* ud-generate: Set shadow expiry to 1 for locked accounts [mhy].
* update doc/slapd-config.txt: labeledURL was removed from the schema but
not the slapd.conf example. Do that now [mhy].
+ * ud-generate: Mark that no passwords are exported also in the
+ generated passwd file, not only in the shadow file (by using a "*"
+ as password (meaning "no password"), instead of "x" (meaning "do I
+ look like a passwd from the nineties? Look into /etc/shadow!")) [HE].
[ Mark Hymers ]
* ud-userimport, ud-groupadd, ud-roleadd, ud-useradd, userdir_ldap.py:
ud-{user,group,role}add and abstract them out into userdir_ldap.py
* ud-useradd: Avoid a TypeError exception when constructing the template
filename
- * Remove use of deprecated functions from the string module
+ * Remove use of deprecated functions from the string module
* ud-arbimport: os.exit -> sys.exit
- -- Mark Hymers <mhy@debian.org> Wed, 26 Dec 2007 20:54:28 +0000
+ -- Peter Palfrader <weasel@debian.org> Thu, 10 Jan 2008 15:32:16 +0100
userdir-ldap (0.3.15) unstable; urgency=low
os.rename(File + ".tdb.tmp",File+".tdb");
# Generate the password list
-def GenPasswd(l,File,HomePrefix):
+def GenPasswd(l,File,HomePrefix,PwdMarker):
F = None;
try:
F = open(File + ".tdb.tmp","w");
if len(GetAttr(x,"gecos")) > 100 or len(GetAttr(x,"loginShell")) > 50:
continue;
- Line = "%s:x:%s:%s:%s:%s%s:%s" % (GetAttr(x,"uid"),\
+ Line = "%s:%s:%s:%s:%s:%s%s:%s" % (GetAttr(x,"uid"),\
+ PwdMarker,\
GetAttr(x,"uidNumber"),GetAttr(x,"gidNumber"),\
GetAttr(x,"gecos"),HomePrefix,GetAttr(x,"uid"),\
GetAttr(x,"loginShell"));
DoLink(GlobalDir,OutDir,"disabled-accounts")
sys.stdout.flush();
- GenPasswd(l,OutDir+"passwd",Split[1]);
+ if ExtraList.has_key("[NOPASSWD]"):
+ GenPasswd(l,OutDir+"passwd",Split[1], "*");
+ else:
+ GenPasswd(l,OutDir+"passwd",Split[1], "x");
sys.stdout.flush();
GenGroup(l,OutDir+"group");
if ExtraList.has_key("[UNTRUSTED]"):