup_netgroup.c: check whether setnetgrent()
+ returns int or void (for FreeBSD)
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, tests/test_cfg.c: reorganise configuration file
+ parsing code
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: have myldap_get_ranged_values() return a list of
+ values instead of a set
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/cfg.c, nslcd/group.c, nslcd/passwd.c, nslcd/shadow.c: check
+ result of set_tolist() to ensure that memory allocation problems are
+ logged
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: fix memory leak in myldap_get_values_len() when
+ using ranged attributes (very unlikely to occur)
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: fix a problem in memory handling in
+ myldap_get_values_len() if malloc() would fail
+
+2013-01-12 Arthur de Jong <arthur@arthurdejong.org>
+
+ * configure.ac: drop -Wcase-qual when using --enable-warnings
+ because it was causing too much noise
+
+2013-01-10 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: fix typo in comment
+
+2013-01-06 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: request and parse password policy controls when
+ doing user authentication in pynslcd
+
+2013-01-06 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pam/pam.c: do not recheck the user password in first password
+ phase if it was stored in the authentication phase
+
+2013-01-06 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/pam.c: perform search for pam_authz_search on all search
+ bases
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pynslcd/pam.py: some simplifications in the current pynslcd PAM
+ request handling
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c, tests/test_cfg.c: update FIXMEs
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/ether.c: change ethernet address formatting from FIXME to
+ note
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * pam/pam.c: save the old password if either the authentication or
+ the authorisation response is NEW_AUTHTOK_REQD
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c: inline most is_valid_...() functions
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * compat/ldap_initialize.c: remove not needed define
+
+2013-01-05 Arthur de Jong <arthur@arthurdejong.org>
+
+ * common/nslcd-prot.h: log hex values when debugging the protocol
+
+2013-01-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c: log and return a
+ diagnostic message instead of just the LDAP error on password change
+ failure
+
+2013-01-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * nslcd/pam.c: retry updating the lastChange attribute with the
+ normal nslcd LDAP connection if the update with the user's
+ connection failed
+
+2013-01-01 Arthur de Jong <arthur@arthurdejong.org>
+
+ * update pynslcd PAM protocol handling to be in line with r1865
+
diff --git a/NEWS b/NEWS
index 9328064..2c027d4 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,55 @@
+changes from 0.8.13 to 0.9.0
+----------------------------
+
+* backwards incompatible change to the communications protocol between nslcd
+ and NSS and PAM modules to use network byte order to be able to work on
+ mixed endian multiarch systems
+* netgroup lookups now makes a distinction between empty netgroups and
+ non-existing netgroups
+* the PAM protocol is now more consistent (cleaner support for password
+ modification by root, have all request parameters in the same order and
+ limit the information returned from the call)
+* request and handle password policy controls on LDAP authentication
+* implement support for nested groups which can be enabled with the
+ nss_nested_groups option (thanks Steve Hill)
+* add a log option to configure log level and logging to plain files
+* add an nscd_invalidate option to invalidate the nscd cache after recovering
+ from LDAP connection problems (to clear any negative cache entries)
+* allow trimming expressions with ${foo#bar} syntax in attribute mapping
+ expressions (thanks Thorsten Glaser)
+* pynslcd supports trimming expressions with full shell glob matching
+* support password modification in pynslcd
+* support children search scope for systems that have it
+* add a getent.ldap utility to perform nslcd queries bypassing the libc NSS
+ stack
+* implement functionality for changing user information and provide a
+ chsh.ldap utility to allow users to change their login shell
+* remove deprecated use_sasl, reconnect_tries, reconnect_maxsleeptime and
+ tls_checkpeer options which have been replaced long ago
+* allow names with one character in default validnames option and allow
+ parentheses (taken from Fedora packages)
+* fall back to updating the lastChange attribute with the normal LDAP
+ connection
+* dump full nslcd configuration at debug level on start-up
+* export an _nss_ldap_version symbol in the NSS module to make finding version
+ mismatches easier (the NSS module version is logged from nslcd)
+* documentation improvements
+* update the coding style for the C source code to follow a more modern and
+ commonly used coding convention
+* some parts of the code were refactored or rewritten to take into account the
+ changes within the software (e.g. configuration file handling, reduction in
+ the number of system calls for normal communication)
+* numerous smaller fixes
+* portability and robustness improvements to the tests
+* implement lookup_netgroup and lookup_shadow test commands for systems that
+ cannot use getent to query these
+* guess the value for --with-pam-seclib-dir configure option if it is not
+ specified
+* temporary disable the caching functionality of pynslcd
+* usability improvements in the pynslcd implementation
+* various fixes for Solaris
+
+
changes from 0.8.11 to 0.8.12
-----------------------------
diff --git a/TODO b/TODO
index 6265117..b7984d6 100644
--- a/TODO
+++ b/TODO
@@ -12,15 +12,9 @@
* make it possible to start nslcd real early in the boot process and have
it become available when it determines it can (other timeout/retry mechanism
on startup)
-* implement requesting and handling password policy information when binding
- as a user (see pam_ldap)
-* implement nested groups
* implement other services in nslcd: sudo and autofs are candidates
* complete pynslcd implementation
-* implement chsh and chfn in nslcd PAM code and make chsh.ldap and chfn.ldap
- binaries
-* have nslcd flush the nscd caches when reconnecting to the LDAP server after
- an error
+* implement chfn functionality in nslcd and make chfn.ldap binary
* add a max uid option for PAM module
* support changing Samba password attributes on password change
* while running NSS tests, check if nscd isn't running
diff --git a/configure.ac b/configure.ac
index ab4134c..0260d57 100644
--- a/configure.ac
+++ b/configure.ac
@@ -33,10 +33,10 @@ configure.ac file for more details.])
# initialize and set version and bugreport address
AC_INIT([nss-pam-ldapd],
- [0.8.12],
+ [0.9.0],
[nss-pam-ldapd-users@lists.arthurdejong.org],,
[http://arthurdejong.org/nss-pam-ldapd/])
-RELEASE_MONTH="Nov 2012"
+RELEASE_MONTH="Apr 2013"
AC_SUBST(RELEASE_MONTH)
AC_CONFIG_SRCDIR([nslcd.h])
diff --git a/man/getent.ldap.1.xml b/man/getent.ldap.1.xml
index 0e3da30..9680eea 100644
--- a/man/getent.ldap.1.xml
+++ b/man/getent.ldap.1.xml
@@ -35,9 +35,9 @@
<refmeta>
<refentrytitle>getent.ldap</refentrytitle>
<manvolnum>1</manvolnum>
- <refmiscinfo class="version">Version 0.8.11</refmiscinfo>
+ <refmiscinfo class="version">Version 0.9.0</refmiscinfo>
<refmiscinfo class="manual">User Commands</refmiscinfo>
- <refmiscinfo class="date">Oct 2012</refmiscinfo>
+ <refmiscinfo class="date">Apr 2013</refmiscinfo>
</refmeta>
<refnamediv id="name">
diff --git a/man/nslcd.8.xml b/man/nslcd.8.xml
index 873f6a5..da8d9f1 100644
--- a/man/nslcd.8.xml
+++ b/man/nslcd.8.xml
@@ -6,7 +6,7 @@
nslcd.8.xml - docbook manual page for nslcd
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -36,9 +36,9 @@
<refmeta>
<refentrytitle>nslcd</refentrytitle>
<manvolnum>8</manvolnum>
- <refmiscinfo class="version">Version 0.8.12</refmiscinfo>
+ <refmiscinfo class="version">Version 0.9.0</refmiscinfo>
<refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
- <refmiscinfo class="date">Nov 2012</refmiscinfo>
+ <refmiscinfo class="date">Apr 2013</refmiscinfo>
</refmeta>
<refnamediv id="name">
diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml
index 5e65aa7..87d21f8 100644
--- a/man/nslcd.conf.5.xml
+++ b/man/nslcd.conf.5.xml
@@ -36,9 +36,9 @@
<refmeta>
<refentrytitle>nslcd.conf</refentrytitle>
<manvolnum>5</manvolnum>
- <refmiscinfo class="version">Version 0.8.12</refmiscinfo>
+ <refmiscinfo class="version">Version 0.9.0</refmiscinfo>
<refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
- <refmiscinfo class="date">Nov 2012</refmiscinfo>
+ <refmiscinfo class="date">Apr 2013</refmiscinfo>
</refmeta>
<refnamediv id="name">
diff --git a/man/pam_ldap.8.xml b/man/pam_ldap.8.xml
index dc35cc3..1ed82e4 100644
--- a/man/pam_ldap.8.xml
+++ b/man/pam_ldap.8.xml
@@ -5,7 +5,7 @@
<!--
pam_ldap.8.xml - docbook manual page for pam_ldap PAM module
- Copyright (C) 2009, 2010, 2011, 2012 Arthur de Jong
+ Copyright (C) 2009, 2010, 2011, 2012, 2013 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -35,9 +35,9 @@
<refmeta>
<refentrytitle>pam_ldap</refentrytitle>
<manvolnum>8</manvolnum>
- <refmiscinfo class="version">Version 0.8.12</refmiscinfo>
+ <refmiscinfo class="version">Version 0.9.0</refmiscinfo>
<refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
- <refmiscinfo class="date">Nov 2012</refmiscinfo>
+ <refmiscinfo class="date">Apr 2013</refmiscinfo>
</refmeta>
<refnamediv id="name">
diff --git a/man/pynslcd.8.xml b/man/pynslcd.8.xml
index efafaca..a146ecd 100644
--- a/man/pynslcd.8.xml
+++ b/man/pynslcd.8.xml
@@ -5,7 +5,7 @@
<!--
pynslcd.8.xml - docbook manual page for pynslcd
- Copyright (C) 2012 Arthur de Jong
+ Copyright (C) 2012, 2013 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -35,9 +35,9 @@
<refmeta>
<refentrytitle>pynslcd</refentrytitle>
<manvolnum>8</manvolnum>
- <refmiscinfo class="version">Version 0.8.12</refmiscinfo>
+ <refmiscinfo class="version">Version 0.9.0</refmiscinfo>
<refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
- <refmiscinfo class="date">Nov 2012</refmiscinfo>
+ <refmiscinfo class="date">Apr 2013</refmiscinfo>
</refmeta>
<refnamediv id="name">
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 616 +++++++++++++++++++++++++++++++++++++++++++++++++
NEWS | 52 ++++
TODO | 8 +-
configure.ac | 4 +-
man/getent.ldap.1.xml | 4 +-
man/nslcd.8.xml | 6 +-
man/nslcd.conf.5.xml | 4 +-
man/pam_ldap.8.xml | 6 +-
man/pynslcd.8.xml | 6 +-
9 files changed, 684 insertions(+), 22 deletions(-)
hooks/post-receive
--
nss-pam-ldapd
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/
- nss-pam-ldapd branch master updated. 0.9.0,
Commits of the nss-pam-ldapd project
