mirror/userdir-ldap.git
5 years agoUse "foo is None" instead of "foo == None".
Julien Cristau [Fri, 11 Oct 2019 13:33:31 +0000 (15:33 +0200)]
Use "foo is None" instead of "foo == None".

5 years agoud-mailgate: use subprocess.Popen instead of os.popen.
Julien Cristau [Fri, 11 Oct 2019 13:31:03 +0000 (15:31 +0200)]
ud-mailgate: use subprocess.Popen instead of os.popen.

5 years agoUse "not in" operator in various places ("foo not in bar" instead of "not foo in...
Julien Cristau [Thu, 10 Oct 2019 20:00:30 +0000 (22:00 +0200)]
Use "not in" operator in various places ("foo not in bar" instead of "not foo in bar").

5 years agoud-generate: use subprocess.Popen instead of os.popen in GenCDB.
Julien Cristau [Thu, 10 Oct 2019 19:50:29 +0000 (21:50 +0200)]
ud-generate: use subprocess.Popen instead of os.popen in GenCDB.

5 years agoAdd changelog entry for global mail-default-options generation
Adam D. Barratt [Thu, 10 Oct 2019 18:57:54 +0000 (19:57 +0100)]
Add changelog entry for global mail-default-options generation

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoud-generate: generate mail-default-options globally
Adam D. Barratt [Thu, 10 Oct 2019 18:44:21 +0000 (19:44 +0100)]
ud-generate: generate mail-default-options globally

It's most likely to be useful on the mail relays, where most users
won't have local accounts

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoadd changelog entries for ud-mailgate blocking punycode and ipv6 parsing fix
Julien Cristau [Thu, 10 Oct 2019 09:32:28 +0000 (11:32 +0200)]
add changelog entries for ud-mailgate blocking punycode and ipv6 parsing fix

5 years agoMerge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/userdir-ldap
Julien Cristau [Wed, 9 Oct 2019 21:33:46 +0000 (23:33 +0200)]
Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/userdir-ldap

5 years agoAdd changelog entry for ud-generate.8 typo fixes
Adam D. Barratt [Wed, 9 Oct 2019 21:17:47 +0000 (22:17 +0100)]
Add changelog entry for ud-generate.8 typo fixes

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoud-generate.8: fix some typoes
Adam D. Barratt [Wed, 9 Oct 2019 21:17:28 +0000 (22:17 +0100)]
ud-generate.8: fix some typoes

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoAdd changelog entry for ud-generate mailDefaultOptions fix
Adam D. Barratt [Wed, 9 Oct 2019 20:55:34 +0000 (21:55 +0100)]
Add changelog entry for ud-generate mailDefaultOptions fix

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoud-generate: actually fetch mailDefaultOptions from LDAP
Adam D. Barratt [Wed, 9 Oct 2019 20:55:20 +0000 (21:55 +0100)]
ud-generate: actually fetch mailDefaultOptions from LDAP

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoud-mailgate: remove exception for münchen.debian.net master
Julien Cristau [Tue, 8 Oct 2019 18:09:12 +0000 (20:09 +0200)]
ud-mailgate: remove exception for münchen.debian.net

19:58 < aba> weasel: I'm happy with removing the münchen.debian.net if this helps DSA (and further xn-- are blocked), this is just the same redirect as muenchen.d.n

5 years agoud-mailgate: block punycode DNS entries
Julien Cristau [Tue, 8 Oct 2019 17:35:51 +0000 (19:35 +0200)]
ud-mailgate: block punycode DNS entries

Keep an exception for a single existing domain.

5 years agoWrite uid to file too
Tollef Fog Heen [Sat, 27 Jul 2019 00:15:14 +0000 (02:15 +0200)]
Write uid to file too

5 years agoAdd missing .cgi to message
Tollef Fog Heen [Sat, 27 Jul 2019 00:14:54 +0000 (02:14 +0200)]
Add missing .cgi to message

5 years agoSend out web link to totp seed fetcher instead of the seed itself
Tollef Fog Heen [Tue, 23 Jul 2019 20:28:22 +0000 (22:28 +0200)]
Send out web link to totp seed fetcher instead of the seed itself

This requires configuration changes (done in the sample config)

5 years agoRemove alioth from sample config
Tollef Fog Heen [Tue, 23 Jul 2019 20:17:41 +0000 (22:17 +0200)]
Remove alioth from sample config

5 years agoRestrict access to totpSeed
Tollef Fog Heen [Tue, 23 Jul 2019 19:43:42 +0000 (21:43 +0200)]
Restrict access to totpSeed

5 years agofix ipv6 parsing. We would not properly handle empty blocks (i.e. ::).
Peter Palfrader [Thu, 16 May 2019 05:43:56 +0000 (07:43 +0200)]
fix ipv6 parsing.  We would not properly handle empty blocks (i.e. ::).

This worked before and got broken in 28c3209e235e0d637172a1c5acd1e4142a58f8da

5 years agoMerge remote-tracking branch 'jrtc27/master'
Peter Palfrader [Sat, 6 Apr 2019 21:24:44 +0000 (23:24 +0200)]
Merge remote-tracking branch 'jrtc27/master'

* jrtc27/master:
  ud-mailgate: Assign value before check and drop semicolon

5 years agoud-mailgate: Assign value before check and drop semicolon
James Clarke [Sat, 6 Apr 2019 21:19:58 +0000 (21:19 +0000)]
ud-mailgate: Assign value before check and drop semicolon

5 years agoDoArbChange: actually initialize value
Peter Palfrader [Sat, 6 Apr 2019 21:09:27 +0000 (23:09 +0200)]
DoArbChange: actually initialize value

5 years agoMake arbitrary attribute change work again
Peter Palfrader [Sat, 6 Apr 2019 20:05:21 +0000 (22:05 +0200)]
Make arbitrary attribute change work again

This was broken by mistake during the pep8 cleanup

5 years agoAnd yet another ud-mailgate typo. userdir-ldap-0.3.96
Julien Cristau [Sun, 10 Feb 2019 11:33:23 +0000 (12:33 +0100)]
And yet another ud-mailgate typo.

5 years agoAdd changelog entry userdir-ldap-0.3.95
Julien Cristau [Sun, 10 Feb 2019 11:12:41 +0000 (12:12 +0100)]
Add changelog entry

5 years agoFix typos
Julien Cristau [Sun, 10 Feb 2019 11:11:01 +0000 (12:11 +0100)]
Fix typos

l was renamed to lc in most places.

5 years agoRelease 0.3.94 userdir-ldap-0.3.94
Tollef Fog Heen [Wed, 2 Jan 2019 18:36:49 +0000 (19:36 +0100)]
Release 0.3.94

5 years agoFix typo in ud-mailgate.
Tollef Fog Heen [Wed, 2 Jan 2019 18:29:57 +0000 (19:29 +0100)]
Fix typo in ud-mailgate.

5 years agoRelease 0.3.93 userdir-ldap-0.3.93
Tollef Fog Heen [Wed, 2 Jan 2019 18:11:47 +0000 (19:11 +0100)]
Release 0.3.93

5 years agoUpdate changelog
Tollef Fog Heen [Wed, 2 Jan 2019 17:49:41 +0000 (18:49 +0100)]
Update changelog

5 years agoRemove .bzrignore, this is no longer in bzr
Tollef Fog Heen [Wed, 2 Jan 2019 17:47:36 +0000 (18:47 +0100)]
Remove .bzrignore, this is no longer in bzr

5 years agopep8 fix; indents are four, not three
Tollef Fog Heen [Wed, 2 Jan 2019 17:46:44 +0000 (18:46 +0100)]
pep8 fix; indents are four, not three

5 years agoFix a whole lot of pep8 errors
Tollef Fog Heen [Wed, 2 Jan 2019 17:28:31 +0000 (18:28 +0100)]
Fix a whole lot of pep8 errors

5 years agoGet rid of semicolons
Tollef Fog Heen [Sun, 29 Jul 2018 12:39:46 +0000 (14:39 +0200)]
Get rid of semicolons

5 years agoHow one identifies is not relevant to their work in Debian: remove gender attribute...
Peter Palfrader [Fri, 23 Nov 2018 09:09:06 +0000 (10:09 +0100)]
How one identifies is not relevant to their work in Debian: remove gender attribute from ud-ldap

5 years agoud-replicate: manually remove __db.<foo>.db.t files before makedb calls.
Peter Palfrader [Thu, 15 Nov 2018 11:35:10 +0000 (12:35 +0100)]
ud-replicate: manually remove __db.<foo>.db.t files before makedb calls.

5 years agoud-replicate: move from lockfile(1) to flock
Peter Palfrader [Thu, 15 Nov 2018 11:34:37 +0000 (12:34 +0100)]
ud-replicate: move from lockfile(1) to flock

5 years agoud-replicate: remove chroot support
Peter Palfrader [Thu, 15 Nov 2018 11:33:48 +0000 (12:33 +0100)]
ud-replicate: remove chroot support

We no longer use historical dchroot.

6 years agominor welcome message updates in the salsa paragraph
Peter Palfrader [Wed, 3 Oct 2018 07:14:43 +0000 (09:14 +0200)]
minor welcome message updates in the salsa paragraph

6 years agofix spacing in changelog
Peter Palfrader [Wed, 3 Oct 2018 07:13:22 +0000 (09:13 +0200)]
fix spacing in changelog

6 years agoMerge remote-tracking branch 'aerostitch/update_welcome_email'
Peter Palfrader [Wed, 3 Oct 2018 07:10:59 +0000 (09:10 +0200)]
Merge remote-tracking branch 'aerostitch/update_welcome_email'

* aerostitch/update_welcome_email:
  Change references from alioth to salsa in the DD welcome email

6 years agoA changelog entry for the ud-guest-upgrade change
Peter Palfrader [Wed, 3 Oct 2018 07:10:58 +0000 (09:10 +0200)]
A changelog entry for the ud-guest-upgrade change

6 years agoChange references from alioth to salsa in the DD welcome email
Joseph Herlant [Wed, 3 Oct 2018 02:37:47 +0000 (19:37 -0700)]
Change references from alioth to salsa in the DD welcome email

Closes: #910057

6 years agoud-guest-upgrade: do not add but replace privateSub. somebody may have added it...
Peter Palfrader [Tue, 24 Jul 2018 11:45:38 +0000 (13:45 +0200)]
ud-guest-upgrade: do not add but replace privateSub.  somebody may have added it already.

6 years agoUDLdap.py: more useful exception if our array assumptions are violated
Peter Palfrader [Wed, 25 Apr 2018 19:33:51 +0000 (21:33 +0200)]
UDLdap.py: more useful exception if our array assumptions are violated

6 years agoAdd a changelog entry
Julien Cristau [Tue, 3 Apr 2018 20:09:26 +0000 (22:09 +0200)]
Add a changelog entry

6 years agoud-mailgate: include name of unknown host in error message
Ansgar Burchardt [Tue, 3 Apr 2018 16:31:08 +0000 (18:31 +0200)]
ud-mailgate: include name of unknown host in error message

6 years agochangelog entry
Peter Palfrader [Thu, 1 Mar 2018 19:47:26 +0000 (20:47 +0100)]
changelog entry

6 years agoclean up old/obsolete code that was broken and has been commented out since forever
Peter Palfrader [Thu, 1 Mar 2018 19:47:00 +0000 (20:47 +0100)]
clean up old/obsolete code that was broken and has been commented out since forever

6 years agoAlso export a host's SSHFP records to additional dns names (sshfpHostname)
Peter Palfrader [Thu, 1 Mar 2018 19:46:28 +0000 (20:46 +0100)]
Also export a host's SSHFP records to additional dns names (sshfpHostname)

6 years agoQualify each zone file entry in sshfp with a hostname, not just the first line for...
Peter Palfrader [Thu, 1 Mar 2018 19:28:48 +0000 (20:28 +0100)]
Qualify each zone file entry in sshfp with a hostname, not just the first line for each host

6 years agoAdd sshfpHostname to schema
Peter Palfrader [Thu, 1 Mar 2018 19:20:28 +0000 (20:20 +0100)]
Add sshfpHostname to schema

6 years agoDocument sshdistAuthKeysHost
Peter Palfrader [Thu, 1 Mar 2018 19:18:07 +0000 (20:18 +0100)]
Document sshdistAuthKeysHost

6 years agoPEP-8-ify a bit
Tollef Fog Heen [Mon, 5 Feb 2018 20:36:40 +0000 (21:36 +0100)]
PEP-8-ify a bit

Not done yet, but this is much better already.  Should be no functional changes

7 years agorelease 0.3.92
Julien Cristau [Thu, 26 Oct 2017 18:29:32 +0000 (20:29 +0200)]
release 0.3.92

7 years agoFix sigcheck pgp/mime processing with gnupg 2
Julien Cristau [Thu, 26 Oct 2017 18:24:38 +0000 (20:24 +0200)]
Fix sigcheck pgp/mime processing with gnupg 2

gnupg 2.1 in stretch doesn't like MD5.

7 years agod/changelog: update with later commit
Héctor Orón Martínez [Wed, 30 Aug 2017 09:50:22 +0000 (11:50 +0200)]
d/changelog: update with later commit

Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
7 years agowelcome-message-Debian: update SSL certificate authority info
Héctor Orón Martínez [Wed, 30 Aug 2017 09:11:53 +0000 (11:11 +0200)]
welcome-message-Debian: update SSL certificate authority info

Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
7 years agobump version
Luca Filipozzi [Thu, 24 Aug 2017 16:50:18 +0000 (16:50 +0000)]
bump version

7 years agoud-mailgate: allow : in TXT record contents
Michael Stapelberg [Fri, 18 Aug 2017 06:22:17 +0000 (08:22 +0200)]
ud-mailgate: allow : in TXT record contents

Some systems require : in TXT records, e.g. upspin:
https://upspin.io/doc/server_setup.md

7 years agoFix ud-mailgate to handle the SHA256:$fingerprint output format that stretch's ssh...
Tollef Fog Heen [Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)]
Fix ud-mailgate to handle the SHA256:$fingerprint output format that stretch's ssh-keygen has switched to.

7 years agoAdd support for setting a TOTP seed
Tollef Fog Heen [Tue, 8 Aug 2017 22:37:56 +0000 (00:37 +0200)]
Add support for setting a TOTP seed

This still needs a bit of docs, but is functionally working.

7 years agogpg2 output differs from gpg1 - fix GPGSearch
Luca Filipozzi [Sun, 6 Aug 2017 22:59:40 +0000 (22:59 +0000)]
gpg2 output differs from gpg1 - fix GPGSearch

7 years agoud-generate: Create all ssh-gitolite individually
Peter Palfrader [Thu, 22 Jun 2017 17:14:04 +0000 (19:14 +0200)]
ud-generate: Create all ssh-gitolite individually

ud-generate:  Do not create a global ssh-gitolite.  Instead create
them per-host where needed so we can accomodate per-host ssh
authorized-keys.

7 years agoReplace RSA authentication with public-key authentication in welcome messages.
Peter Palfrader [Sun, 18 Jun 2017 20:43:09 +0000 (22:43 +0200)]
Replace RSA authentication with public-key authentication in welcome messages.

7 years agoSwitch from /org to /srv in default configuration
Paul Wise [Sat, 17 Jun 2017 06:35:12 +0000 (14:35 +0800)]
Switch from /org to /srv in default configuration

/org has been obsoleted by /srv for many years on debian.org hosts.

7 years agoPrevent guest accounts from using RTC addresses
Paul Wise [Mon, 13 Jun 2016 00:27:22 +0000 (08:27 +0800)]
Prevent guest accounts from using RTC addresses

7 years agoDrop removed-keys.gpg, it no longer exists and should not be used
Paul Wise [Fri, 12 May 2017 03:49:57 +0000 (11:49 +0800)]
Drop removed-keys.gpg, it no longer exists and should not be used

Suggested-by: Jonathan McDowell <noodles@earth.li>
Suggested-in: <20170510080756.GB11865@earth.li>

7 years agorelease 0.3.89 userdir-ldap-0.3.89
Julien Cristau [Mon, 27 Mar 2017 12:03:03 +0000 (14:03 +0200)]
release 0.3.89

7 years agoAdd changelog entry for use_mq patch
Julien Cristau [Mon, 27 Mar 2017 12:02:35 +0000 (14:02 +0200)]
Add changelog entry for use_mq patch

7 years agoAdd option "use_mq" to allow disabling the use of mq_notify in ud-generate
Christoph Berg [Mon, 27 Mar 2017 01:59:12 +0000 (09:59 +0800)]
Add option "use_mq" to allow disabling the use of mq_notify in ud-generate

7 years agoFix half-assed switch away from python-support.
Julien Cristau [Sun, 26 Mar 2017 16:20:44 +0000 (18:20 +0200)]
Fix half-assed switch away from python-support.

7 years agoprepare next version
Peter Palfrader [Sun, 26 Mar 2017 12:09:12 +0000 (14:09 +0200)]
prepare next version

7 years agorelease userdir-ldap-0.3.88
Peter Palfrader [Sun, 26 Mar 2017 12:06:06 +0000 (14:06 +0200)]
release

7 years agoUse dh_prep instead of dh_clean -k
Julien Cristau [Mon, 20 Mar 2017 10:56:49 +0000 (11:56 +0100)]
Use dh_prep instead of dh_clean -k

7 years agoUse dh-python instead of python-support.
Julien Cristau [Mon, 20 Mar 2017 10:56:31 +0000 (11:56 +0100)]
Use dh-python instead of python-support.

7 years agoUpdate Uploaders list.
Julien Cristau [Mon, 20 Mar 2017 10:53:00 +0000 (11:53 +0100)]
Update Uploaders list.

7 years agoud-useradd: When looking for free UIDs/GIDs, also consider groups
Peter Palfrader [Wed, 8 Feb 2017 17:27:15 +0000 (18:27 +0100)]
ud-useradd: When looking for free UIDs/GIDs, also consider groups

7 years agorelease 0.3.87
Julien Cristau [Sun, 29 Jan 2017 11:15:36 +0000 (12:15 +0100)]
release 0.3.87

7 years agoReplace dependency on perl5 with perl.
Julien Cristau [Sun, 29 Jan 2017 11:11:08 +0000 (12:11 +0100)]
Replace dependency on perl5 with perl.

8 years agoTypo
Paul Wise [Tue, 14 Jun 2016 02:31:43 +0000 (10:31 +0800)]
Typo

8 years agoFix crash in ud-generate
Paul Wise [Tue, 14 Jun 2016 02:29:48 +0000 (10:29 +0800)]
Fix crash in ud-generate

Traceback (most recent call last):
  File "/usr/bin/ud-generate", line 1498, in <module>
    ud_generate()
  File "/usr/bin/ud-generate", line 1481, in ud_generate
    generate_all(generate_dir, l)
  File "/usr/bin/ud-generate", line 1229, in generate_all
    GenDNS(accounts, global_dir + "dns-zone")
  File "/usr/bin/ud-generate", line 820, in GenDNS
    if a.is_guest_account(): continue
  File "/usr/lib/pymodules/python2.7/UDLdap.py", line 91, in is_guest_account
    return 'guest' in self['supplementaryGid']
  File "/usr/lib/pymodules/python2.7/UDLdap.py", line 48, in __getitem__
    raise IndexError, "No such key: %s (dn: %s)"%(key, self.dn)
IndexError: No such key: supplementaryGid (dn: uid=debtags,ou=users,dc=debian,dc=org)

8 years agoLook up the default group from the config instead of hardcoding it
Paul Wise [Mon, 13 Jun 2016 00:27:44 +0000 (08:27 +0800)]
Look up the default group from the config instead of hardcoding it

8 years agoFix is_guest_account for the usergroups transition
Paul Wise [Mon, 13 Jun 2016 00:26:19 +0000 (08:26 +0800)]
Fix is_guest_account for the usergroups transition

Prevents guest accounts from using debian-private and debian.net

8 years agoWe just call the operating system Debian these days
Paul Wise [Mon, 13 Jun 2016 00:41:11 +0000 (08:41 +0800)]
We just call the operating system Debian these days

8 years agoud-generate: get RTC domain/realm from config file
Peter Palfrader [Fri, 5 Feb 2016 18:17:09 +0000 (19:17 +0100)]
ud-generate: get RTC domain/realm from config file

8 years agories is long gone
Paul Wise [Sat, 19 Dec 2015 18:05:00 +0000 (02:05 +0800)]
ries is long gone

8 years agoud-replicate: use persistent ssh connections
Peter Palfrader [Thu, 19 Nov 2015 08:52:59 +0000 (09:52 +0100)]
ud-replicate: use persistent ssh connections

8 years agoud-replicate: only install/reload RTC files when they have changed.
Peter Palfrader [Thu, 19 Nov 2015 08:23:34 +0000 (09:23 +0100)]
ud-replicate: only install/reload RTC files when they have changed.

8 years agoPass BatchMode=yes option to ssh
Julien Cristau [Wed, 18 Nov 2015 15:02:33 +0000 (16:02 +0100)]
Pass BatchMode=yes option to ssh

Should help fail quickly in case of network issues.  Remove the
PreferredAuthentications setting which becomes redundant.

Signed-off-by: Julien Cristau <jcristau@debian.org>
8 years agoAdd ud-guest-extend
Peter Palfrader [Thu, 5 Nov 2015 09:22:21 +0000 (10:22 +0100)]
Add ud-guest-extend

9 years agoUpdate ud-ldapshow and cleanup cruft around the usergroups changes
Paul Wise [Sun, 1 Nov 2015 12:48:45 +0000 (20:48 +0800)]
Update ud-ldapshow and cleanup cruft around the usergroups changes

9 years agoDrop paragraph about getting additional software installed
Peter Palfrader [Fri, 30 Oct 2015 07:56:52 +0000 (08:56 +0100)]
Drop paragraph about getting additional software installed

9 years agoMake welcome-message and welcome-message-Debian CC (and where applicable reply-to...
Peter Palfrader [Fri, 30 Oct 2015 07:56:35 +0000 (08:56 +0100)]
Make welcome-message and welcome-message-Debian CC (and where applicable reply-to) d-a@lists instead of d-a@d.o

9 years agoud-useradd: try to send the proper template
Peter Palfrader [Thu, 29 Oct 2015 09:25:12 +0000 (10:25 +0100)]
ud-useradd: try to send the proper template

9 years agoMake generic welcome-message more generic
Peter Palfrader [Thu, 29 Oct 2015 09:24:38 +0000 (10:24 +0100)]
Make generic welcome-message more generic

9 years agofix quoting
Peter Palfrader [Wed, 28 Oct 2015 21:06:28 +0000 (22:06 +0100)]
fix quoting

9 years agoalso do rtc-passwords for prosody
Peter Palfrader [Wed, 28 Oct 2015 21:06:08 +0000 (22:06 +0100)]
also do rtc-passwords for prosody

9 years agoAdd ud-guest-upgrade
Peter Palfrader [Wed, 28 Oct 2015 21:03:48 +0000 (22:03 +0100)]
Add ud-guest-upgrade