X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-generate;h=6be531dd746e700dcf2ab758b08004ffdca7fe35;hb=4b937e6894f40637b34269ee17024de2795bbaa0;hp=a55df5d9cc69469f42332e450834e1af3addaf02;hpb=3014669c53f7737ea33fcc2facc16d9e69b89e38;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-generate b/ud-generate
index a55df5d..6be531d 100755
--- a/ud-generate
+++ b/ud-generate
@@ -2,6 +2,25 @@
 # -*- mode: python -*-
 # Generates passwd, shadow and group files from the ldap directory.
 
+#   Copyright (c) 2000-2001  Jason Gunthorpe <jgg@debian.org>
+#   Copyright (c) 2001-2003  Ryan Murray <rmurray@debian.org>
+#   Copyright (c) 2003-2004  James Troup <troup@debian.org>
+#   Copyright (c) 2004-2005  Joey Schulze <joey@infodrom.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program; if not, write to the Free Software
+#   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
 import string, re, time, ldap, getopt, sys, os, pwd, posix, socket;
 from userdir_ldap import *;
 
@@ -158,8 +177,10 @@ def GenSSHShadow(l,File):
       raise "No Users";
 
    for x in PasswdAttrs:
-     if x[1].has_key("uidNumber") == 0 or \
-        x[1].has_key("sshRSAAuthKey") == 0:
+      # If the account is locked, do not write it.
+      # This is a partial stop-gap. The ssh also needs to change this
+      # to ignore ~/.ssh/authorized* files.
+      if (string.find(GetAttr(x,"userPassword"),"*LK*")  != -1):
          continue;
 
       if x[1].has_key("uidNumber") == 0 or \
@@ -568,12 +589,16 @@ while(1):
          GroupList[str(GroupIDMap[I])] = None;
 
    Allowed = GroupList;
+   if Allowed == {}:
+     Allowed = None
    CurrentHost = Split[0];
 
    sys.stdout.flush();
    GenPasswd(l,OutDir+"passwd",Split[1]);
    sys.stdout.flush();
    GenGroup(l,OutDir+"group");
+   if ExtraList.has_key("[UNTRUSTED]"):
+	continue;
    GenShadow(l,OutDir+"shadow");
 	
    # Link in global things