Julien Cristau [Fri, 11 Oct 2019 13:33:31 +0000 (15:33 +0200)]
Use "foo is None" instead of "foo == None".
Julien Cristau [Fri, 11 Oct 2019 13:31:03 +0000 (15:31 +0200)]
ud-mailgate: use subprocess.Popen instead of os.popen.
Julien Cristau [Thu, 10 Oct 2019 20:00:30 +0000 (22:00 +0200)]
Use "not in" operator in various places ("foo not in bar" instead of "not foo in bar").
Julien Cristau [Thu, 10 Oct 2019 19:50:29 +0000 (21:50 +0200)]
ud-generate: use subprocess.Popen instead of os.popen in GenCDB.
Adam D. Barratt [Thu, 10 Oct 2019 18:57:54 +0000 (19:57 +0100)]
Add changelog entry for global mail-default-options generation
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Thu, 10 Oct 2019 18:44:21 +0000 (19:44 +0100)]
ud-generate: generate mail-default-options globally
It's most likely to be useful on the mail relays, where most users
won't have local accounts
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Julien Cristau [Thu, 10 Oct 2019 09:32:28 +0000 (11:32 +0200)]
add changelog entries for ud-mailgate blocking punycode and ipv6 parsing fix
Julien Cristau [Wed, 9 Oct 2019 21:33:46 +0000 (23:33 +0200)]
Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/userdir-ldap
Adam D. Barratt [Wed, 9 Oct 2019 21:17:47 +0000 (22:17 +0100)]
Add changelog entry for ud-generate.8 typo fixes
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Wed, 9 Oct 2019 21:17:28 +0000 (22:17 +0100)]
ud-generate.8: fix some typoes
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Wed, 9 Oct 2019 20:55:34 +0000 (21:55 +0100)]
Add changelog entry for ud-generate mailDefaultOptions fix
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Wed, 9 Oct 2019 20:55:20 +0000 (21:55 +0100)]
ud-generate: actually fetch mailDefaultOptions from LDAP
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Julien Cristau [Tue, 8 Oct 2019 18:09:12 +0000 (20:09 +0200)]
ud-mailgate: remove exception for münchen.debian.net
19:58 < aba> weasel: I'm happy with removing the münchen.debian.net if this helps DSA (and further xn-- are blocked), this is just the same redirect as muenchen.d.n
Julien Cristau [Tue, 8 Oct 2019 17:35:51 +0000 (19:35 +0200)]
ud-mailgate: block punycode DNS entries
Keep an exception for a single existing domain.
Tollef Fog Heen [Sat, 27 Jul 2019 00:15:14 +0000 (02:15 +0200)]
Write uid to file too
Tollef Fog Heen [Sat, 27 Jul 2019 00:14:54 +0000 (02:14 +0200)]
Add missing .cgi to message
Tollef Fog Heen [Tue, 23 Jul 2019 20:28:22 +0000 (22:28 +0200)]
Send out web link to totp seed fetcher instead of the seed itself
This requires configuration changes (done in the sample config)
Tollef Fog Heen [Tue, 23 Jul 2019 20:17:41 +0000 (22:17 +0200)]
Remove alioth from sample config
Tollef Fog Heen [Tue, 23 Jul 2019 19:43:42 +0000 (21:43 +0200)]
Restrict access to totpSeed
Peter Palfrader [Thu, 16 May 2019 05:43:56 +0000 (07:43 +0200)]
fix ipv6 parsing. We would not properly handle empty blocks (i.e. ::).
This worked before and got broken in
28c3209e235e0d637172a1c5acd1e4142a58f8da
Peter Palfrader [Sat, 6 Apr 2019 21:24:44 +0000 (23:24 +0200)]
Merge remote-tracking branch 'jrtc27/master'
* jrtc27/master:
ud-mailgate: Assign value before check and drop semicolon
James Clarke [Sat, 6 Apr 2019 21:19:58 +0000 (21:19 +0000)]
ud-mailgate: Assign value before check and drop semicolon
Peter Palfrader [Sat, 6 Apr 2019 21:09:27 +0000 (23:09 +0200)]
DoArbChange: actually initialize value
Peter Palfrader [Sat, 6 Apr 2019 20:05:21 +0000 (22:05 +0200)]
Make arbitrary attribute change work again
This was broken by mistake during the pep8 cleanup
Julien Cristau [Sun, 10 Feb 2019 11:33:23 +0000 (12:33 +0100)]
And yet another ud-mailgate typo.
Julien Cristau [Sun, 10 Feb 2019 11:12:41 +0000 (12:12 +0100)]
Add changelog entry
Julien Cristau [Sun, 10 Feb 2019 11:11:01 +0000 (12:11 +0100)]
Fix typos
l was renamed to lc in most places.
Tollef Fog Heen [Wed, 2 Jan 2019 18:36:49 +0000 (19:36 +0100)]
Release 0.3.94
Tollef Fog Heen [Wed, 2 Jan 2019 18:29:57 +0000 (19:29 +0100)]
Fix typo in ud-mailgate.
Tollef Fog Heen [Wed, 2 Jan 2019 18:11:47 +0000 (19:11 +0100)]
Release 0.3.93
Tollef Fog Heen [Wed, 2 Jan 2019 17:49:41 +0000 (18:49 +0100)]
Update changelog
Tollef Fog Heen [Wed, 2 Jan 2019 17:47:36 +0000 (18:47 +0100)]
Remove .bzrignore, this is no longer in bzr
Tollef Fog Heen [Wed, 2 Jan 2019 17:46:44 +0000 (18:46 +0100)]
pep8 fix; indents are four, not three
Tollef Fog Heen [Wed, 2 Jan 2019 17:28:31 +0000 (18:28 +0100)]
Fix a whole lot of pep8 errors
Tollef Fog Heen [Sun, 29 Jul 2018 12:39:46 +0000 (14:39 +0200)]
Get rid of semicolons
Peter Palfrader [Fri, 23 Nov 2018 09:09:06 +0000 (10:09 +0100)]
How one identifies is not relevant to their work in Debian: remove gender attribute from ud-ldap
Peter Palfrader [Thu, 15 Nov 2018 11:35:10 +0000 (12:35 +0100)]
ud-replicate: manually remove __db.<foo>.db.t files before makedb calls.
Peter Palfrader [Thu, 15 Nov 2018 11:34:37 +0000 (12:34 +0100)]
ud-replicate: move from lockfile(1) to flock
Peter Palfrader [Thu, 15 Nov 2018 11:33:48 +0000 (12:33 +0100)]
ud-replicate: remove chroot support
We no longer use historical dchroot.
Peter Palfrader [Wed, 3 Oct 2018 07:14:43 +0000 (09:14 +0200)]
minor welcome message updates in the salsa paragraph
Peter Palfrader [Wed, 3 Oct 2018 07:13:22 +0000 (09:13 +0200)]
fix spacing in changelog
Peter Palfrader [Wed, 3 Oct 2018 07:10:59 +0000 (09:10 +0200)]
Merge remote-tracking branch 'aerostitch/update_welcome_email'
* aerostitch/update_welcome_email:
Change references from alioth to salsa in the DD welcome email
Peter Palfrader [Wed, 3 Oct 2018 07:10:58 +0000 (09:10 +0200)]
A changelog entry for the ud-guest-upgrade change
Joseph Herlant [Wed, 3 Oct 2018 02:37:47 +0000 (19:37 -0700)]
Change references from alioth to salsa in the DD welcome email
Closes: #910057
Peter Palfrader [Tue, 24 Jul 2018 11:45:38 +0000 (13:45 +0200)]
ud-guest-upgrade: do not add but replace privateSub. somebody may have added it already.
Peter Palfrader [Wed, 25 Apr 2018 19:33:51 +0000 (21:33 +0200)]
UDLdap.py: more useful exception if our array assumptions are violated
Julien Cristau [Tue, 3 Apr 2018 20:09:26 +0000 (22:09 +0200)]
Add a changelog entry
Ansgar Burchardt [Tue, 3 Apr 2018 16:31:08 +0000 (18:31 +0200)]
ud-mailgate: include name of unknown host in error message
Peter Palfrader [Thu, 1 Mar 2018 19:47:26 +0000 (20:47 +0100)]
changelog entry
Peter Palfrader [Thu, 1 Mar 2018 19:47:00 +0000 (20:47 +0100)]
clean up old/obsolete code that was broken and has been commented out since forever
Peter Palfrader [Thu, 1 Mar 2018 19:46:28 +0000 (20:46 +0100)]
Also export a host's SSHFP records to additional dns names (sshfpHostname)
Peter Palfrader [Thu, 1 Mar 2018 19:28:48 +0000 (20:28 +0100)]
Qualify each zone file entry in sshfp with a hostname, not just the first line for each host
Peter Palfrader [Thu, 1 Mar 2018 19:20:28 +0000 (20:20 +0100)]
Add sshfpHostname to schema
Peter Palfrader [Thu, 1 Mar 2018 19:18:07 +0000 (20:18 +0100)]
Document sshdistAuthKeysHost
Tollef Fog Heen [Mon, 5 Feb 2018 20:36:40 +0000 (21:36 +0100)]
PEP-8-ify a bit
Not done yet, but this is much better already. Should be no functional changes
Julien Cristau [Thu, 26 Oct 2017 18:29:32 +0000 (20:29 +0200)]
release 0.3.92
Julien Cristau [Thu, 26 Oct 2017 18:24:38 +0000 (20:24 +0200)]
Fix sigcheck pgp/mime processing with gnupg 2
gnupg 2.1 in stretch doesn't like MD5.
Héctor Orón Martínez [Wed, 30 Aug 2017 09:50:22 +0000 (11:50 +0200)]
d/changelog: update with later commit
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Héctor Orón Martínez [Wed, 30 Aug 2017 09:11:53 +0000 (11:11 +0200)]
welcome-message-Debian: update SSL certificate authority info
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Luca Filipozzi [Thu, 24 Aug 2017 16:50:18 +0000 (16:50 +0000)]
bump version
Michael Stapelberg [Fri, 18 Aug 2017 06:22:17 +0000 (08:22 +0200)]
ud-mailgate: allow : in TXT record contents
Some systems require : in TXT records, e.g. upspin:
https://upspin.io/doc/server_setup.md
Tollef Fog Heen [Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)]
Fix ud-mailgate to handle the SHA256:$fingerprint output format that stretch's ssh-keygen has switched to.
Tollef Fog Heen [Tue, 8 Aug 2017 22:37:56 +0000 (00:37 +0200)]
Add support for setting a TOTP seed
This still needs a bit of docs, but is functionally working.
Luca Filipozzi [Sun, 6 Aug 2017 22:59:40 +0000 (22:59 +0000)]
gpg2 output differs from gpg1 - fix GPGSearch
Peter Palfrader [Thu, 22 Jun 2017 17:14:04 +0000 (19:14 +0200)]
ud-generate: Create all ssh-gitolite individually
ud-generate: Do not create a global ssh-gitolite. Instead create
them per-host where needed so we can accomodate per-host ssh
authorized-keys.
Peter Palfrader [Sun, 18 Jun 2017 20:43:09 +0000 (22:43 +0200)]
Replace RSA authentication with public-key authentication in welcome messages.
Paul Wise [Sat, 17 Jun 2017 06:35:12 +0000 (14:35 +0800)]
Switch from /org to /srv in default configuration
/org has been obsoleted by /srv for many years on debian.org hosts.
Paul Wise [Mon, 13 Jun 2016 00:27:22 +0000 (08:27 +0800)]
Prevent guest accounts from using RTC addresses
Paul Wise [Fri, 12 May 2017 03:49:57 +0000 (11:49 +0800)]
Drop removed-keys.gpg, it no longer exists and should not be used
Suggested-by: Jonathan McDowell <noodles@earth.li>
Suggested-in: <
20170510080756.GB11865@earth.li>
Julien Cristau [Mon, 27 Mar 2017 12:03:03 +0000 (14:03 +0200)]
release 0.3.89
Julien Cristau [Mon, 27 Mar 2017 12:02:35 +0000 (14:02 +0200)]
Add changelog entry for use_mq patch
Christoph Berg [Mon, 27 Mar 2017 01:59:12 +0000 (09:59 +0800)]
Add option "use_mq" to allow disabling the use of mq_notify in ud-generate
Julien Cristau [Sun, 26 Mar 2017 16:20:44 +0000 (18:20 +0200)]
Fix half-assed switch away from python-support.
Peter Palfrader [Sun, 26 Mar 2017 12:09:12 +0000 (14:09 +0200)]
prepare next version
Peter Palfrader [Sun, 26 Mar 2017 12:06:06 +0000 (14:06 +0200)]
release
Julien Cristau [Mon, 20 Mar 2017 10:56:49 +0000 (11:56 +0100)]
Use dh_prep instead of dh_clean -k
Julien Cristau [Mon, 20 Mar 2017 10:56:31 +0000 (11:56 +0100)]
Use dh-python instead of python-support.
Julien Cristau [Mon, 20 Mar 2017 10:53:00 +0000 (11:53 +0100)]
Update Uploaders list.
Peter Palfrader [Wed, 8 Feb 2017 17:27:15 +0000 (18:27 +0100)]
ud-useradd: When looking for free UIDs/GIDs, also consider groups
Julien Cristau [Sun, 29 Jan 2017 11:15:36 +0000 (12:15 +0100)]
release 0.3.87
Julien Cristau [Sun, 29 Jan 2017 11:11:08 +0000 (12:11 +0100)]
Replace dependency on perl5 with perl.
Paul Wise [Tue, 14 Jun 2016 02:31:43 +0000 (10:31 +0800)]
Typo
Paul Wise [Tue, 14 Jun 2016 02:29:48 +0000 (10:29 +0800)]
Fix crash in ud-generate
Traceback (most recent call last):
File "/usr/bin/ud-generate", line 1498, in <module>
ud_generate()
File "/usr/bin/ud-generate", line 1481, in ud_generate
generate_all(generate_dir, l)
File "/usr/bin/ud-generate", line 1229, in generate_all
GenDNS(accounts, global_dir + "dns-zone")
File "/usr/bin/ud-generate", line 820, in GenDNS
if a.is_guest_account(): continue
File "/usr/lib/pymodules/python2.7/UDLdap.py", line 91, in is_guest_account
return 'guest' in self['supplementaryGid']
File "/usr/lib/pymodules/python2.7/UDLdap.py", line 48, in __getitem__
raise IndexError, "No such key: %s (dn: %s)"%(key, self.dn)
IndexError: No such key: supplementaryGid (dn: uid=debtags,ou=users,dc=debian,dc=org)
Paul Wise [Mon, 13 Jun 2016 00:27:44 +0000 (08:27 +0800)]
Look up the default group from the config instead of hardcoding it
Paul Wise [Mon, 13 Jun 2016 00:26:19 +0000 (08:26 +0800)]
Fix is_guest_account for the usergroups transition
Prevents guest accounts from using debian-private and debian.net
Paul Wise [Mon, 13 Jun 2016 00:41:11 +0000 (08:41 +0800)]
We just call the operating system Debian these days
Peter Palfrader [Fri, 5 Feb 2016 18:17:09 +0000 (19:17 +0100)]
ud-generate: get RTC domain/realm from config file
Paul Wise [Sat, 19 Dec 2015 18:05:00 +0000 (02:05 +0800)]
ries is long gone
Peter Palfrader [Thu, 19 Nov 2015 08:52:59 +0000 (09:52 +0100)]
ud-replicate: use persistent ssh connections
Peter Palfrader [Thu, 19 Nov 2015 08:23:34 +0000 (09:23 +0100)]
ud-replicate: only install/reload RTC files when they have changed.
Julien Cristau [Wed, 18 Nov 2015 15:02:33 +0000 (16:02 +0100)]
Pass BatchMode=yes option to ssh
Should help fail quickly in case of network issues. Remove the
PreferredAuthentications setting which becomes redundant.
Signed-off-by: Julien Cristau <jcristau@debian.org>
Peter Palfrader [Thu, 5 Nov 2015 09:22:21 +0000 (10:22 +0100)]
Add ud-guest-extend
Paul Wise [Sun, 1 Nov 2015 12:48:45 +0000 (20:48 +0800)]
Update ud-ldapshow and cleanup cruft around the usergroups changes
Peter Palfrader [Fri, 30 Oct 2015 07:56:52 +0000 (08:56 +0100)]
Drop paragraph about getting additional software installed
Peter Palfrader [Fri, 30 Oct 2015 07:56:35 +0000 (08:56 +0100)]
Make welcome-message and welcome-message-Debian CC (and where applicable reply-to) d-a@lists instead of d-a@d.o
Peter Palfrader [Thu, 29 Oct 2015 09:25:12 +0000 (10:25 +0100)]
ud-useradd: try to send the proper template
Peter Palfrader [Thu, 29 Oct 2015 09:24:38 +0000 (10:24 +0100)]
Make generic welcome-message more generic
Peter Palfrader [Wed, 28 Oct 2015 21:06:28 +0000 (22:06 +0100)]
fix quoting
Peter Palfrader [Wed, 28 Oct 2015 21:06:08 +0000 (22:06 +0100)]
also do rtc-passwords for prosody
Peter Palfrader [Wed, 28 Oct 2015 21:03:48 +0000 (22:03 +0100)]
Add ud-guest-upgrade