1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347
|
2004-01-11 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/ld.c: Fix FreeBSD SIGABRT due to wrong ldap_msgfree
* src/plugins/ldap/commandline.c: Make sure Shadow variables are
respected, first as environment variables and then by the
configuration file. If the operation is a usermod, and a lock or an
unlock is requested, also use these values.
2004-01-10 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/user.c: Patch from John Dalbec
* src/plugins/ldap/commandline.c: Issue warning if old configuration
variables are found in config file
2003-12-31 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/ld.c: Added the ability to override the
configuration file MIN/MAX_UID/GIDNUMBER by setting the
environmental options.
2003-12-30 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/user.c: Fix SIGSEGV in ldapUserCheck
* doc/man/cpu-ldap.8: Fixed documentation
* doc/man/cpu{-ldap.8,.conf.5}: Added -X option documentation
* src/plugins/ldap/commandline.c: Added -X support
* configure.ac: Rewrote configure
* src/plugins/ldap/*: Fixed bug that wouldn't allow users to be added
as a memberUid
* src/util/cgetpwent.c: Fixed bug that wasn't allowing -F option to
work properly.
* src/plugins/ldap/user.c: Fixed SIGSEGV due to == instead of =
2003-10-22 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/*: Changes to fix Solaris issues
* src/util/*: Changes to fix solaris issues
2003-10-12 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/ldap_errors.c: More error entries
* src/plugins/ldap/ldap/ld.c: Changed searches for new gid and new uid
to be asynchronous. The speed increase was about 200%. The speed
increase between 1.4.1 and 1.4.2 is about 780%.
2003-10-11 Blake Matheny <bmatheny@purdue.edu>
* src/main/cpu.c: Change error message, change status codes from 1 to
EXIT_FAILRE and from 0 to EXIT_SUCCESS
* src/plugins/ldap/ld.c: Change ldap_open() to ldap_init() so we don't
die giving odd error messages when a connection cannot be opened
* src/plugins/ldap/ldap_errors.c: New error reporting function gives
users useful feedback on both the problem and possible solutions.
* src/plugins/ldap/*: change ldap_perror to CPU_ldapPerror
2003-09-26 Blake Matheny <bmatheny@purdue.edu>
* src/util/hash.c, src/include/util/util.h: Implemented CPU_getpass
which replicates the functionality of getpass but doesn't use a
static buffer
* src/plugins/ldap/commandline.c: Use CPU_getpass instead of getpass
2003-09-24 Blake Matheny <bmatheny@purdue.edu>
* src/util/bitvector.c, src/include/util/bitvector.h: Bitvector routines
written by Mike Swieton added.
* src/plugins/ldap/ld.c: If RANDOM is set to false in cpu.conf, we grab
all UIDS/GIDS from the ldap directory. We then create a bitvector of
size MAX_ID - MIN_ID and for every ID < MAX and > MIN we set the bit.
We then run through the bitvector and find the first unuset bit, i,
and know that id i + min_id is unused. This represents up to a 500%
increase in speed for populated directories. If random is true, a
random unused id is found. This is generally just a bit faster then
linear id's, but then id's are random :-)
2003-09-19 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/*.c: If -g is not set for a useradd, there are two new
configuration file variables that control the behavior of cpu. See
cpu.conf.doc for information. The new behavior models the debian behavior:
if USERGROUPS is set to yes, a new group is added which becomes the users
primary group. If no, the users primary group is USERS_GID
* src/include/plugins/ldap/ldap.h: The above changed required a change to
the buildDn function in src/plugins/ldap/commandline.c
2003-09-18 Blake Matheny <bmatheny@purdue.edu>
* src/plguins/ldap/{ld,user}.c: Make sure we don't add or modify users whose
supplementary groups (or supplied primary groups) do not exist
* src/plugins/ldap/*: Completely changed the way that user operations work
with respect to groups. When a user is deleted they are now removed from
any secondary groups they were in. When a users secondary groups are
modified they are removed from old secondary groups and added to new
secondary groups. When a users primary group is changed they are no longer
added to that group via a memberUid. This is the exact behavior of the
shadow utils.
* src/plugins/ldap/*: When a group is deleted we check to make sure it is no
users primary group, and disallow if it is. This matches the behavior of
groupdel from the shadow utils. We do not do this for a groupmod, but this
is the behavior (possibly _wrong_ behavior) of groupmod from the
shadowutils.
* src/plugins/ldap*,src/util/*: Fixed some gcc 3.3 compiler warnings
2003-09-17 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/{group,user}.c: Fixed problem with ldif file having
multiple attributes
* Added ability to violate POSIX naming conventions (for use with samba),
user must specify -o switch to enable
2003-09-16 Blake Matheny <bmatheny@purdue.edu>
* doc/Makefile.am: Do not overwrite cpu.conf if it exists
* src/plugins/ldap/*: Make sure GROUP_CN_STRING and USER_CN_STRING are
respected
* Fixed segfault due to improper argument for groupmod
2003-09-06 Blake Matheny <bmatheny@purdue.edu>
* configure.ac: Fixed several things that caused compilation problems on
other platforms
* src/include/plugins/ldap/ldap.h: Be sure to include lber.h before ldap.h
* src/plugins/ldap/commandline.c: Now uses USER_CN_STRING and
GROUP_CN_STRING
* Version 1.4.0a released
2003-09-05 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/commandline.c: Account {Un}Locking, specify with -2 the
version of LDAP to use. Defaults to LDAPv3
* src/plugins/ldap/user.c: Account {Un}Locking
* src/plugins/ldap/ld.c: LDAP Version
* doc/man/cpu-ldap.8: Update man page to reflect new changes
* configure.ac: No longer require explicit --with-ldap
* Version 1.4.0 released
2003-05-17 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/commandline.c (parseCommand, initGlobals,
populateGlobals, printHelp): Changed userbase to -b and lastname to -E
so that we can use -L and -U for lock and unlock, respectivly
* src/plugins/ldap/user.c (ldapUserCheck): fixed bug that would have caused
segfault 'strlen(NULL)' and started adding code for lock/unlock
2003-04-24 Jeff Clark <jeff@tmtrading.com>
* src/include/plugins/ldap/ldap.h: TLS Support
* src/plugins/ldap/commandline.c: TLS Support
* src/plugins/ldap/ld.c: TLS Support
* src/include/plugins/passwd/passwd.h: remove duplicate typedef
2003-04-29 Blake Matheny <bmatheny@purdue.edu>
* src/plugins/ldap/commandline.c (parseCommand): Make sure POSIX group and
user names are supported
2003-03-24 Blake Matheny <bmatheny@purdue.edu>
* src/util/hash.c: Make sure getHashType returns H_UNKNOWN when
appropriate
* src/include/conf.h: Get rid of some warnings
* src/include/util/hash.h: Add H_UNKNOWN to enum
* src/plugins/ldap/commandline.c: Support for unknown hash types with
clear text passwords. If you now specify with ldap -H \{SOMEPREFIX\}
and -pSomePassword, userPassword will be {SOMEPREFIX}SomePassword
2003-03-09 Blake Matheny <bmatheny@purdue.edu>
* src/util/parser.c: Added a generic parser to util so that people who
need to add attributes not handled by CPU can do so
* src/plugins/ldap: Added support for LDAP plugin to take advantage of
parser
* doc/man/cpu-ldap.8: Modified man page to reflect new -a option which
allows you to specify the file with additional attributes
* src/plugins/ldap/ld.c: Users can now specify the group name instead
of the group id when adding users. CPU will search the LDAP
directory for that group and if found set the users gidNumber to
the gidNumber of the said group
2003-02-16 Blake Matheny <bmatheny@purdue.edu>
* src/util/hash.c (genPass): Added a random password generator
* src/plugins/ldap/commandline.c (parseCommand): Option for random
passwords
* src/plugins/ldap: Finished all group and user functionality
* src/util/fileaction.c: Finished all file functionality (copying,
removing, etc)
* doc/cpu.conf.doc: Documented some of the config file options
* src/plugins/ldap: Can now take passwords and user attributes from
regular unix style password and shadow files
* src/util/hash.c (getHash): Added cracklib functionality
* src/plugins/passwd: Started writing flat file passwd support
* src/util/cgetpwent.c (cgetpwent): Chop off new lines
2003-02-09 Blake Matheny <bmatheny@purdue.edu>
* Rewrote entire thing from scratch. See TODO for what is different
* Version 1.3.99 Released
2002-03-23 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.13 released
* Added -j option to groupadd/del to add or delete a user from an
existing group. (JC)
* Fixed some skel_dir discrepencies
* Fixed source to respect sysconfdir
* Fixed ldap_user_mod() for when base is not defined at command line
* New default_gid option in config file, an integer to be used by
default if not specified at command line
* Updated configure for -with-ldap=<dir> for specifying the base
location of ldap files
* Added cat function, displays rfc2307 users in an /etc/passwd style
format
* Fixes from JC and Me, check the cvs logs
* Changed behaviour of home_directory and the -d command line switch,
check man pages. -d now explicitly sets the users home directory, if
-d is not set, the users home directory is home_directory/username
* cpu now checks to make sure that no users (memberUid) exist in a group
before it is deleted. You must specify -y at the command line to
answer this question non-interactivly.
* group_base_dn changed to group_base in config file
* Debian packages available from
http://www.ecology.uni-kiel.de/~karsten/debian/cpu.html
* user_base_dn changed to user_base in config file
2002-03-10 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.12 released
* Fixed bug in do_ldap_init() (JC)
* Added get_next_uidnum() function to get the next available uidnumber
out of the ldap server. Default range is min_uidnumber to
max_uidnumber in config file. Default range is 1000-6000 (JC)
* get_next_uidnum() is allowed id_max_passes (in config file) to find
a new uid, otherwise fails. Default is 500 (JC)
* Updates to config file and man pages (JC)
* Changes to JC's code
* Added get_next_gidnum() function to get the next available gidnumber
out of the ldap server. Default range is min_gidnumber to
max_gidnumber in config file. Default range is 1000-6000
* get_next_gidnum() is allowed id_max_passes in config file to find a
new gid, otherwise fails. Default is 500.
* Added ability to use syslog for a logging faciltiy. LOG_USER is the
facility used, and LOG_INFO is the level used. Specify with syslog::y
in the config file.
2002-02-15 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.11 released
* added groupadd, groupdel, groupmod functions to cpu
* Changed object_class config file option to user_object_class
* Added group_object_class to config file
* Changed ldopts.object_class to ldopts.user_object_class
* Added ldopts.group_object_class
* Changed some exit()s at errors to returns so that the process
successfully unbinds from the ldap server before exiting.
* Added group_base_dn to config file
* Added -l option to change dn of user
* Added -n option to change dn of group
2002-02-10 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.10 released
* Added recursive functionality for adding and deleting files in home
directories. Now will span multiple levels in a file system directory
tree for deleting or making a users home directory
* Fixes to allow for FreeBSD compilation. Yes, FreeBSD now works
* Code clean up
* Removed def_file_perm from config file. File permissions are now just
taken from a stat() of the file
* Other fixes and improvements
2002-02-06 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.9 released
* Added -b command line switch to specify base to add user to
* Added -F and -L switches for specifying first (givenname) and last
(sn) names. These names are combined to create a cn (common name)
* Added -M switch for mail address
* The following attributes now are also added: mail, cn, description,
roomnumber, givenname, sn. These should be the last of the schema
additions.
* Added usermod for mail(-M), sn(-L), and givenname(-F) attributes
* Cleaned up ldap_add() code
* Fixed build bug
* Made change to man pages to reflect changes to command line switches
2002-02-05 Blake Matheny <bmatheny@purdue.edu>
* Lots of code clean up
* Unreleased, broken
2002-02-04 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.7 released
* Added SSHA and SMD5 hashes
* Added -H for command line usage to specify hash
* Made hashes in config file and at command line case insensitive
* Man pages for cpu(8) and cpu.cfg(5)
* Implemented seperate salt generation for crypt since aparently some
crypt() functions do not allow $1$ to be at the start of the salt
2002-02-03 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.6 released
* Added usermod function. You now have the ability to modify a users
password, uidnumber (not 0 though), gidnumber, gecos entry, and login
shell.
* Fixed spelling problem. gcos in all old config files is now gecos.
Please update.
* Added homePhone attribute as config file option, since it is required
by posixAccount
* Added shadowMin as config file option, since it is allowed by
shadowAccount
* Added shadowInactive as config file option, since it is allowd by
shadowAccount
* Rebuilt build system and restructured directories
* Changed configure.in to also check for the resolv lib, since on some
systems the ldap and lber will not compile binaries without it
* Fixed a small gecos logic bug
2002-01-24 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.5 released
* Added platform independant version of getopt() to fix command line
parsing on WACK operating systems with funny libc's (cough, solaris)
* If gecos comment is not specified with -c, we take it from file
specified by password_file in config file. If -c is not given and
password_file is undefined we use def_gcos from config file.
Otherwise we default to "LDAP User"
* Added shadow_file to configuration file. This allows you to take only
the hashed password from this file when using the -S option. You can
still get entries from password_file at the same time, allowing you
to very easily migrate existing users (including passwords) to an
LDAP directory
2002-01-23 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.2 released
* Added -S option, to allow people to take the shadow entry from an
existing password file as specified by password_file in the
configuration file
2002-01-21 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3.1 released
* Added platform independant version of strsep to support platforms
such as solaris
* Removed scandir() and implemented opendir/closedir/etc to support
platforms such as solaris
* Implemented file system calls as open/close/read/write to support
binary files
* Several changes to makefile.in and configure.in to allow for proper
OS defines
2002-01-05 Blake Matheny <bmatheny@purdue.edu>
* Version 1.3. released
* Added MD5 as optional password hash
* Added SHA1 as optional password hash
* Permissions were not being properly added to files (fixed)
* Permissions were not being properly added to dirs (fixed)
* Fixed chown() problem
* Updated Makefile/configure
2001-12-13 Blake Matheny <bmatheny@purdue.edu>
* Version 1.2.1 released
* Bug fixed with uid/gid of entry being added
* Don't require libbconf anymore, now included with CPU
2001-12-04 Blake Matheny <bmatheny@purdue.edu>
* Version 1.2 released
* Now home directories are created and files copied from skel_dir,
only ascii files though
2001-11-28 Blake Matheny <bmatheny@purdue.edu>
* Version 1.1 released
* Rewritten in C
2001-11-02 Blake Matheny <bmatheny@purdue.edu>
* Version 1.0 released
* Initial Release
|