+# Generate the sudo passwd file
+def GenSSHGitolite(accounts, hosts, File, sshcommand=None, current_host=None):
+ F = None
+ if sshcommand is None:
+ sshcommand = GitoliteSSHCommand
+ try:
+ OldMask = os.umask(0022)
+ F = open(File + ".tmp", "w", 0600)
+ os.umask(OldMask)
+
+ if not GitoliteSSHRestrictions is None and GitoliteSSHRestrictions != "":
+ for a in accounts:
+ if 'sshRSAAuthKey' not in a: continue
+
+ User = a['uid']
+ prefix = GitoliteSSHRestrictions
+ prefix = prefix.replace('@@COMMAND@@', sshcommand)
+ prefix = prefix.replace('@@USER@@', User)
+ for I in a["sshRSAAuthKey"]:
+ if I.startswith("allowed_hosts=") and ' ' in line:
+ if current_host is None:
+ continue
+ machines, I = I.split('=', 1)[1].split(' ', 1)
+ if current_host not in machines.split(','):
+ continue # skip this key
+
+ if I.startswith('ssh-'):
+ line = "%s %s"%(prefix, I)
+ else:
+ continue # do not allow keys with other restrictions that might conflict
+ line = Sanitize(line) + "\n"
+ F.write(line)
+
+ for dn, attrs in hosts:
+ if 'sshRSAHostKey' not in attrs: continue
+ hostname = "host-" + attrs['hostname'][0]
+ prefix = GitoliteSSHRestrictions
+ prefix = prefix.replace('@@COMMAND@@', sshcommand)
+ prefix = prefix.replace('@@USER@@', hostname)
+ for I in attrs["sshRSAHostKey"]:
+ line = "%s %s"%(prefix, I)
+ line = Sanitize(line) + "\n"
+ F.write(line)
+
+ # Oops, something unspeakable happened.
+ except:
+ Die(File, F, None)
+ raise
+ Done(File, F, None)
+