#!/usr/bin/env python
# -*- mode: python -*-
+# Copyright (c) 1999-2000 Jason Gunthorpe <jgg@debian.org>
+# Copyright (c) 2001-2003 James Troup <troup@debian.org>
+# Copyright (c) 2004 Joey Schulze <joey@infodrom.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
import string, re, time, ldap, getopt, sys, os, pwd;
from userdir_ldap import *;
from userdir_gpg import *;
elif (switch == '-a'):
userdir_gpg.GPGKeyRings = OldGPGKeyRings;
-print "Accessing LDAP directory as '" + AdminUser + "'";
-while (1):
- Password = getpass(AdminUser + "'s password: ");
-
- if len(Password) == 0:
- sys.exit(0)
-
- l = ldap.open(LDAPServer);
- UserDn = "uid=" + AdminUser + "," + BaseDn;
-
- # Connect to the ldap server
- try:
- l.simple_bind_s(UserDn,Password);
- except ldap.INVALID_CREDENTIALS:
- continue
- break
+l = passwdAccessLDAP(LDAPServer, BaseDn, AdminUser)
# Locate the key of the user we are adding
SetKeyrings(["/org/keyring.debian.org/keyrings/debian-keyring.gpg"])
Keys = GPGKeySearch(Foo);
if len(Keys) == 0:
- print "Sorry, that search did not turn up any keys";
+ print "Sorry, that search did not turn up any keys."
+ print "Has it been added to the Debian keyring already?"
continue;
if len(Keys) > 1:
print "Sorry, more than one key was found, please specify the key to use by\nfingerprint:";
# Decide if we should use IDEA encryption
UsePGP2 = 0;
while len(Keys[0][1]) < 40:
- Res = raw_input("Use PGP2.x compatibility [no]? ");
+ Res = raw_input("Use PGP2.x compatibility [No/yes]? ");
if Res == "yes":
UsePGP2 = 1;
break;
if Res == "":
break;
+Update = 0
Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + Keys[0][1]);
if len(Attrs) != 0:
print "*** This key already belongs to",GetAttr(Attrs[0],"uid");
account = GetAttr(Attrs[0],"uid");
+ Update = 1
# Try to get a uniq account name
-Update=0
while 1:
- Res = raw_input("Login account [" + account + "]? ");
- if Res != "":
- account = Res;
+ if Update == 0:
+ Res = raw_input("Login account [" + account + "]? ");
+ if Res != "":
+ account = Res;
Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid=" + account);
if len(Attrs) == 0:
privsub = "%s@debian.org"%(account);
if privsub == None or privsub == "":
privsub = " ";
break;
+ else:
+ sys.exit(1)
# Prompt for the first/last name and email address
Res = raw_input("First name [" + cn + "]? ");
# GID
Res = raw_input("Group ID Number [" + gidNumber + "]? ");
if Res != "":
- gidNumber = Res;
+ gidNumber = Group2GID(Res);
# UID
if uidNumber == 0:
("shadowMin","0"),
("shadowMax","99999"),
("shadowWarning","7"),
- ("privateSub",privsub),
("userPassword","{crypt}"+Pass)];
if mn:
Details.append(("mn",mn));
+ if privsub != " ":
+ Details.append(("privateSub",privsub))
l.add_s(Dn,Details);
else:
# Modification