Age | Commit message (Collapse) | Author | Files | Lines |
|
Allow to be more flexible when starting with or without
systemd. At end this change will allows to start within
systemd with socket activation or not and by sending
notification without need of option.
Make setting of the sockets more accurate. The admin and
agent socket are now accessible only to clients of the
expected group, cynagora by default.
Bug-AGL: SPEC-3230
Bug-AGL: SPEC-2968
Change-Id: I3e5c7c00dfa0494628c18ffc016cfc8599a5bf9b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Ibd3601ce97b4bc9e1035642584df0fe7788716db
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Ibdb7454657bcdc0a0874f05e065551de80b9bd4f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: I4f146d792fb646d4d221a80de88aeb6a9372e21e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
This will at the end allow unsynchronized clients
to query the server efficiently.
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The flag DIRECT_CYNARA_COMPAT remove the dependency
of libcynara-compat to libcynagora.
Change-Id: Ib8ded68fc799a7cdb53acd4416b255abdf765311
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
fixup! 9d08a0b
|
|
The command target_link_options only appear in
cmake 3.13
Change-Id: Ie66464244a139531dfa8ca4f239c53f9d2f3afaa
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Rename everything to match the new name of cynagora
Change-Id: I7e529def486ca5721164b338d2c615996fbc6ca4
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The compatibility items of the old cynara
librarie are separated and isolated.
The option WITH_CYNARA_COMPAT activates it or not.
Change-Id: Iba77c97d8df31f5f515b57411487943192451ac6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
In prevision of further developments (like plugins)
the server is splitted in two parts: the server program
itself and the core library.
The client library is also splitted in two parts:
the compatibility part and the real client part.
Change-Id: Iaee93298d52eb825ad9aed5d2b3e74c2975b5950
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Agent are now named and called when the
value returned is prefixed by name+colon.
For example, the agent 'me' receives the requests
'request' and the asked key for the rule:
* * * * me:request forever
Add the always available AGENT-AT implementation.
The AGENT-AT handles the value prefix @: to re-ask
the database with a query derived from the value.
Example: the rule
* * 1001 * @:%c:%s:OWNER:%p forever
if selected for the query key
{client=C, session=S, user=1001, permission=P}
will produce the evaluation of the key
{client=C, session=S, user=OWNER, permission=P}
The values @: are structured as 4 field separated
by colons (:). The sequences %c, %s, %u, %p, %%
and %: are substituted by client, session, user,
permission, % and :, with values coming from the
original request.
Change-Id: I7043845292f13f9c269a71cfabc4715330eaff34
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Iadeba6f0602f7be017244c2602fae2bbe2abf74e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The DB now records sessions. It has expiration
management (currently coarse: ~16s, see db.c)
that is propagated to caches.
Values are now strings. Default values are
"yes" and "no" for allowed or denied permissions.
new program: cynadm
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|