#!/usr/bin/env python
# -*- mode: python -*-
+
+# Copyright (c) 1999 Jason Gunthorpe <jgg@debian.org>
+# Copyright (c) 2003 James Troup <troup@debian.org>
+# Copyright (c) 2004 Joey Schulze <joey@debian.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
# Imports passwd, shadow and group files into the directory.
# You should cleanse the files of anything you do not want to add to the
# directory.
# ldapimport -s /etc/shadow -g /etc/group
#
-import string, re, time, ldap, getopt, sys;
+import re, time, ldap, getopt, sys;
from userdir_ldap import *;
DoAdd = 0;
Gecos[3] + "," + Gecos[4];
return (Field,cn,mn,sn);
-# Check if a number string is really a number
-def CheckNumber(Num):
- for x in Num:
- string.index(string.digits,x);
-
# Read the passwd file into the database
def DoPasswd(l,Passwd):
# Read the passwd file and import it
Split = re.split("[:\n]",Line);
(Split[4],cn,mn,sn) = ParseGecos(Split[4]);
- CheckNumber(Split[2]);
- CheckNumber(Split[3]);
- Rec = [(ldap.MOD_REPLACE,"uid",Split[0]),
- (ldap.MOD_REPLACE,"uidNumber",Split[2]),
- (ldap.MOD_REPLACE,"gidNumber",Split[3]),
- (ldap.MOD_REPLACE,"gecos",Split[4]),
- (ldap.MOD_REPLACE,"homeDirectory",Split[5]),
- (ldap.MOD_REPLACE,"loginShell",Split[6]),
- (ldap.MOD_REPLACE,"cn",cn),
- (ldap.MOD_REPLACE,"mn",mn),
- (ldap.MOD_REPLACE,"sn",sn)];
+ # This just tests whether these are integers and throws an
+ # exception if not
+ int(Split[2])
+ int(Split[3])
+ Rec = [("uid",Split[0]),
+ ("uidNumber",Split[2]),
+ ("gidNumber",Split[3]),
+ ("gecos",Split[4]),
+ ("homeDirectory",Split[5]),
+ ("loginShell",Split[6]),
+ ("cn",cn),
+ ("sn",sn)];
+
+ # Avoid schema check complaints when mn is empty
+ if (mn):
+ Rec.append(("mn",mn))
Dn = "uid=" + Split[0] + "," + BaseDn;
- print "Importing",Dn,
+ print "Importing", Dn
sys.stdout.flush();
- # Unfortunately add_s does not take the same args as modify :|
+ DoModify = True
+
if (DoAdd == 1):
try:
- l.add_s(Dn,[("uid",Split[0]),
- ("objectclass","top"),
- ("objectclass","account"),
- ("objectclass","posixAccount"),
- ("objectclass","shadowAccount"),
- ("objectclass","debiandeveloper")]);
+ AddRec = Rec[:]
+ AddRec.append(("objectClass", UserObjectClasses))
+ l.add_s(Dn,AddRec)
+ DoModify = False
+
except ldap.ALREADY_EXISTS:
print "exists",;
- # Send the modify request
- l.modify(Dn,Rec);
- Outstanding = Outstanding + 1;
- Outstanding = FlushOutstanding(l,Outstanding,1);
- print "done";
+ if (DoModify):
+ # Send the modify request
+ ModRec = [(ldap.MOD_REPLACE, k[0], k[1]) for k in Rec]
+ l.modify(Dn,ModRec);
+ Outstanding = Outstanding + 1;
+ Outstanding = FlushOutstanding(l,Outstanding,1);
+ print "done";
+
FlushOutstanding(l,Outstanding);
# Read the shadow file into the database
continue;
for x in range(2,8):
- CheckNumber(Split[x]);
+ int(Split[x])
Rec = [(ldap.MOD_REPLACE,"shadowLastChange",Split[2]),
(ldap.MOD_REPLACE,"shadowMin",Split[3]),
(ldap.MOD_REPLACE,"shadowMax",Split[4]),
- (ldap.MOD_REPLACE,"shadowWarning",Split[5]),
- (ldap.MOD_REPLACE,"shadowInactive",Split[6]),
- (ldap.MOD_REPLACE,"shadowExpire",Split[7])];
+ (ldap.MOD_REPLACE,"shadowWarning",Split[5])]
+
+ # Avoid schema violations
+ if (Split[6]):
+ Rec.append((ldap.MOD_REPLACE,"shadowInactive",Split[6]))
+
+ if (Split[7]):
+ Rec.append((ldap.MOD_REPLACE,"shadowExpire",Split[7]))
+
if (WritePasses == 1):
Rec.append((ldap.MOD_REPLACE,"userPassword","{crypt}"+Split[1]));
# Split up the group information
Split = re.split("[:\n]",Line);
Members = re.split("[, ]*",Split[3]);
- CheckNumber(Split[2]);
+ int(Split[2])
# Iterate over the membership list and add the membership information
# To the directory
- Rec = [(ldap.MOD_ADD,"supplementarygid",Split[0])];
+ Rec = [(ldap.MOD_ADD,"supplementaryGid",Split[0])];
Counter = 0;
for x in Members:
if x == "":
if (DoAdd == 1):
try:
l.add_s(Dn,[("gid",Split[0]),
- ("objectclass","top"),
- ("objectclass","posixGroup")]);
+ ("objectClass", GroupObjectClasses)])
except ldap.ALREADY_EXISTS:
print "exists",;
AdminUser = val
# Main program starts here
-print "Accessing LDAP directory as '" + AdminUser + "'";
-Password = getpass(AdminUser + "'s password: ");
# Connect to the ldap server
-l = ldap.open(LDAPServer);
-UserDn = "uid=" + AdminUser + "," + BaseDn;
-l.simple_bind_s(UserDn,Password);
+l = passwdAccessLDAP(BaseDn, AdminUser)
if (Passwd != ""):
DoPasswd(l,Passwd);