Mark Hymers [Thu, 27 Dec 2007 12:50:55 +0000 (12:50 +0000)]
add simple ud-config script for use in shell scripts
Mark Hymers [Thu, 27 Dec 2007 12:50:36 +0000 (12:50 +0000)]
merge
Marc 'HE' Brockschmidt [Thu, 27 Dec 2007 08:39:32 +0000 (09:39 +0100)]
Sync with -common tree again
Mark Hymers [Wed, 26 Dec 2007 22:47:26 +0000 (22:47 +0000)]
merge from upstream
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:44:21 +0000 (23:44 +0100)]
Add 1000 to UIDs and GIDs if the ud-generate.conf contains '[UIDSHIFT]' as
extra flag. This is useful if you want to preserve local accounts without
ID conflicts.
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:41:38 +0000 (23:41 +0100)]
Merge passwordless export fix
Marc 'HE' Brockschmidt [Wed, 26 Dec 2007 22:38:22 +0000 (23:38 +0100)]
Mark that no passwords are exported also in the generated passwd file, not
only in the shadow file (by using a "*" as password (meaning "no password),
instead of "x" (meaning "do I look like a passwd from the nineties? Look
into /etc/shadow!")).
Mark Hymers [Wed, 26 Dec 2007 20:55:32 +0000 (20:55 +0000)]
* ud-arbimport: os.exit -> sys.exit
Mark Hymers [Wed, 26 Dec 2007 20:49:42 +0000 (20:49 +0000)]
* Remove use of deprecated functions from the string module
Mark Hymers [Wed, 26 Dec 2007 18:01:19 +0000 (18:01 +0000)]
* ud-useradd: Avoid a TypeError exception when constructing the template
filename
Mark Hymers [Wed, 26 Dec 2007 17:57:58 +0000 (17:57 +0000)]
* ud-userimport, ud-groupadd, ud-roleadd, ud-useradd, userdir_ldap.py:
Update ud-userimport to use the same objectClasses as
ud-{user,group,role}add and abstract them out into userdir_ldap.py
Mark Hymers [Wed, 26 Dec 2007 16:23:13 +0000 (16:23 +0000)]
add note about more modern slapd configs
Mark Hymers [Wed, 26 Dec 2007 14:26:27 +0000 (14:26 +0000)]
labeledURL was removed from the schema but not the slapd.conf example
Mark Hymers [Wed, 26 Dec 2007 00:37:11 +0000 (00:37 +0000)]
Merge shadow branch
Mark Hymers [Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)]
Set shadow expiry for locked accounts
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 22:33:52 +0000 (23:33 +0100)]
Fix error due to cruft from the RoleAccount patch
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 17:32:43 +0000 (18:32 +0100)]
Really apply HE's changes.
Stephen Gran [Tue, 25 Dec 2007 15:11:05 +0000 (15:11 +0000)]
When not in inetd mode, detach from controlling terminal and daemonize
properly. This involves adding a -l (logfile) option to the command line
arguments, so that output will be captured somewhere.
Also add a -f (foreground) option, to preserve the previous default behavior.
Stephen Gran [Tue, 25 Dec 2007 15:09:51 +0000 (15:09 +0000)]
Make finger server daemonize when not in inetd mode.
Also add a foreground switch so that previous defalt behavior is preserved.
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 15:05:58 +0000 (16:05 +0100)]
Replace local copy HBaseDn of the centrally configured HostBaseDn by the
latter everywhere we use it.
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 14:37:29 +0000 (15:37 +0100)]
LDAP schema changes and fitting changes to ud-host:
* Add "purpose" (multi-value field, should contain stuff like "buildd",
"porter", ...)
* Add "physicalHost" (used for virtual system, containing the FQDN of
the physical host system)
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 14:32:07 +0000 (15:32 +0100)]
Merge usergroups patch in
Marc 'HE' Brockschmidt [Tue, 25 Dec 2007 13:06:39 +0000 (14:06 +0100)]
Allow for usergroups (ie one group per user). Leave default behaviour as it is.
Also introduce a "-n" switch (for "no automatic ids") which turns on prompting
for UID/GID. Default is now to use the DefaultGID and the first free UID.
Peter Palfrader [Tue, 25 Dec 2007 12:09:22 +0000 (13:09 +0100)]
ud-roleadd: fix role account creation.
ud-roleadd tried to put the new ldap entry - among other objectClasses - into
inetOrgPerson, which caused it to be rejected by openldap.
Peter Palfrader [Tue, 25 Dec 2007 10:36:47 +0000 (11:36 +0100)]
Build depend on python-support >= 0.3.
Change the build dependency on python-support to be versioned >= 0.3,
as suggested by lintian.
Peter Palfrader [Tue, 25 Dec 2007 10:30:46 +0000 (11:30 +0100)]
Change Build-Depends-Indep to Build-Depends.
Peter Palfrader [Tue, 25 Dec 2007 10:29:03 +0000 (11:29 +0100)]
Fix debhelper dependency.
Since we are using a debhelper compatibility level of 5 we need to
declare a versioned build dependency of >=5 on it.
Peter Palfrader [Tue, 25 Dec 2007 10:27:39 +0000 (11:27 +0100)]
Fix conffile list.
Get rid of debian/conffiles, wich only listed files in /etc anyway. Those
files were already being tagged as conffiles by debhelper, resulting in them
being listed twice in the resulting binary package.
Peter Palfrader [Tue, 25 Dec 2007 10:22:37 +0000 (11:22 +0100)]
Add userdir-ldap.schema to version control and the resulting package.
Merge the addition of the schema file from the
da-tools/userdir-ldap-common bzr repositoru on alioth.
revno: 346
committer: Marc 'HE' Brockschmidt <he@debian.org>
branch nick: userdir-ldap-common
timestamp: Tue 2007-12-25 09:34:13 +0100
message:
Add userdir-ldap.schema to version control and the resulting package
Also, add a comment on top of the schema file that says it's now being
versioned in bzr, and update debian/changelog.
joey [Tue, 4 Sep 2007 17:11:52 +0000 (17:11 +0000)]
Generate a disabled-accounts file exported to all hosts
The goal is that Alioth can also disable accounts which have been
locked by DSA. Currently it has no way to know if a given account is
locked or not.
rmurray [Thu, 16 Aug 2007 14:12:38 +0000 (14:12 +0000)]
fix change password variable name, too
troup [Thu, 16 Aug 2007 08:56:21 +0000 (08:56 +0000)]
fix check for \! prefix passwords in ud-mailgate
rmurray [Sun, 12 Aug 2007 17:40:32 +0000 (17:40 +0000)]
change packaging to use python-support to build for the default python version
rmurray [Sun, 12 Aug 2007 17:40:02 +0000 (17:40 +0000)]
change *PK* to !, and fully implement it. remove obsolete/broken ud-killcrypt
joey [Sat, 11 Aug 2007 18:34:06 +0000 (18:34 +0000)]
Finalise the changelog to build a package for etch
joey [Sat, 11 Aug 2007 18:18:34 +0000 (18:18 +0000)]
Query the LDAP server if no locally defined group with that name was found
joey [Sat, 11 Aug 2007 13:38:29 +0000 (13:38 +0000)]
Always return an integer
joey [Sat, 11 Aug 2007 13:27:37 +0000 (13:27 +0000)]
Query the LDAP server if no locally defined group with that name was found
joey [Sat, 11 Aug 2007 12:53:37 +0000 (12:53 +0000)]
Return a real error when the group cannot be found out
joey [Sat, 11 Aug 2007 10:11:55 +0000 (10:11 +0000)]
Removed unused and obsolete whrandom module
joey [Sat, 11 Aug 2007 09:59:45 +0000 (09:59 +0000)]
Improved admin output
joey [Sat, 11 Aug 2007 09:36:42 +0000 (09:36 +0000)]
Patch by aba: Import the host base dn from the configuration file,
thus make ud-host useable outside of .debian.org as well
joey [Sat, 11 Aug 2007 09:00:17 +0000 (09:00 +0000)]
Patch by aba: Don't export the password when [NOPASSWD] is set
joey [Sat, 23 Jun 2007 07:12:06 +0000 (07:12 +0000)]
Beginning of the transition to Python in etch
joey [Wed, 20 Jun 2007 07:04:22 +0000 (07:04 +0000)]
Document code changes
joey [Wed, 20 Jun 2007 07:03:40 +0000 (07:03 +0000)]
Sync older changelog entries
rmurray [Mon, 4 Jun 2007 01:56:44 +0000 (01:56 +0000)]
RT #70: Fix SUBKEY signatures; update some error cases to more recent gpgv docs
troup [Mon, 9 Apr 2007 20:42:03 +0000 (20:42 +0000)]
When checking for collisons in ud-mailgate, check for both tab and space suffixed hostnames since we accept either as input.
troup [Mon, 9 Apr 2007 19:58:31 +0000 (19:58 +0000)]
Generate ssh-rsa-shadow, debianhosts and ssh_known_hosts even for untrusted hosts (i.e. alioth)
troup [Mon, 9 Apr 2007 19:54:29 +0000 (19:54 +0000)]
'*PK*' will allow a 'locked' account to login in certain situations, remove it for now. We still need a way to disable accounts but not mail, but this isn't it.
troup [Mon, 9 Apr 2007 19:50:20 +0000 (19:50 +0000)]
Imported current file from samosa
joey [Wed, 24 Jan 2007 06:08:05 +0000 (06:08 +0000)]
Establish *PK* as mechanism for locked accounts with mail forwarding intact.
No subscription to debian-private though, and no way to log in
rmurray [Mon, 15 Jan 2007 22:16:53 +0000 (22:16 +0000)]
*** empty log message ***
rmurray [Mon, 15 Jan 2007 22:14:23 +0000 (22:14 +0000)]
only look for *LK*, and not base anything off the fingerprint when disabling mail for locked accounts
rmurray [Sat, 30 Dec 2006 11:14:35 +0000 (11:14 +0000)]
updates for generation of RHSRBL lists
rmurray [Fri, 29 Dec 2006 00:36:56 +0000 (00:36 +0000)]
don't create links in /var/lib/misc; they're not needed
rmurray [Thu, 28 Dec 2006 21:09:15 +0000 (21:09 +0000)]
fix domain name regex to allow - and not allow _
rmurray [Thu, 28 Dec 2006 12:41:35 +0000 (12:41 +0000)]
new field support for ud-info, new anti-spam related mail fields
rmurray [Wed, 27 Dec 2006 12:51:53 +0000 (12:51 +0000)]
add dns-sshfp file containing SSHFP DNS records for each host.
joey [Thu, 20 Jul 2006 09:06:17 +0000 (09:06 +0000)]
Take better care of unset attributes
rmurray [Mon, 17 Jul 2006 20:59:26 +0000 (20:59 +0000)]
bsmtp handling updated for exim4
joey [Sun, 2 Jul 2006 03:10:25 +0000 (03:10 +0000)]
Don't let Python abort unconditionally if a host wasn't found.
rmurray [Sun, 13 Nov 2005 22:50:27 +0000 (22:50 +0000)]
update maintainer/initial uploaders field
rmurray [Sun, 13 Nov 2005 22:44:26 +0000 (22:44 +0000)]
0.3.11
rmurray [Sun, 13 Nov 2005 22:36:42 +0000 (22:36 +0000)]
don't write bsmtp and dns entries without a keyFingerPrint.
rmurray [Sun, 6 Nov 2005 21:57:47 +0000 (21:57 +0000)]
generate debianhosts file for exim and possibly other uses
rmurray [Thu, 13 Oct 2005 03:26:41 +0000 (03:26 +0000)]
There can be only one hostname by the ldap schema, so don't allow multiple
hostnames to be added.
joey [Thu, 25 Aug 2005 06:47:41 +0000 (06:47 +0000)]
Don't spit out Python love when wrong arguments are given, better
detect this and exit with a proper error message
joey [Thu, 4 Aug 2005 17:25:00 +0000 (17:25 +0000)]
Removed reference to FCNTL since it is not required anymore and the
LOCK_EX is now in fcntl (and working similar).
rmurray [Tue, 26 Jul 2005 20:49:19 +0000 (20:49 +0000)]
use "db" alias for where to rsync from, rather than a hostname
joey [Thu, 7 Jul 2005 08:20:46 +0000 (08:20 +0000)]
Tighten the build dependencies
joey [Thu, 7 Jul 2005 08:19:25 +0000 (08:19 +0000)]
Move to sarge, i.e. depend on python 2.3
joey [Thu, 7 Jul 2005 07:58:44 +0000 (07:58 +0000)]
Added libnss-db to the list of dependencies
joey [Tue, 1 Feb 2005 14:46:15 +0000 (14:46 +0000)]
Initialise the Host variable
joey [Tue, 25 Jan 2005 10:56:05 +0000 (10:56 +0000)]
Adjusted symlink path for ssh_known_hosts inside chroot
joey [Tue, 25 Jan 2005 08:50:49 +0000 (08:50 +0000)]
Set and expor the path including /usr/sbin so that the chroot binary
can be found. Args.
joey [Mon, 24 Jan 2005 07:16:51 +0000 (07:16 +0000)]
Removed the build dependency to WML since the WML part has been split off
joey [Mon, 24 Jan 2005 07:05:22 +0000 (07:05 +0000)]
Finalised the changelog again
joey [Sun, 23 Jan 2005 19:14:18 +0000 (19:14 +0000)]
Added ud-roleadd for adding role accounts to LDAP
(Copyright note copied from ud-useradd due to a lot of copied code)
joey [Sun, 23 Jan 2005 16:35:03 +0000 (16:35 +0000)]
Split the group dict and added nogroup
joey [Sun, 23 Jan 2005 16:00:53 +0000 (16:00 +0000)]
Create ~/.gnupg if it does not exist since gpg will fail fatally otherwise
joey [Sun, 23 Jan 2005 15:26:41 +0000 (15:26 +0000)]
Inspired by Andreas Barth: Only fiddle with the shadow file if it does
exist and has content. Probably not needed on .debian.org hosts.
joey [Sun, 23 Jan 2005 15:21:46 +0000 (15:21 +0000)]
Inspired by Andreas Barth: Adjusted type after accidential conversion
joey [Sun, 23 Jan 2005 15:19:34 +0000 (15:19 +0000)]
Added the copyright according to the cvs log
joey [Sun, 23 Jan 2005 15:17:51 +0000 (15:17 +0000)]
Inspired by Andreas Barth: Switched from explicit support for
haydn/costa to generic support via the extra attribute [UNTRUSTED]
joey [Sun, 23 Jan 2005 11:47:13 +0000 (11:47 +0000)]
Added optional support for -h host in connection with -f
joey [Sun, 23 Jan 2005 11:44:21 +0000 (11:44 +0000)]
Added support for printing all fingerprints of .debian.org hosts.
CalcTempFile() is a kludge to work around a gross bug or lack in
Python prior to 2.3. It can be implemented much more elegantly when
there is an mkstemp() function:
from tempfile import mkstemp
(fd, name) = mkstemp()
os.close(fd)
return name
joey [Sun, 23 Jan 2005 09:45:50 +0000 (09:45 +0000)]
Patch by Andreas Barth: added --secret-keyring /dev/null
This is required for ud-mailgate to work with sarge as well. The
semantics of the option --no-default-keyring of GnuPG has been changed
between woody and sarge:
--no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that
GnuPG will not operate without any keyrings, so if you use this
option and do not provide alternate keyrings via --keyring or
--secret-keyring, then GnuPG will still use the default public or
secret keyrings. (and won't work if they don't exist)
joey [Sat, 22 Jan 2005 19:18:47 +0000 (19:18 +0000)]
Finalised the changelog
joey [Sat, 22 Jan 2005 19:18:37 +0000 (19:18 +0000)]
Support for mistyped passwords
joey [Sat, 22 Jan 2005 19:09:35 +0000 (19:09 +0000)]
Notify users about unsupported SSH1 keys
joey [Sat, 22 Jan 2005 18:38:17 +0000 (18:38 +0000)]
Corrected patch inside the chroot directory
joey [Sat, 22 Jan 2005 18:33:30 +0000 (18:33 +0000)]
Imported current file from samosa
joey [Sat, 22 Jan 2005 18:29:39 +0000 (18:29 +0000)]
Install the copyright file
joey [Sat, 22 Jan 2005 18:19:03 +0000 (18:19 +0000)]
Added plain copyright file
joey [Sun, 16 Jan 2005 06:35:55 +0000 (06:35 +0000)]
Added support for deleting the d.net entry
joey [Thu, 9 Dec 2004 17:54:53 +0000 (17:54 +0000)]
Always perform the list output anonymously
joey [Sat, 4 Dec 2004 18:07:59 +0000 (18:07 +0000)]
Start with the changelog
joey [Sat, 4 Dec 2004 18:07:18 +0000 (18:07 +0000)]
Corrected spelling for labeledURI
joey [Tue, 23 Nov 2004 10:42:16 +0000 (10:42 +0000)]
Only fiddle inside the chroot if the makedb program exists