X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=ud-generate;h=d55f10b6b140b007a146d0cb48077993336ec0a2;hb=8b615deb35e176d752f1784ada1ad529b43fa9fd;hp=f7c929eaafff39b5968724d3a763f0f92be718f4;hpb=6d44670b928bb0a25fc13236df9c9903926a857e;p=mirror%2Fuserdir-ldap.git diff --git a/ud-generate b/ud-generate index f7c929e..d55f10b 100755 --- a/ud-generate +++ b/ud-generate @@ -180,7 +180,8 @@ def GenSSHShadow(l,File): # If the account is locked, do not write it. # This is a partial stop-gap. The ssh also needs to change this # to ignore ~/.ssh/authorized* files. - if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1): + if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \ + or GetAttr(x,"userPassword").startswith("!"): continue; if x[1].has_key("uidNumber") == 0 or \ @@ -365,7 +366,7 @@ def GenPrivate(l,File): # If the account is locked, do not write it if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \ - or (string.find(GetAttr(x,"userPassword"),"*PK*") != -1): + or GetAttr(x,"userPassword").startswith("!"): continue; # If the account has no PGP key, do not write it @@ -405,7 +406,10 @@ def GenMailDisable(l,File): # If the account is locked, disable incoming mail if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1): - Reason = "user account locked" + if GetAttr(x,"uid") == "luther": + continue + else: + Reason = "user account locked" else: if x[1].has_key("mailDisableMessage"): Reason = GetAttr(x,"mailDisableMessage") @@ -799,20 +803,22 @@ while(1): Allowed = None CurrentHost = Split[0]; + DoLink(GlobalDir,OutDir,"ssh-rsa-shadow"); + DoLink(GlobalDir,OutDir,"debianhosts"); + DoLink(GlobalDir,OutDir,"ssh_known_hosts"); + sys.stdout.flush(); GenPasswd(l,OutDir+"passwd",Split[1]); sys.stdout.flush(); GenGroup(l,OutDir+"group"); if ExtraList.has_key("[UNTRUSTED]"): continue; - GenShadow(l,OutDir+"shadow"); + if not ExtraList.has_key("[NOPASSWD]"): + GenShadow(l,OutDir+"shadow"); # Link in global things - DoLink(GlobalDir,OutDir,"ssh-rsa-shadow"); DoLink(GlobalDir,OutDir,"markers"); DoLink(GlobalDir,OutDir,"mail-forward.cdb"); - DoLink(GlobalDir,OutDir,"debianhosts"); - DoLink(GlobalDir,OutDir,"ssh_known_hosts"); DoLink(GlobalDir,OutDir,"mail-disable"); DoLink(GlobalDir,OutDir,"mail-greylist"); DoLink(GlobalDir,OutDir,"mail-callout");