BSMTPCheck = re.compile(".*mx 0 (master)\.debian\.org\..*",re.DOTALL)
PurposeHostField = re.compile(r".*\[\[([\*\-]?[a-z0-9.\-]*)(?:\|.*)?\]\]")
IsV6Addr = re.compile("^[a-fA-F0-9:]+$")
-IsDebianHost = re.compile("[a-zA-Z0-9\.]+\.debian\.org$")
+IsDebianHost = re.compile(ConfModule.dns_hostmatch)
DNSZone = ".debian.net"
Keyrings = ConfModule.sync_keyrings.split(":")
GroupMap = {}
for x in GroupIDMap.keys():
GroupMap[x] = []
+ GroupHasPrimaryMembers = {}
# Fetch all the users
global PasswdAttrs
# Sort them into a list of groups having a set of users
for x in PasswdAttrs:
uid = GetAttr(x, "uid")
+ if 'gidNumber' in x[1]:
+ GroupHasPrimaryMembers[ int(x[1]["gidNumber"][0]) ] = True
if x[1].has_key("uidNumber") == 0 or not IsInGroup(x):
continue
if x[1].has_key("supplementaryGid") == 0:
# Output the group file.
J = 0
for x in GroupMap.keys():
- grouprevmap[GroupIDMap[x]] = x
if GroupIDMap.has_key(x) == 0:
continue
+
+ if len(GroupMap[x]) == 0 and GroupIDMap[x] not in GroupHasPrimaryMembers:
+ continue
+
+ grouprevmap[GroupIDMap[x]] = x
+
Line = "%s:x:%u:" % (x, GroupIDMap[x])
Comma = ''
for I in GroupMap[x]:
return grouprevmap
def CheckForward():
- global DebianUsers
- for x in DebianUsers:
+ global PasswdAttrs
+ for x in PasswdAttrs:
if x[1].has_key("emailForward") == 0:
continue
os.umask(OldMask)
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
# Write out the email address for each user
- for x in DebianUsers:
+ for x in PasswdAttrs:
if x[1].has_key("emailForward") == 0:
continue
raise
Done(File, F, None)
-def GenCDB(File, Key):
+def GenCDB(File, Users, Key):
Fdb = None
try:
OldMask = os.umask(0022)
Fdb = os.popen("cdbmake %s %s.tmp"%(File, File), "w")
os.umask(OldMask)
- # Fetch all the users
- global DebianUsers
-
# Write out the email address for each user
- for x in DebianUsers:
+ for x in Users:
if not Key in x[1]:
continue
Value = GetAttr(x, Key)
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
# Write out the position for each user
- for x in DebianUsers:
+ for x in PasswdAttrs:
if x[1].has_key("latitude") == 0 or x[1].has_key("longitude") == 0:
continue
try:
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global DebianDDUsers
# Write out the position for each user
- for x in DebianUsers:
+ for x in DebianDDUsers:
if x[1].has_key("privateSub") == 0:
continue
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
- for x in DebianUsers:
+ for x in PasswdAttrs:
Reason = None
if x[1].has_key("mailDisableMessage"):
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
- for x in DebianUsers:
+ for x in PasswdAttrs:
Reason = None
if x[1].has_key(Key) == 0:
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
- for x in DebianUsers:
+ for x in PasswdAttrs:
Reason = None
if x[1].has_key(Key) == 0:
def ExtractDNSInfo(x):
- DNSInfo = []
+ TTLprefix="\t"
+ if 'dnsTTL' in x[1]:
+ TTLprefix="%s\t"%(x[1]["dnsTTL"][0])
+ DNSInfo = []
if x[1].has_key("ipHostNumber"):
for I in x[1]["ipHostNumber"]:
if IsV6Addr.match(I) != None:
- DNSInfo.append("IN\tAAAA\t%s" % (I))
+ DNSInfo.append("%sIN\tAAAA\t%s" % (TTLprefix, I))
else:
- DNSInfo.append("IN\tA\t%s" % (I))
+ DNSInfo.append("%sIN\tA\t%s" % (TTLprefix, I))
- Host = GetAttr(x, "hostname")
- Arch = GetAttr(x, "architecture")
Algorithm = None
- for I in x[1]["sshRSAHostKey"]:
- Split = I.split()
- if Split[0] == 'ssh-rsa':
- Algorithm = 1
- if Split[0] == 'ssh-dss':
- Algorithm = 2
- if Algorithm == None:
- continue
- Fingerprint = sha.new(base64.decodestring(Split[1])).hexdigest()
- DNSInfo.append("IN\tSSHFP\t%u 1 %s" % (Algorithm, Fingerprint))
+ if 'sshRSAHostKey' in x[1]:
+ for I in x[1]["sshRSAHostKey"]:
+ Split = I.split()
+ if Split[0] == 'ssh-rsa':
+ Algorithm = 1
+ if Split[0] == 'ssh-dss':
+ Algorithm = 2
+ if Algorithm == None:
+ continue
+ Fingerprint = sha.new(base64.decodestring(Split[1])).hexdigest()
+ DNSInfo.append("%sIN\tSSHFP\t%u 1 %s" % (TTLprefix, Algorithm, Fingerprint))
- Mach = ""
- if x[1].has_key("machine"):
- Mach = " " + GetAttr(x, "machine")
- DNSInfo.append("IN\tHINFO\t\"%s%s\" \"%s\"" % (Arch, Mach, "Debian GNU/Linux"))
+ if 'architecture' in x[1]:
+ Arch = GetAttr(x, "architecture")
+ Mach = ""
+ if x[1].has_key("machine"):
+ Mach = " " + GetAttr(x, "machine")
+ DNSInfo.append("%sIN\tHINFO\t\"%s%s\" \"%s\"" % (TTLprefix, Arch, Mach, "Debian GNU/Linux"))
if x[1].has_key("mXRecord"):
for I in x[1]["mXRecord"]:
- DNSInfo.append("IN\tMX\t%s" % (I))
+ DNSInfo.append("%sIN\tMX\t%s" % (TTLprefix, I))
return DNSInfo
global HostAttrs
for x in HostAttrs:
- if x[1].has_key("hostname") == 0 or \
- x[1].has_key("architecture") == 0 or\
- x[1].has_key("sshRSAHostKey") == 0:
+ if x[1].has_key("hostname") == 0:
continue
if IsDebianHost.match(GetAttr(x, "hostname")) is None:
F = open(File + ".tmp", "w")
# Fetch all the users
- global DebianUsers
+ global PasswdAttrs
# Write out the zone file entry for each user
- for x in DebianUsers:
+ for x in PasswdAttrs:
if x[1].has_key("dnsZoneEntry") == 0:
continue
# Fetch all the hosts
HostAttrs = l.search_s(HostBaseDn, ldap.SCOPE_ONELEVEL, "objectClass=debianServer",\
["hostname", "sshRSAHostKey", "purpose", "allowedGroups", "exportOptions",\
- "mXRecord", "ipHostNumber", "machine", "architecture"])
+ "mXRecord", "ipHostNumber", "dnsTTL", "machine", "architecture"])
if HostAttrs == None:
raise UDEmptyList, "No Hosts"
GenDisabledAccounts(GlobalDir + "disabled-accounts")
PasswdAttrs = filter(lambda x: not IsRetired(x), PasswdAttrs)
-#DebianUsers = filter(lambda x: IsGidDebian(x), PasswdAttrs)
-DebianUsers = PasswdAttrs
+DebianDDUsers = filter(lambda x: IsGidDebian(x), PasswdAttrs)
CheckForward()
GenMailDisable(GlobalDir + "mail-disable")
-GenCDB(GlobalDir + "mail-forward.cdb", 'emailForward')
-GenCDB(GlobalDir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
+GenCDB(GlobalDir + "mail-forward.cdb", PasswdAttrs, 'emailForward')
+GenCDB(GlobalDir + "mail-contentinspectionaction.cdb", PasswdAttrs, 'mailContentInspectionAction')
GenPrivate(GlobalDir + "debian-private")
GenSSHKnown(GlobalDir+"authorized_keys", 'authorized_keys')
GenMailBool(GlobalDir + "mail-greylist", "mailGreylisting")
DoLink(GlobalDir, OutDir, "mail-rbl")
DoLink(GlobalDir, OutDir, "mail-rhsbl")
DoLink(GlobalDir, OutDir, "mail-whitelist")
+ GenCDB(OutDir + "user-forward.cdb", filter(lambda x: IsInGroup(x), PasswdAttrs), 'emailForward')
+ GenCDB(OutDir + "batv-tokens.cdb", filter(lambda x: IsInGroup(x), PasswdAttrs), 'bATVToken')
+ GenCDB(OutDir + "default-mail-options.cdb", filter(lambda x: IsInGroup(x), PasswdAttrs), 'mailDefaultOptions')
# Compatibility.
DoLink(GlobalDir, OutDir, "forward-alias")