- Allowed = None
- CurrentHost = Split[0];
-
- sys.stdout.flush();
- GenPasswd(l,OutDir+"passwd",Split[1]);
- sys.stdout.flush();
- GenGroup(l,OutDir+"group");
- if ExtraList.has_key("[UNTRUSTED]"):
- continue;
- GenShadow(l,OutDir+"shadow");
-
- # Link in global things
- DoLink(GlobalDir,OutDir,"ssh-rsa-shadow");
- DoLink(GlobalDir,OutDir,"markers");
- DoLink(GlobalDir,OutDir,"mail-forward.cdb");
- DoLink(GlobalDir,OutDir,"debianhosts");
- DoLink(GlobalDir,OutDir,"ssh_known_hosts");
- DoLink(GlobalDir,OutDir,"mail-disable");
- DoLink(GlobalDir,OutDir,"mail-greylist");
- DoLink(GlobalDir,OutDir,"mail-callout");
- DoLink(GlobalDir,OutDir,"mail-rbl");
- DoLink(GlobalDir,OutDir,"mail-rhsbl");
- DoLink(GlobalDir,OutDir,"mail-whitelist");
+ Allowed = None
+
+ DoLink(GlobalDir, OutDir, "debianhosts")
+ DoLink(GlobalDir, OutDir, "ssh_known_hosts")
+ DoLink(GlobalDir, OutDir, "disabled-accounts")
+
+ sys.stdout.flush()
+ if 'NOPASSWD' in ExtraList:
+ userlist = GenPasswd(accounts, OutDir + "passwd", HomePrefix, "*")
+ else:
+ userlist = GenPasswd(accounts, OutDir + "passwd", HomePrefix, "x")
+ sys.stdout.flush()
+ grouprevmap = GenGroup(accounts, OutDir + "group")
+ GenShadowSudo(accounts, OutDir + "sudo-passwd", ('UNTRUSTED' in ExtraList) or ('NOPASSWD' in ExtraList))
+
+ # Now we know who we're allowing on the machine, export
+ # the relevant ssh keys
+ GenSSHtarballs(userlist, SSHFiles, grouprevmap, os.path.join(OutDir, 'ssh-keys.tar.gz'))
+
+ if not 'NOPASSWD' in ExtraList:
+ GenShadow(accounts, OutDir + "shadow")
+
+ # Link in global things
+ if not 'NOMARKERS' in ExtraList:
+ DoLink(GlobalDir, OutDir, "markers")
+ DoLink(GlobalDir, OutDir, "mail-forward.cdb")
+ DoLink(GlobalDir, OutDir, "mail-contentinspectionaction.cdb")
+ DoLink(GlobalDir, OutDir, "mail-disable")
+ DoLink(GlobalDir, OutDir, "mail-greylist")
+ DoLink(GlobalDir, OutDir, "mail-callout")
+ DoLink(GlobalDir, OutDir, "mail-rbl")
+ DoLink(GlobalDir, OutDir, "mail-rhsbl")
+ DoLink(GlobalDir, OutDir, "mail-whitelist")
+ DoLink(GlobalDir, OutDir, "all-accounts.json")
+ GenCDB(filter(lambda x: IsInGroup(x), accounts), OutDir + "user-forward.cdb", 'emailForward')
+ GenCDB(filter(lambda x: IsInGroup(x), accounts), OutDir + "batv-tokens.cdb", 'bATVToken')
+ GenCDB(filter(lambda x: IsInGroup(x), accounts), OutDir + "default-mail-options.cdb", 'mailDefaultOptions')