X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-info;h=1c91f1c063aa1e0f5457c806ad878348f16fa1b3;hb=f5a604b09785a04336b4caa4ea09d7e1cb744b54;hp=7000ce9258394ee91c5fe3de611eafa9d693927f;hpb=f27db3e7f5d3bb3fe0d36e1ab15e143ce45d269d;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-info b/ud-info
index 7000ce9..1c91f1c 100755
--- a/ud-info
+++ b/ud-info
@@ -17,6 +17,28 @@
 #    -r    Enable 'root' functions, do this if your uid has access to
 #          restricted variables.
 
+#   Copyright (c) 1999-2001  Jason Gunthorpe <jgg@debian.org>
+#   Copyright (c) 2004-2005,7  Joey Schulze <joey@infodrom.org>
+#   Copyright (c) 2001-2006  Ryan Murray <rmurray@debian.org>
+#   Copyright (c) 2008 Peter Palfrader <peter@palfrader.org>
+#   Copyright (c) 2008 Martin Zobel-Helas <zobel@debian.org>
+#   Copyright (c) 2008 Marc 'HE' Brockschmidt <he@debian.org>
+#   Copyright (c) 2008 Mark Hymers <mhy@debian.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program; if not, write to the Free Software
+#   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
 import time, os, pwd, sys, getopt, ldap, crypt, readline, copy;
 from userdir_ldap import *;
 
@@ -53,10 +75,13 @@ AttrInfo = {"cn": ["First Name", 101],
             "mailRBL": ["Mail RBLs",22],
             "mailRHSBL": ["Mail RHSBLs",23],
             "mailWhitelist": ["Mail Whitelist",24],
+	    "VoIP": ["VoIP Address",25],
 	    "comment": ["Comment",116],
 	    "userPassword": ["Crypted Password",117],
             "dnsZoneEntry": ["d.net Entry",118],
-            "VoIP": ["VoIP Address",119]}; 
+            "accountStatus": ["DD status",301],
+            "accountComment": ["DD status comment",302],
+	    };
 
 AttrPrompt = {"cn": ["Common name or first name"],
               "mn": ["Middle name (or initial if it ends in a dot)"],
@@ -91,7 +116,10 @@ AttrPrompt = {"cn": ["Common name or first name"],
               "labeledURI": ["Web home page"],
               "jabberJID": ["Jabber ID"],
               "icqUin": ["ICQ UIN Number"],
-              "VoIP": ["VoIP Address"]};
+              "VoIP": ["VoIP Address"],
+              "accountStatus": ["DD status"],
+              "accountComment": ["DD status comment"],
+              };
 
 # Create a map of IDs to desc,value,attr
 OrderedIndex = {};
@@ -100,14 +128,18 @@ for at in AttrInfo.keys():
       OrderedIndex[AttrInfo[at][1]] = [AttrInfo[at][0], "", at];
 OrigOrderedIndex = copy.deepcopy(OrderedIndex);
 
+for id in OrderedIndex:
+   if not AttrPrompt.has_key( OrderedIndex[id][2] ):
+      print "Warning: no AttrPrompt for %s"%(id)
+
 # Show shadow information
 def PrintShadow(Attrs):
    Changed = int(GetAttr(Attrs,"shadowLastChange","0"));
    MinDays = int(GetAttr(Attrs,"shadowMin","0"));
    MaxDays = int(GetAttr(Attrs,"shadowMax","0"));
    WarnDays = int(GetAttr(Attrs,"shadowWarning","0"));
-   InactDays = int(GetAttr(Attrs,"shadowinactive","0"));
-   Expire = int(GetAttr(Attrs,"shadowexpire","0"));
+   InactDays = int(GetAttr(Attrs,"shadowInactive","0"));
+   Expire = int(GetAttr(Attrs,"shadowExpire","0"));
 
    print "%-24s:" % ("Password last changed"),
    print time.strftime("%a %d/%m/%Y %Z",time.localtime(Changed*24*60*60));
@@ -259,6 +291,20 @@ def MultiChangeAttr(Attrs,Attr):
    Attrs[1][Attr].append(NewValue);
    print;
 
+def Lock(UserDn, Attrs, DisableMail=True):
+   shadowLast = str(int(time.time()/24/60/60));
+   recs = [
+      (ldap.MOD_REPLACE,"userPassword","{crypt}*LK*"),
+      (ldap.MOD_REPLACE,"shadowLastChange",shadowLast),
+      (ldap.MOD_REPLACE,"shadowExpire","1")];
+   if DisableMail:
+      recs.append( (ldap.MOD_REPLACE,"mailDisableMessage","account locked") )
+      Attrs[0][1]["shadowLastChange"] = [shadowLast];
+   l.modify_s(UserDn,recs);
+   Attrs[0][1]["userPassword"] = ["{crypt}*LK*"];
+   Attrs[0][1]["mailDisableMessage"] = ["account locked"];
+   Attrs[0][1]["shadowExpire"] = ["1"];
+
 # Main program starts here
 User = pwd.getpwuid(os.getuid())[0];
 BindUser = User;
@@ -293,7 +339,7 @@ if (BindUser != ""):
    Password = getpass(BindUser + "'s password: ");
 
 # Connect to the ldap server
-l = ldap.open(LDAPServer);
+l = connectLDAP()
 UserDn = "uid=" + BindUser + "," + BaseDn;
 if (BindUser != ""):
    l.simple_bind_s(UserDn,Password);
@@ -326,9 +372,10 @@ while(1):
 
    if RootMode == 1:
       print "   a) Arbitary Change";
+      print "   r) retire developer";
       print "   R) Randomize Password";
+      print "   L) Lock account and disable mail";
    print "   p) Change Password";
-   print "   L) Lock account";
    print "   u) Switch Users";
    print "   x) Exit";
    
@@ -382,6 +429,53 @@ while(1):
       Attrs[0][1]["shadowLastChange"] = [shadowLast];
       continue;
 
+   # retire DD
+   if Response == 'r' and RootMode == 1:
+      if Attrs[0][1].has_key("accountStatus") == 0:
+        curStatus = "<not set>"
+      else:
+        curStatus = Attrs[0][1]["accountStatus"][0]
+      if Attrs[0][1].has_key("accountComment") == 0:
+        curComment = "<not set>"
+      else:
+        curComment = Attrs[0][1]["accountComment"][0]
+      print "\n\nCurrent status is %s"%curStatus
+      print "Current comment is %s\n"%curComment
+
+      print "Set account to:"
+      print "  1) retiring (lock account but do not disable mail):"
+      print "  2) inactive (removed/emeritus/... - lock account and disable mail):"
+      print "  3) memorial (lock account and disable mail):"
+      print "  4) active (do not change other settings, you will have to deal with them)"
+      print "  q) return (no change)"
+      Resp = raw_input("Action? ")
+      if Resp == "1" or Resp == "2":
+         Lock(UserDn, Attrs, Resp == "2")
+         if Resp == "1":
+           newstatus = "retiring %s"%(time.strftime("%Y-%m-%d"))
+         else:
+           newstatus = "inactive %s"%(time.strftime("%Y-%m-%d"))
+         l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+         Attrs[0][1]["accountStatus"] = [newstatus]
+
+         Resp2 = raw_input("Optional RT ticket number? ")
+         if (Resp2 != ''):
+           comment = "RT#%s"%(Resp2)
+           l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountComment",comment)])
+           Attrs[0][1]["accountComment"] = [comment]
+      elif Resp == "3":
+         Lock(UserDn, Attrs)
+         newstatus = "memorial"
+         l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+         Attrs[0][1]["accountStatus"] = [newstatus]
+      elif Resp == "4":
+         newstatus = "active"
+         l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+         Attrs[0][1]["accountStatus"] = [newstatus]
+
+      continue;
+
+
    # Randomize password
    if Response == 'R' and RootMode == 1:
       Resp = raw_input("Randomize Users Password? [no/yes]");
@@ -413,14 +507,7 @@ while(1):
          continue;
 
       print "Setting password..";
-      shadowLast = str(int(time.time()/24/60/60));
-      l.modify_s(UserDn,[
-         (ldap.MOD_REPLACE,"userPassword","{crypt}*LK*"),
-         (ldap.MOD_REPLACE,"mailDisableMessage","account locked"),
-         (ldap.MOD_REPLACE,"shadowLastChange",shadowLast)]);
-      Attrs[0][1]["userPassword"] = ["{crypt}*LK*"];
-      Attrs[0][1]["mailDisableMessage"] = ["account locked"];
-      Attrs[0][1]["shadowLastChange"] = [shadowLast];
+      Lock(UserDn, Attrs)
       continue;
 
    # Handle changing an arbitary value