X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-generate;h=ec62981b607dabd4dbd137519f7ff9d61402d1a9;hb=refs%2Ftags%2Fuserdir-ldap-0.3.19;hp=55d05cf8ef5cf769747966696faf5d27490ce9a7;hpb=0681e6e93d9d21b85a67c4a4b81a9bd3dde848a5;p=mirror%2Fuserdir-ldap.git diff --git a/ud-generate b/ud-generate index 55d05cf..ec62981 100755 --- a/ud-generate +++ b/ud-generate @@ -21,7 +21,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -import string, re, time, ldap, getopt, sys, os, pwd, posix, socket, base64, sha +import string, re, time, ldap, getopt, sys, os, pwd, posix, socket, base64, sha, shutil from userdir_ldap import *; global Allowed; @@ -35,9 +35,11 @@ CurrentHost = ""; EmailCheck = re.compile("^([^ <>@]+@[^ ,<>@]+)?$"); BSMTPCheck = re.compile(".*mx 0 (gluck)\.debian\.org\..*",re.DOTALL); DNSZone = ".debian.net" +Keyrings = [ "/org/keyring.debian.org/keyrings/debian-keyring.gpg", + "/org/keyring.debian.org/keyrings/debian-keyring.pgp" ] def Sanitize(Str): - return string.translate(Str,string.maketrans("\n\r\t","$$$")); + return Str.translate(string.maketrans("\n\r\t","$$$")) def DoLink(From,To,File): try: posix.remove(To+File); @@ -151,7 +153,7 @@ def GenShadow(l,File): # If the account is locked, mark it as such in shadow # See Debian Bug #308229 for why we set it to 1 instead of 0 - if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \ + if (GetAttr(x,"userPassword").find("*LK*") != -1) \ or GetAttr(x,"userPassword").startswith("!"): ShadowExpire = '1' else: @@ -190,7 +192,7 @@ def GenSSHShadow(l,File): # If the account is locked, do not write it. # This is a partial stop-gap. The ssh also needs to change this # to ignore ~/.ssh/authorized* files. - if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \ + if (GetAttr(x,"userPassword").find("*LK*") != -1) \ or GetAttr(x,"userPassword").startswith("!"): continue; @@ -375,7 +377,7 @@ def GenPrivate(l,File): continue; # If the account is locked, do not write it - if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \ + if (GetAttr(x,"userPassword").find("*LK*") != -1) \ or GetAttr(x,"userPassword").startswith("!"): continue; @@ -420,7 +422,7 @@ def GenDisabledAccounts(l,File): Line = "" # *LK* is the reference value for a locked account # password starting with ! is also a locked account - if string.find(Pass,"*LK*") != -1 or Pass.startswith("!"): + if Pass.find("*LK*") != -1 or Pass.startswith("!"): # Format is : Line = "%s:%s" % (GetAttr(x,"uid"), "Account is locked") @@ -448,7 +450,7 @@ def GenMailDisable(l,File): Reason = None # If the account is locked, disable incoming mail - if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1): + if (GetAttr(x,"userPassword").find("*LK*") != -1): if GetAttr(x,"uid") == "luther": continue else: @@ -587,12 +589,12 @@ def GenDNS(l,File,HomePrefix): try: F.write("; %s\n"%(EmailAddress(x))); for z in x[1]["dnsZoneEntry"]: - Split = string.split(string.lower(z)); - if string.lower(Split[1]) == 'in': + Split = z.lower().split() + if Split[1].lower() == 'in': for y in range(0,len(Split)): if Split[y] == "$": Split[y] = "\n\t"; - Line = string.join(Split," ") + "\n"; + Line = " ".join(Split) + "\n"; F.write(Line); Host = Split[0] + DNSZone; @@ -600,7 +602,7 @@ def GenDNS(l,File,HomePrefix): F.write("; Has BSMTP\n"); # Write some identification information - if string.lower(Split[2]) == "a": + if Split[2].lower() == "a": Line = "%s IN TXT \"%s\"\n"%(Split[0],EmailAddress(x)); for y in x[1]["keyFingerPrint"]: Line = Line + "%s IN TXT \"PGP %s\"\n"%(Split[0],FormatPGPKey(y)); @@ -638,7 +640,7 @@ def GenSSHFP(l,File,HomePrefix): Host = GetAttr(x,"hostname"); Algorithm = None for I in x[1]["sshRSAHostKey"]: - Split = string.split(I) + Split = I.split() if Split[0] == 'ssh-rsa': Algorithm = 1 if Split[0] == 'ssh-dss': @@ -676,12 +678,12 @@ def GenBSMTP(l,File,HomePrefix): continue; try: for z in x[1]["dnsZoneEntry"]: - Split = string.split(string.lower(z)); - if string.lower(Split[1]) == 'in': + Split = z.lower().split() + if Split[1].lower() == 'in': for y in range(0,len(Split)): if Split[y] == "$": Split[y] = "\n\t"; - Line = string.join(Split," ") + "\n"; + Line = " ".join(Split) + "\n"; Host = Split[0] + DNSZone; if BSMTPCheck.match(Line) != None: @@ -715,7 +717,7 @@ def GenSSHKnown(l,File): x[1].has_key("sshRSAHostKey") == 0: continue; Host = GetAttr(x,"hostname"); - SHost = string.find(Host,"."); + SHost = Host.find(".") for I in x[1]["sshRSAHostKey"]: if SHost == None: Line = "%s,%s %s" %(Host,socket.gethostbyname(Host),I); @@ -759,10 +761,14 @@ def GenHosts(l,File): raise; Done(File,F,None); +def GenKeyrings(l,OutDir): + for k in Keyrings: + shutil.copy(k, OutDir) + # Connect to the ldap server l = ldap.open(LDAPServer); F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r"); -Pass = string.split(string.strip(F.readline())," "); +Pass = F.readline().strip().split(" ") F.close(); l.simple_bind_s("uid="+Pass[0]+","+BaseDn,Pass[1]); @@ -812,21 +818,22 @@ GenMailBool(l,GlobalDir+"mail-callout","mailCallout"); GenMailList(l,GlobalDir+"mail-rbl","mailRBL"); GenMailList(l,GlobalDir+"mail-rhsbl","mailRHSBL"); GenMailList(l,GlobalDir+"mail-whitelist","mailWhitelist"); +GenKeyrings(l,GlobalDir); # Compatibility. GenForward(l,GlobalDir+"forward-alias"); - + while(1): Line = F.readline(); if Line == "": break; - Line = string.strip(Line); + Line = Line.strip() if Line == "": continue; if Line[0] == '#': continue; - Split = string.split(Line," "); + Split = Line.split(" ") OutDir = GenerateDir + '/' + Split[0] + '/'; try: os.mkdir(OutDir); except: pass; @@ -886,3 +893,11 @@ while(1): if ExtraList.has_key("[PRIVATE]"): DoLink(GlobalDir,OutDir,"debian-private") + + if ExtraList.has_key("[KEYRING]"): + for k in Keyrings: + DoLink(GlobalDir,OutDir,os.path.basename(k)) + else: + for k in Keyrings: + try: posix.remove(OutDir+os.path.basename(k)); + except: pass;