X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-useradd;h=6c2e19d4f43286566b79793b6067a4c1d0ab6f53;hb=8738046a94466496c72929ab427d8f4005625ef2;hp=b875470d9ed1807c5a9ba50d9514322bd3025f2b;hpb=c50d88536a4feb3087d1aa802e110250cb2861fc;p=mirror%2Fuserdir-ldap.git diff --git a/ud-useradd b/ud-useradd index b875470..6c2e19d 100755 --- a/ud-useradd +++ b/ud-useradd @@ -1,20 +1,19 @@ #!/usr/bin/env python # -*- mode: python -*- -import string, re, time, ldap, getopt, sys, posix, pwd; +import string, re, time, ldap, getopt, sys, os, pwd; from userdir_ldap import *; from userdir_gpg import *; -AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>"); - # This tries to search for a free UID. There are two possible ways to do # this, one is to fetch all the entires and pick the highest, the other -# is to randomly guess uids until one is free. This uses the formar. +# is to randomly guess uids until one is free. This uses the former. # Regrettably ldap doesn't have an integer attribute comparision function # so we can only cut the search down slightly def GetFreeID(l): HighestUID = 1400; - Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uidnumber>="+str(HighestUID),["uidnumber"]); + Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL, + "uidnumber>="+str(HighestUID),["uidnumber"]); HighestUID = 0; for I in Attrs: ID = int(GetAttr(I,"uidnumber","0")); @@ -23,12 +22,20 @@ def GetFreeID(l): return HighestUID + 1; # Main starts here +AdminUser = pwd.getpwuid(os.getuid())[0]; # Process options -(options, arguments) = getopt.getopt(sys.argv[1:], "u:") +ForceMail = 0; +OldGPGKeyRings = GPGKeyRings; +userdir_gpg.GPGKeyRings = []; +(options, arguments) = getopt.getopt(sys.argv[1:], "u:ma") for (switch, val) in options: if (switch == '-u'): - AdminUser = val + AdminUser = val; + elif (switch == '-m'): + ForceMail = 1; + elif (switch == '-a'): + userdir_gpg.GPGKeyRings = OldGPGKeyRings; print "Accessing LDAP directory as '" + AdminUser + "'"; Password = getpass(AdminUser + "'s password: "); @@ -63,13 +70,10 @@ while (1): # Crack up the email address from the key into a best guess # first/middle/last name -Match = AddressSplit.match(Keys[0][2]); -if Match == None: - (cn,mn,sn,email,account) = ('','','','',''); -else: - (cn,mn,sn) = NameSplit(re.sub('["]','',Match.groups()[0])) - email = Match.groups()[1] + '@' + Match.groups()[2]; - account = Match.groups()[1]; +Addr = SplitEmail(Keys[0][2]); +(cn,mn,sn) = NameSplit(re.sub('["]','',Addr[0])) +email = Addr[1] + '@' + Addr[2]; +account = Addr[1]; privsub = email; gidnumber = str(DefaultGID); @@ -85,6 +89,11 @@ while len(Keys[0][1]) < 40: if Res == "": break; +Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + Keys[0][1]); +if len(Attrs) != 0: + print "*** This key already belongs to",GetAttr(Attrs[0],"uid"); + account = GetAttr(Attrs[0],"uid"); + # Try to get a uniq account name Update=0 while 1: @@ -93,6 +102,7 @@ while 1: account = Res; Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid=" + account); if len(Attrs) == 0: + privsub = "%s@debian.org"%(account); break; Res = raw_input("That account already exists, update [no]? "); if Res == "yes": @@ -138,14 +148,13 @@ if uidnumber == 0: uidnumber = GetFreeID(l); # Generate a random password -if Update == 0: +if Update == 0 or ForceMail == 1: Password = raw_input("User's Password (Enter for random)? "); if Password == "": print "Randomizing and encrypting password" Password = GenPass(); Pass = HashPass(Password); - print "PASS: ", Password; # Use GPG to encrypt it, pass the fingerprint to ID it CryptedPass = GPGEncrypt("Your new password is '" + Password + "'\n",\ @@ -181,13 +190,13 @@ if Res != "yes": # Initialize the substitution Map Subst = {} Subst["__REALNAME__"] = FullName; -Subst["__WHOAMI__"] = pwd.getpwuid(posix.getuid())[0]; +Subst["__WHOAMI__"] = pwd.getpwuid(os.getuid())[0]; Subst["__DATE__"] = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time())); Subst["__LOGIN__"] = account; Subst["__PRIVATE__"] = privsub; Subst["__EMAIL__"] = email; Subst["__PASSWORD__"] = CryptedPass; -Subst["__LISTPASS__"] = string.strip(open(pwd.getpwuid(posix.getuid())[5]+"/.debian-lists_passwd","r").read()); +#Subst["__LISTPASS__"] = string.strip(open(pwd.getpwuid(os.getuid())[5]+"/.debian-lists_passwd","r").read()); # Generate the LDAP request Rec = [(ldap.MOD_REPLACE,"uid",account), @@ -230,19 +239,23 @@ l.modify_s(Dn,Rec); print; # Abort email sends for an update operation -if Update == 1: +if Update == 1 and ForceMail == 0: print "Account is not new, Not sending mails" sys.exit(0); # Do the subscription/welcome message -if privsub != " ": - print TemplateSubst(Subst,open("templates/list-subscribe","r").read()); - +#if privsub != " ": +# Sub = TemplateSubst(Subst,open(TemplatesDir+"/list-subscribe","r").read()); +# Child = os.popen("/usr/sbin/sendmail -t","w"); +# Child.write(Sub); +# if Child.close() != None: +# raise Error, "Sendmail gave a non-zero return code"; + # Send the Welcome message print "Sending Welcome Email" -Reply = TemplateSubst(Subst,open("templates/welcome-message-"+gidnumber,"r").read()); -Child = posix.popen("/usr/sbin/sendmail -t","w"); -#Child = posix.popen("cat","w"); +Reply = TemplateSubst(Subst,open(TemplatesDir+"/welcome-message-"+gidnumber,"r").read()); +Child = os.popen("/usr/sbin/sendmail -t","w"); +#Child = os.popen("cat","w"); Child.write(Reply); if Child.close() != None: raise Error, "Sendmail gave a non-zero return code";