X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-useradd;h=d14edee2e4b7cb6818f292717a9e6a67a97f91ff;hb=de6be72a0f8c50acaf83a9111f0bd3901e5eac1c;hp=003f28ca041ab5e6de81af9f859923d25c2e5b45;hpb=1ec86235bdc4223733fd0a722fc4497c51d3ba81;p=mirror%2Fuserdir-ldap.git diff --git a/ud-useradd b/ud-useradd index 003f28c..d14edee 100755 --- a/ud-useradd +++ b/ud-useradd @@ -28,6 +28,7 @@ from userdir_ldap import *; from userdir_gpg import *; HavePrivateList = getattr(ConfModule, "haveprivatelist", True) +DefaultGroup = getattr(ConfModule, "defaultgroup", 'users') # This tries to search for a free UID. There are two possible ways to do # this, one is to fetch all the entires and pick the highest, the other @@ -35,24 +36,38 @@ HavePrivateList = getattr(ConfModule, "haveprivatelist", True) # Regrettably ldap doesn't have an integer attribute comparision function # so we can only cut the search down slightly +def ShouldIgnoreID(uid): + for i in IgnoreUsersForUIDNumberGen: + try: + if i.search(uid) is not None: + return True + except AttributeError: + if uid == i: + return True + + return False + # [JT] This is broken with Woody LDAP and the Schema; for now just # search through all UIDs. def GetFreeID(l): - Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL, - "uidNumber=*",["uidNumber", "gidNumber"]); + Attrs = l.search_s(BaseBaseDn,ldap.SCOPE_SUBTREE, + "uidNumber=*",["uidNumber", "gidNumber", "uid"]); HighestUID = 0; gids = []; + uids = []; for I in Attrs: ID = int(GetAttr(I,"uidNumber","0")); + uids.append(ID) gids.append(int(GetAttr(I, "gidNumber","0"))) - if ID > HighestUID: + uid = GetAttr(I, "uid", None) + if ID > HighestUID and not uid is None and not ShouldIgnoreID(uid): HighestUID = ID; - resGID = HighestUID + 1; - while resGID in gids: - resGID += 1 + resUID = HighestUID + 1; + while resUID in uids or resUID in gids: + resUID += 1 - return (HighestUID + 1, resGID); + return (resUID, resUID) # Main starts here AdminUser = pwd.getpwuid(os.getuid())[0]; @@ -72,7 +87,7 @@ for (switch, val) in options: print " -u= Admin user (defaults to current username)" print " -m Force mail (for updates)" print " -a Use old keyrings instead (??)" - print " -n Do not automatically assign UID/GIDs (useful for usergroups or non-default group membership" + print " -n Do not automatically assign UID/GIDs" print " -g Add a guest account" sys.exit(0) elif (switch == '-u'): @@ -195,14 +210,12 @@ if HavePrivateList and not GuestAccount: else: privsub = " " -if not gidNumber: - if not GuestAccount: - gidNumber = DefaultGID - else: - gidNumber = DebianGroups['guest'] (uidNumber, generatedGID) = GetFreeID(l) -UserGroup = 0 +if not gidNumber: + gidNumber = generatedGID + +UserGroup = 1 if NoAutomaticIDs: # UID if not Update: @@ -211,15 +224,20 @@ if NoAutomaticIDs: uidNumber = Res; # GID - Res = raw_input("Group ID Number (default group is %s, new usergroup %s) [%s]" % (DefaultGID, generatedGID, gidNumber)); + Res = raw_input("Group ID Number (new usergroup is %s) [%s]" % (generatedGID, gidNumber)); if Res != "": if Res.isdigit(): gidNumber = int(Res); else: gidNumber = Group2GID(l, Res); - if gidNumber == generatedGID: - UserGroup = 1 + if gidNumber != generatedGID: + UserGroup = 0 + +if GuestAccount: + supplementaryGid = 'guest' +else: + supplementaryGid = DefaultGroup shadowExpire = None hostacl = [] @@ -267,6 +285,7 @@ print "------------"; print "Final information collected:" print " %s <%s@%s>:" % (FullName,account,EmailAppend); print " Assigned UID:",uidNumber," GID:", gidNumber; +print " supplementary group:",supplementaryGid print " Email forwarded to:",emailaddr if HavePrivateList: print " Private Subscription:",privsub; @@ -311,6 +330,7 @@ if Update == 0: ("objectClass", UserObjectClasses), ("uidNumber",str(uidNumber)), ("gidNumber",str(gidNumber)), + ("supplementaryGid",supplementaryGid), ("gecos",FullName+",,,,"), ("loginShell","/bin/bash"), ("keyFingerPrint",Keys[0][1]),