ud-generate: The ssh authorized_keys file for the sshdist user now wraps
the rsync call in an flock wrapper that acquires a shared lock on
ud-generate's lock. This prevents syncing while ud-generate runs.
- wrap cdbmake calls in eatmydata. Nothing else does any fsync stuff,
so doing it here just costs a lot.
* ud-generate: Use a flock() lock instead of python's lockfile class.
- wrap cdbmake calls in eatmydata. Nothing else does any fsync stuff,
so doing it here just costs a lot.
* ud-generate: Use a flock() lock instead of python's lockfile class.
+ * ud-generate: The ssh authorized_keys file for the sshdist user now wraps
+ the rsync call in an flock wrapper that acquires a shared lock on
+ ud-generate's lock. This prevents syncing while ud-generate runs.
[ Stephen Gran ]
* Fix deprecation warnings for sha module by using hashlib module instead
[ Stephen Gran ]
* Fix deprecation warnings for sha module by using hashlib module instead
* ud-replicate: set correct permissions for web-passwords
* add freecdb to depends
* ud-replicate: set correct permissions for web-passwords
* add freecdb to depends
- -- Peter Palfrader <weasel@debian.org> Mon, 12 Mar 2012 16:15:13 +0100
+ -- Peter Palfrader <weasel@debian.org> Mon, 12 Mar 2012 16:56:11 +0100
userdir-ldap (0.3.79) unstable; urgency=low
userdir-ldap (0.3.79) unstable; urgency=low
return IPAdresses
# Generate the ssh known hosts file
return IPAdresses
# Generate the ssh known hosts file
-def GenSSHKnown(host_attrs, File, mode=None):
+def GenSSHKnown(host_attrs, File, mode=None, lockfilename=None):
F = None
try:
OldMask = os.umask(0022)
F = None
try:
OldMask = os.umask(0022)
hosts = HostToIP(x)
if 'sshdistAuthKeysHost' in x[1]:
hosts += x[1]['sshdistAuthKeysHost']
hosts = HostToIP(x)
if 'sshdistAuthKeysHost' in x[1]:
hosts += x[1]['sshdistAuthKeysHost']
- Line = 'command="rsync --server --sender -pr . /var/cache/userdir-ldap/hosts/%s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="%s" %s' % (Host, ",".join(hosts), I)
+ clientcommand='rsync --server --sender -pr . /var/cache/userdir-ldap/hosts/%s'%(Host)
+ clientcommand="flock -s %s -c '%s'"%(lockfilename, clientcommand)
+ Line = 'command="%s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="%s" %s' % (clientcommand, ",".join(hosts), I)
else:
Line = "%s %s" %(",".join(HostNames + HostToIP(x, False)), I)
Line = Sanitize(Line) + "\n"
else:
Line = "%s %s" %(",".join(HostNames + HostToIP(x, False)), I)
Line = Sanitize(Line) + "\n"
GenCDB(accounts, global_dir + "mail-forward.cdb", 'emailForward')
GenCDB(accounts, global_dir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
GenPrivate(accounts, global_dir + "debian-private")
GenCDB(accounts, global_dir + "mail-forward.cdb", 'emailForward')
GenCDB(accounts, global_dir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
GenPrivate(accounts, global_dir + "debian-private")
- GenSSHKnown(host_attrs, global_dir+"authorized_keys", 'authorized_keys')
+ GenSSHKnown(host_attrs, global_dir+"authorized_keys", 'authorized_keys', global_dir+'ud-generate.lock')
GenMailBool(accounts, global_dir + "mail-greylist", "mailGreylisting")
GenMailBool(accounts, global_dir + "mail-callout", "mailCallout")
GenMailList(accounts, global_dir + "mail-rbl", "mailRBL")
GenMailBool(accounts, global_dir + "mail-greylist", "mailGreylisting")
GenMailBool(accounts, global_dir + "mail-callout", "mailCallout")
GenMailList(accounts, global_dir + "mail-rbl", "mailRBL")