Peter Palfrader [Thu, 10 Jan 2008 14:47:02 +0000 (15:47 +0100)]
Merge from alioth
Copyright statement from people doing stuff on alioth, and pointer to the alioth repository and discussion list
Peter Palfrader [Thu, 10 Jan 2008 14:43:33 +0000 (15:43 +0100)]
Merge from alioth
But fix ud-replicate to use `$LOCALSYNCON' instead of `*$LOCALSYNCON*' in the case statement.
Peter Palfrader [Thu, 10 Jan 2008 14:35:18 +0000 (15:35 +0100)]
Merge from alioth
Peter Palfrader [Thu, 10 Jan 2008 14:33:50 +0000 (15:33 +0100)]
A nop with something behind it.
Merge in r361 from alioth-common, the shiftUID patch, but also
cherry pick r377 which reverts it (because it's incomplete/broken).
This is necesary because bzr tracks what you merged so far and
would always want to pull in 361 if I just skipped it now.
Peter Palfrader [Thu, 10 Jan 2008 14:33:29 +0000 (15:33 +0100)]
Merge from alioth
Peter Palfrader [Thu, 10 Jan 2008 13:50:58 +0000 (14:50 +0100)]
Merge from alioth
Peter Palfrader [Thu, 10 Jan 2008 13:50:25 +0000 (14:50 +0100)]
Merge from alioth
Replace deprecated string.$foo($bar, $ARGS) calls with $bar.$foo($ARGS).
Also cherry pick two fixes on the patch from later in that tree:
revno: 375
committer: Mark Hymers <mhy@debian.org>
branch nick: userdir-ldap-common
timestamp: Thu 2008-01-10 13:44:07 +0000
message:
Don't convert strings to integers, just check that they could be converted.
Noticed by Peter (again)
--
revno: 376
committer: Mark Hymers <mhy@debian.org>
branch nick: userdir-ldap-common
timestamp: Thu 2008-01-10 13:48:43 +0000
message:
and some more old CheckNumber fixes
Peter Palfrader [Thu, 10 Jan 2008 13:13:31 +0000 (14:13 +0100)]
merge from alioth
Peter Palfrader [Thu, 10 Jan 2008 13:10:58 +0000 (14:10 +0100)]
Merge from alioth
merge r356 from alioth's userdir-ldap-common, and cherry pick that fix onto that:
committer: Mark Hymers <mhy@debian.org>
branch nick: userdir-ldap-common
timestamp: Thu 2008-01-10 12:58:39 +0000
message:
Fix mistake in ud-userimport add logic spotted by Peter Palfrader.
Peter Palfrader [Thu, 10 Jan 2008 09:05:11 +0000 (10:05 +0100)]
Merge from alioth: note about more modern slapd configs
Joerg Jaspert [Fri, 28 Dec 2007 15:09:39 +0000 (16:09 +0100)]
Add a little pointer to our repository, also mention that for changes we do the copyright
is ours. Now, to make it easy I just pointed to "da-tools project members, -discuss list",
instead of listing every committer. License, of course, same as for "upstream".
Joerg Jaspert [Fri, 28 Dec 2007 15:08:49 +0000 (16:08 +0100)]
Files have copyright statements until 2007 (from Ryan), note that in debian/copyright
Also note that it is now maintained using bzr, not CVS
Joerg Jaspert [Fri, 28 Dec 2007 15:05:40 +0000 (16:05 +0100)]
uncommitted 2 changes from me. BAD HACK
Marc 'HE' Brockschmidt [Thu, 27 Dec 2007 16:17:13 +0000 (17:17 +0100)]
Make the host ud-replicate syncs from configurable in userdir-ldap.conf,
instead of hardcoding it into the script. Also introduce a variable
containing a shell glob on which no remote sync is needed, so that
the db host doesn't need to have a key in the authorized_keys file
for the sshdist user
Mark Hymers [Thu, 27 Dec 2007 12:50:55 +0000 (12:50 +0000)]
add simple ud-config script for use in shell scripts
Mark Hymers [Thu, 27 Dec 2007 12:50:36 +0000 (12:50 +0000)]
merge
Marc 'HE' Brockschmidt [Thu, 27 Dec 2007 08:39:32 +0000 (09:39 +0100)]
Sync with -common tree again
Mark Hymers [Wed, 26 Dec 2007 22:47:26 +0000 (22:47 +0000)]
merge from upstream
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:44:21 +0000 (23:44 +0100)]
Add 1000 to UIDs and GIDs if the ud-generate.conf contains '[UIDSHIFT]' as
extra flag. This is useful if you want to preserve local accounts without
ID conflicts.
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:41:38 +0000 (23:41 +0100)]
Merge passwordless export fix
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:38:22 +0000 (23:38 +0100)]
Mark that no passwords are exported also in the generated passwd file, not
only in the shadow file (by using a "*" as password (meaning "no password),
instead of "x" (meaning "do I look like a passwd from the nineties? Look
into /etc/shadow!")).
Mark Hymers [Wed, 26 Dec 2007 20:55:32 +0000 (20:55 +0000)]
* ud-arbimport: os.exit -> sys.exit
Mark Hymers [Wed, 26 Dec 2007 20:49:42 +0000 (20:49 +0000)]
* Remove use of deprecated functions from the string module
Mark Hymers [Wed, 26 Dec 2007 18:01:19 +0000 (18:01 +0000)]
* ud-useradd: Avoid a TypeError exception when constructing the template
filename
Mark Hymers [Wed, 26 Dec 2007 17:57:58 +0000 (17:57 +0000)]
* ud-userimport, ud-groupadd, ud-roleadd, ud-useradd, userdir_ldap.py:
Update ud-userimport to use the same objectClasses as
ud-{user,group,role}add and abstract them out into userdir_ldap.py
Mark Hymers [Wed, 26 Dec 2007 16:23:13 +0000 (16:23 +0000)]
add note about more modern slapd configs
Peter Palfrader [Wed, 26 Dec 2007 15:46:31 +0000 (16:46 +0100)]
Make the shadow expiry changelog entry more specific
Add a tag to debian/changelog saying that the "Set shadow expiry to 1
for locked accounts" was to ud-generate.
Peter Palfrader [Wed, 26 Dec 2007 15:45:04 +0000 (16:45 +0100)]
update doc/slapd-config.txt
labeledURL was removed from the schema but not the slapd.conf example. Doing
that now. Patch from mhy.
Mark Hymers [Wed, 26 Dec 2007 14:26:27 +0000 (14:26 +0000)]
labeledURL was removed from the schema but not the slapd.conf example
Peter Palfrader [Wed, 26 Dec 2007 08:44:42 +0000 (09:44 +0100)]
Set shadow expiry for locked accounts
Explicity set shadow expiry to 1 for locked accounts. Patch from mhy.
Mark Hymers [Wed, 26 Dec 2007 00:37:11 +0000 (00:37 +0000)]
Merge shadow branch
Mark Hymers [Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)]
Set shadow expiry for locked accounts
Peter Palfrader [Tue, 25 Dec 2007 22:35:18 +0000 (23:35 +0100)]
Fix ud-useradd.
Resolve issue introduced with the usergroup patch (cruft from another, removed
patch).
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 22:33:52 +0000 (23:33 +0100)]
Fix error due to cruft from the RoleAccount patch
Peter Palfrader [Tue, 25 Dec 2007 19:35:12 +0000 (20:35 +0100)]
Add myself to uploaders
Peter Palfrader [Tue, 25 Dec 2007 19:32:28 +0000 (20:32 +0100)]
Empty merge
Peter Palfrader [Tue, 25 Dec 2007 19:30:50 +0000 (20:30 +0100)]
ud-host: cleanup
Replace local copy HBaseDn of the centrally configured HostBaseDn
Peter Palfrader [Tue, 25 Dec 2007 19:25:33 +0000 (20:25 +0100)]
Add 'purpose', 'physicalHost' to debianServer
Patch from HE: Add a purpose and a physicalHost attribute to the
debianServer objectClass. Purpose is used to store the task of
the machine, like buildd, or porterbox or similar. phyiscalHost
is for setups with virtualisation, where one host runs on top of
another one. This information can then also be used by nagios and
friends.
Peter Palfrader [Tue, 25 Dec 2007 19:18:46 +0000 (20:18 +0100)]
ud-useradd: support usergroups
Patch from HE* that implements per-user groups for ud-useradd. If run
without -n the behaviour is as before. With -n (for no-automatic-IDs)
the user gets the chance to change the assigned numeric UID. The user
is also prompted for a GID. By default the default group for users is
still used but ud-useradd suggests a free group ID for the user group.
If the user group ID is chosen a group is automatically created.
(* based on work by aba and joerg)
Peter Palfrader [Tue, 25 Dec 2007 19:01:26 +0000 (20:01 +0100)]
Update debian/changelog for ud-fingerserv daemonize.
Add an entry in debia/changelog for sgran's patch that implements
daemonizing for ud-fingerserv.
Peter Palfrader [Tue, 25 Dec 2007 18:39:37 +0000 (19:39 +0100)]
ud-fingerserv: correctly daemonize
Also fork() a second time after running setsid().
Peter Palfrader [Tue, 25 Dec 2007 18:37:37 +0000 (19:37 +0100)]
ud-fingerserv: implement daemonizing
ud-fingerserv now daemonizes into the background when not run in
inetd-mode (-i) or explicitly told to not detach using the -f flag.
Patch from Stephen Gran.
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 17:32:43 +0000 (18:32 +0100)]
Really apply HE's changes.
Stephen Gran [Tue, 25 Dec 2007 15:11:05 +0000 (15:11 +0000)]
When not in inetd mode, detach from controlling terminal and daemonize
properly. This involves adding a -l (logfile) option to the command line
arguments, so that output will be captured somewhere.
Also add a -f (foreground) option, to preserve the previous default behavior.
Stephen Gran [Tue, 25 Dec 2007 15:09:51 +0000 (15:09 +0000)]
Make finger server daemonize when not in inetd mode.
Also add a foreground switch so that previous defalt behavior is preserved.
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 15:05:58 +0000 (16:05 +0100)]
Replace local copy HBaseDn of the centrally configured HostBaseDn by the
latter everywhere we use it.
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 14:37:29 +0000 (15:37 +0100)]
LDAP schema changes and fitting changes to ud-host:
* Add "purpose" (multi-value field, should contain stuff like "buildd",
"porter", ...)
* Add "physicalHost" (used for virtual system, containing the FQDN of
the physical host system)
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 14:32:07 +0000 (15:32 +0100)]
Merge usergroups patch in
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 13:06:39 +0000 (14:06 +0100)]
Allow for usergroups (ie one group per user). Leave default behaviour as it is.
Also introduce a "-n" switch (for "no automatic ids") which turns on prompting
for UID/GID. Default is now to use the DefaultGID and the first free UID.
Peter Palfrader [Tue, 25 Dec 2007 12:09:22 +0000 (13:09 +0100)]
ud-roleadd: fix role account creation.
ud-roleadd tried to put the new ldap entry - among other objectClasses - into
inetOrgPerson, which caused it to be rejected by openldap.
Peter Palfrader [Tue, 25 Dec 2007 10:36:47 +0000 (11:36 +0100)]
Build depend on python-support >= 0.3.
Change the build dependency on python-support to be versioned >= 0.3,
as suggested by lintian.
Peter Palfrader [Tue, 25 Dec 2007 10:30:46 +0000 (11:30 +0100)]
Change Build-Depends-Indep to Build-Depends.
Peter Palfrader [Tue, 25 Dec 2007 10:29:03 +0000 (11:29 +0100)]
Fix debhelper dependency.
Since we are using a debhelper compatibility level of 5 we need to
declare a versioned build dependency of >=5 on it.
Peter Palfrader [Tue, 25 Dec 2007 10:27:39 +0000 (11:27 +0100)]
Fix conffile list.
Get rid of debian/conffiles, wich only listed files in /etc anyway. Those
files were already being tagged as conffiles by debhelper, resulting in them
being listed twice in the resulting binary package.
Peter Palfrader [Tue, 25 Dec 2007 10:22:37 +0000 (11:22 +0100)]
Add userdir-ldap.schema to version control and the resulting package.
Merge the addition of the schema file from the
da-tools/userdir-ldap-common bzr repositoru on alioth.
revno: 346
committer: Marc 'HE' Brockschmidt <he@debian.org>
branch nick: userdir-ldap-common
timestamp: Tue 2007-12-25 09:34:13 +0100
message:
Add userdir-ldap.schema to version control and the resulting package
Also, add a comment on top of the schema file that says it's now being
versioned in bzr, and update debian/changelog.
joey [Tue, 4 Sep 2007 17:11:52 +0000 (17:11 +0000)]
Generate a disabled-accounts file exported to all hosts
The goal is that Alioth can also disable accounts which have been
locked by DSA. Currently it has no way to know if a given account is
locked or not.
rmurray [Thu, 16 Aug 2007 14:12:38 +0000 (14:12 +0000)]
fix change password variable name, too
troup [Thu, 16 Aug 2007 08:56:21 +0000 (08:56 +0000)]
fix check for \! prefix passwords in ud-mailgate
rmurray [Sun, 12 Aug 2007 17:40:32 +0000 (17:40 +0000)]
change packaging to use python-support to build for the default python version
rmurray [Sun, 12 Aug 2007 17:40:02 +0000 (17:40 +0000)]
change *PK* to !, and fully implement it. remove obsolete/broken ud-killcrypt
joey [Sat, 11 Aug 2007 18:34:06 +0000 (18:34 +0000)]
Finalise the changelog to build a package for etch
joey [Sat, 11 Aug 2007 18:18:34 +0000 (18:18 +0000)]
Query the LDAP server if no locally defined group with that name was found
joey [Sat, 11 Aug 2007 13:38:29 +0000 (13:38 +0000)]
Always return an integer
joey [Sat, 11 Aug 2007 13:27:37 +0000 (13:27 +0000)]
Query the LDAP server if no locally defined group with that name was found
joey [Sat, 11 Aug 2007 12:53:37 +0000 (12:53 +0000)]
Return a real error when the group cannot be found out
joey [Sat, 11 Aug 2007 10:11:55 +0000 (10:11 +0000)]
Removed unused and obsolete whrandom module
joey [Sat, 11 Aug 2007 09:59:45 +0000 (09:59 +0000)]
Improved admin output
joey [Sat, 11 Aug 2007 09:36:42 +0000 (09:36 +0000)]
Patch by aba: Import the host base dn from the configuration file,
thus make ud-host useable outside of .debian.org as well
joey [Sat, 11 Aug 2007 09:00:17 +0000 (09:00 +0000)]
Patch by aba: Don't export the password when [NOPASSWD] is set
joey [Sat, 23 Jun 2007 07:12:06 +0000 (07:12 +0000)]
Beginning of the transition to Python in etch
joey [Wed, 20 Jun 2007 07:04:22 +0000 (07:04 +0000)]
Document code changes
joey [Wed, 20 Jun 2007 07:03:40 +0000 (07:03 +0000)]
Sync older changelog entries
rmurray [Mon, 4 Jun 2007 01:56:44 +0000 (01:56 +0000)]
RT #70: Fix SUBKEY signatures; update some error cases to more recent gpgv docs
troup [Mon, 9 Apr 2007 20:42:03 +0000 (20:42 +0000)]
When checking for collisons in ud-mailgate, check for both tab and space suffixed hostnames since we accept either as input.
troup [Mon, 9 Apr 2007 19:58:31 +0000 (19:58 +0000)]
Generate ssh-rsa-shadow, debianhosts and ssh_known_hosts even for untrusted hosts (i.e. alioth)
troup [Mon, 9 Apr 2007 19:54:29 +0000 (19:54 +0000)]
'*PK*' will allow a 'locked' account to login in certain situations, remove it for now. We still need a way to disable accounts but not mail, but this isn't it.
troup [Mon, 9 Apr 2007 19:50:20 +0000 (19:50 +0000)]
Imported current file from samosa
joey [Wed, 24 Jan 2007 06:08:05 +0000 (06:08 +0000)]
Establish *PK* as mechanism for locked accounts with mail forwarding intact.
No subscription to debian-private though, and no way to log in
rmurray [Mon, 15 Jan 2007 22:16:53 +0000 (22:16 +0000)]
*** empty log message ***
rmurray [Mon, 15 Jan 2007 22:14:23 +0000 (22:14 +0000)]
only look for *LK*, and not base anything off the fingerprint when disabling mail for locked accounts
rmurray [Sat, 30 Dec 2006 11:14:35 +0000 (11:14 +0000)]
updates for generation of RHSRBL lists
rmurray [Fri, 29 Dec 2006 00:36:56 +0000 (00:36 +0000)]
don't create links in /var/lib/misc; they're not needed
rmurray [Thu, 28 Dec 2006 21:09:15 +0000 (21:09 +0000)]
fix domain name regex to allow - and not allow _
rmurray [Thu, 28 Dec 2006 12:41:35 +0000 (12:41 +0000)]
new field support for ud-info, new anti-spam related mail fields
rmurray [Wed, 27 Dec 2006 12:51:53 +0000 (12:51 +0000)]
add dns-sshfp file containing SSHFP DNS records for each host.
joey [Thu, 20 Jul 2006 09:06:17 +0000 (09:06 +0000)]
Take better care of unset attributes
rmurray [Mon, 17 Jul 2006 20:59:26 +0000 (20:59 +0000)]
bsmtp handling updated for exim4
joey [Sun, 2 Jul 2006 03:10:25 +0000 (03:10 +0000)]
Don't let Python abort unconditionally if a host wasn't found.
rmurray [Sun, 13 Nov 2005 22:50:27 +0000 (22:50 +0000)]
update maintainer/initial uploaders field
rmurray [Sun, 13 Nov 2005 22:44:26 +0000 (22:44 +0000)]
0.3.11
rmurray [Sun, 13 Nov 2005 22:36:42 +0000 (22:36 +0000)]
don't write bsmtp and dns entries without a keyFingerPrint.
rmurray [Sun, 6 Nov 2005 21:57:47 +0000 (21:57 +0000)]
generate debianhosts file for exim and possibly other uses
rmurray [Thu, 13 Oct 2005 03:26:41 +0000 (03:26 +0000)]
There can be only one hostname by the ldap schema, so don't allow multiple
hostnames to be added.
joey [Thu, 25 Aug 2005 06:47:41 +0000 (06:47 +0000)]
Don't spit out Python love when wrong arguments are given, better
detect this and exit with a proper error message
joey [Thu, 4 Aug 2005 17:25:00 +0000 (17:25 +0000)]
Removed reference to FCNTL since it is not required anymore and the
LOCK_EX is now in fcntl (and working similar).
rmurray [Tue, 26 Jul 2005 20:49:19 +0000 (20:49 +0000)]
use "db" alias for where to rsync from, rather than a hostname
joey [Thu, 7 Jul 2005 08:20:46 +0000 (08:20 +0000)]
Tighten the build dependencies
joey [Thu, 7 Jul 2005 08:19:25 +0000 (08:19 +0000)]
Move to sarge, i.e. depend on python 2.3
joey [Thu, 7 Jul 2005 07:58:44 +0000 (07:58 +0000)]
Added libnss-db to the list of dependencies
joey [Tue, 1 Feb 2005 14:46:15 +0000 (14:46 +0000)]
Initialise the Host variable