projects
/
mirror
/
userdir-ldap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merged from debian branch
[mirror/userdir-ldap.git]
/
ud-generate
diff --git
a/ud-generate
b/ud-generate
index
3a9840b
..
feec2b1
100755
(executable)
--- a/
ud-generate
+++ b/
ud-generate
@@
-37,7
+37,7
@@
BSMTPCheck = re.compile(".*mx 0 (gluck)\.debian\.org\..*",re.DOTALL);
DNSZone = ".debian.net"
def Sanitize(Str):
DNSZone = ".debian.net"
def Sanitize(Str):
- return
string.translate(Str,string.maketrans("\n\r\t","$$$"));
+ return
Str.translate(string.maketrans("\n\r\t","$$$"))
def DoLink(From,To,File):
try: posix.remove(To+File);
def DoLink(From,To,File):
try: posix.remove(To+File);
@@
-88,7
+88,7
@@
def Done(File,F,Fdb):
os.rename(File + ".tdb.tmp",File+".tdb");
# Generate the password list
os.rename(File + ".tdb.tmp",File+".tdb");
# Generate the password list
-def GenPasswd(l,File,HomePrefix):
+def GenPasswd(l,File,HomePrefix
,PwdMarker,UidShift
):
F = None;
try:
F = open(File + ".tdb.tmp","w");
F = None;
try:
F = open(File + ".tdb.tmp","w");
@@
-107,7
+107,8
@@
def GenPasswd(l,File,HomePrefix):
if len(GetAttr(x,"gecos")) > 100 or len(GetAttr(x,"loginShell")) > 50:
continue;
if len(GetAttr(x,"gecos")) > 100 or len(GetAttr(x,"loginShell")) > 50:
continue;
- Line = "%s:x:%s:%s:%s:%s%s:%s" % (GetAttr(x,"uid"),\
+ Line = "%s:%s:%s:%s:%s:%s%s:%s" % (GetAttr(x,"uid"),\
+ PwdMarker,\
GetAttr(x,"uidNumber"),GetAttr(x,"gidNumber"),\
GetAttr(x,"gecos"),HomePrefix,GetAttr(x,"uid"),\
GetAttr(x,"loginShell"));
GetAttr(x,"uidNumber"),GetAttr(x,"gidNumber"),\
GetAttr(x,"gecos"),HomePrefix,GetAttr(x,"uid"),\
GetAttr(x,"loginShell"));
@@
-115,7
+116,7
@@
def GenPasswd(l,File,HomePrefix):
Line = Sanitize(Line) + "\n";
F.write("0%u %s" % (I,Line));
F.write(".%s %s" % (GetAttr(x,"uid"),Line));
Line = Sanitize(Line) + "\n";
F.write("0%u %s" % (I,Line));
F.write(".%s %s" % (GetAttr(x,"uid"),Line));
- F.write("=%s %s" % (
GetAttr(x,"uidNumber"
),Line));
+ F.write("=%s %s" % (
(int(GetAttr(x,"uidNumber"))+UidShift
),Line));
I = I + 1;
# Oops, something unspeakable happened.
I = I + 1;
# Oops, something unspeakable happened.
@@
-150,7
+151,7
@@
def GenShadow(l,File):
# If the account is locked, mark it as such in shadow
# See Debian Bug #308229 for why we set it to 1 instead of 0
# If the account is locked, mark it as such in shadow
# See Debian Bug #308229 for why we set it to 1 instead of 0
- if (
string.find(GetAttr(x,"userPassword"),"*LK*")
!= -1) \
+ if (
GetAttr(x,"userPassword").find("*LK*")
!= -1) \
or GetAttr(x,"userPassword").startswith("!"):
ShadowExpire = '1'
else:
or GetAttr(x,"userPassword").startswith("!"):
ShadowExpire = '1'
else:
@@
-189,7
+190,7
@@
def GenSSHShadow(l,File):
# If the account is locked, do not write it.
# This is a partial stop-gap. The ssh also needs to change this
# to ignore ~/.ssh/authorized* files.
# If the account is locked, do not write it.
# This is a partial stop-gap. The ssh also needs to change this
# to ignore ~/.ssh/authorized* files.
- if (
string.find(GetAttr(x,"userPassword"),"*LK*")
!= -1) \
+ if (
GetAttr(x,"userPassword").find("*LK*")
!= -1) \
or GetAttr(x,"userPassword").startswith("!"):
continue;
or GetAttr(x,"userPassword").startswith("!"):
continue;
@@
-208,7
+209,7
@@
def GenSSHShadow(l,File):
Done(File,F,None);
# Generate the group list
Done(File,F,None);
# Generate the group list
-def GenGroup(l,File):
+def GenGroup(l,File
,UidShift
):
F = None;
try:
F = open(File + ".tdb.tmp","w");
F = None;
try:
F = open(File + ".tdb.tmp","w");
@@
-241,7
+242,10
@@
def GenGroup(l,File):
for x in GroupMap.keys():
if GroupIDMap.has_key(x) == 0:
continue;
for x in GroupMap.keys():
if GroupIDMap.has_key(x) == 0:
continue;
- Line = "%s:x:%u:" % (x,GroupIDMap[x]);
+ NewGid = int(GroupIDMap[x]);
+ if NewGid >= 500:
+ NewGid = NewGid + UidShift
+ Line = "%s:x:%u:" % (x,NewGid)
Comma = '';
for I in GroupMap[x]:
Line = Line + ("%s%s" % (Comma,I));
Comma = '';
for I in GroupMap[x]:
Line = Line + ("%s%s" % (Comma,I));
@@
-249,7
+253,7
@@
def GenGroup(l,File):
Line = Sanitize(Line) + "\n";
F.write("0%u %s" % (J,Line));
F.write(".%s %s" % (x,Line));
Line = Sanitize(Line) + "\n";
F.write("0%u %s" % (J,Line));
F.write(".%s %s" % (x,Line));
- F.write("=%u %s" % (
GroupIDMap[x]
,Line));
+ F.write("=%u %s" % (
NewGid
,Line));
J = J + 1;
# Oops, something unspeakable happened.
J = J + 1;
# Oops, something unspeakable happened.
@@
-374,7
+378,7
@@
def GenPrivate(l,File):
continue;
# If the account is locked, do not write it
continue;
# If the account is locked, do not write it
- if (
string.find(GetAttr(x,"userPassword"),"*LK*")
!= -1) \
+ if (
GetAttr(x,"userPassword").find("*LK*")
!= -1) \
or GetAttr(x,"userPassword").startswith("!"):
continue;
or GetAttr(x,"userPassword").startswith("!"):
continue;
@@
-419,7
+423,7
@@
def GenDisabledAccounts(l,File):
Line = ""
# *LK* is the reference value for a locked account
# password starting with ! is also a locked account
Line = ""
# *LK* is the reference value for a locked account
# password starting with ! is also a locked account
- if
string.find(Pass,
"*LK*") != -1 or Pass.startswith("!"):
+ if
Pass.find(
"*LK*") != -1 or Pass.startswith("!"):
# Format is <login>:<reason>
Line = "%s:%s" % (GetAttr(x,"uid"), "Account is locked")
# Format is <login>:<reason>
Line = "%s:%s" % (GetAttr(x,"uid"), "Account is locked")
@@
-447,7
+451,7
@@
def GenMailDisable(l,File):
Reason = None
# If the account is locked, disable incoming mail
Reason = None
# If the account is locked, disable incoming mail
- if (
string.find(GetAttr(x,"userPassword"),"*LK*")
!= -1):
+ if (
GetAttr(x,"userPassword").find("*LK*")
!= -1):
if GetAttr(x,"uid") == "luther":
continue
else:
if GetAttr(x,"uid") == "luther":
continue
else:
@@
-586,12
+590,12
@@
def GenDNS(l,File,HomePrefix):
try:
F.write("; %s\n"%(EmailAddress(x)));
for z in x[1]["dnsZoneEntry"]:
try:
F.write("; %s\n"%(EmailAddress(x)));
for z in x[1]["dnsZoneEntry"]:
- Split =
string.split(string.lower(z));
- if
string.lower(Split[1]
) == 'in':
+ Split =
z.lower().split()
+ if
Split[1].lower(
) == 'in':
for y in range(0,len(Split)):
if Split[y] == "$":
Split[y] = "\n\t";
for y in range(0,len(Split)):
if Split[y] == "$":
Split[y] = "\n\t";
- Line =
string.join(Split," "
) + "\n";
+ Line =
" ".join(Split
) + "\n";
F.write(Line);
Host = Split[0] + DNSZone;
F.write(Line);
Host = Split[0] + DNSZone;
@@
-599,7
+603,7
@@
def GenDNS(l,File,HomePrefix):
F.write("; Has BSMTP\n");
# Write some identification information
F.write("; Has BSMTP\n");
# Write some identification information
- if
string.lower(Split[2]
) == "a":
+ if
Split[2].lower(
) == "a":
Line = "%s IN TXT \"%s\"\n"%(Split[0],EmailAddress(x));
for y in x[1]["keyFingerPrint"]:
Line = Line + "%s IN TXT \"PGP %s\"\n"%(Split[0],FormatPGPKey(y));
Line = "%s IN TXT \"%s\"\n"%(Split[0],EmailAddress(x));
for y in x[1]["keyFingerPrint"]:
Line = Line + "%s IN TXT \"PGP %s\"\n"%(Split[0],FormatPGPKey(y));
@@
-637,7
+641,7
@@
def GenSSHFP(l,File,HomePrefix):
Host = GetAttr(x,"hostname");
Algorithm = None
for I in x[1]["sshRSAHostKey"]:
Host = GetAttr(x,"hostname");
Algorithm = None
for I in x[1]["sshRSAHostKey"]:
- Split =
string.split(I
)
+ Split =
I.split(
)
if Split[0] == 'ssh-rsa':
Algorithm = 1
if Split[0] == 'ssh-dss':
if Split[0] == 'ssh-rsa':
Algorithm = 1
if Split[0] == 'ssh-dss':
@@
-675,12
+679,12
@@
def GenBSMTP(l,File,HomePrefix):
continue;
try:
for z in x[1]["dnsZoneEntry"]:
continue;
try:
for z in x[1]["dnsZoneEntry"]:
- Split =
string.split(string.lower(z));
- if
string.lower(Split[1]
) == 'in':
+ Split =
z.lower().split()
+ if
Split[1].lower(
) == 'in':
for y in range(0,len(Split)):
if Split[y] == "$":
Split[y] = "\n\t";
for y in range(0,len(Split)):
if Split[y] == "$":
Split[y] = "\n\t";
- Line =
string.join(Split," "
) + "\n";
+ Line =
" ".join(Split
) + "\n";
Host = Split[0] + DNSZone;
if BSMTPCheck.match(Line) != None:
Host = Split[0] + DNSZone;
if BSMTPCheck.match(Line) != None:
@@
-714,7
+718,7
@@
def GenSSHKnown(l,File):
x[1].has_key("sshRSAHostKey") == 0:
continue;
Host = GetAttr(x,"hostname");
x[1].has_key("sshRSAHostKey") == 0:
continue;
Host = GetAttr(x,"hostname");
- SHost =
string.find(Host,".");
+ SHost =
Host.find(".")
for I in x[1]["sshRSAHostKey"]:
if SHost == None:
Line = "%s,%s %s" %(Host,socket.gethostbyname(Host),I);
for I in x[1]["sshRSAHostKey"]:
if SHost == None:
Line = "%s,%s %s" %(Host,socket.gethostbyname(Host),I);
@@
-761,7
+765,7
@@
def GenHosts(l,File):
# Connect to the ldap server
l = ldap.open(LDAPServer);
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
# Connect to the ldap server
l = ldap.open(LDAPServer);
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
-Pass =
string.split(string.strip(F.readline())," ");
+Pass =
F.readline().strip().split(" ")
F.close();
l.simple_bind_s("uid="+Pass[0]+","+BaseDn,Pass[1]);
F.close();
l.simple_bind_s("uid="+Pass[0]+","+BaseDn,Pass[1]);
@@
-819,13
+823,13
@@
while(1):
Line = F.readline();
if Line == "":
break;
Line = F.readline();
if Line == "":
break;
- Line =
string.strip(Line);
+ Line =
Line.strip()
if Line == "":
continue;
if Line[0] == '#':
continue;
if Line == "":
continue;
if Line[0] == '#':
continue;
- Split =
string.split(Line," ");
+ Split =
Line.split(" ")
OutDir = GenerateDir + '/' + Split[0] + '/';
try: os.mkdir(OutDir);
except: pass;
OutDir = GenerateDir + '/' + Split[0] + '/';
try: os.mkdir(OutDir);
except: pass;
@@
-852,9
+856,14
@@
while(1):
DoLink(GlobalDir,OutDir,"disabled-accounts")
sys.stdout.flush();
DoLink(GlobalDir,OutDir,"disabled-accounts")
sys.stdout.flush();
- GenPasswd(l,OutDir+"passwd",Split[1]);
+ UidShift = 0
+ if ExtraList.has_key("[UIDSHIFT]"): UidShift=1000
+ if ExtraList.has_key("[NOPASSWD]"):
+ GenPasswd(l,OutDir+"passwd",Split[1], "*", UidShift);
+ else:
+ GenPasswd(l,OutDir+"passwd",Split[1], "x", UidShift);
sys.stdout.flush();
sys.stdout.flush();
- GenGroup(l,OutDir+"group");
+ GenGroup(l,OutDir+"group"
, UidShift
);
if ExtraList.has_key("[UNTRUSTED]"):
continue;
if not ExtraList.has_key("[NOPASSWD]"):
if ExtraList.has_key("[UNTRUSTED]"):
continue;
if not ExtraList.has_key("[NOPASSWD]"):