-userdir-ldap (0.3.XXX) UNRELEASED; urgency=low
+userdir-ldap (0.3.80) UNRELEASED; urgency=low
[ Peter Palfrader ]
* some ud-echelon fixes,
- do not hard-code 'debian.org' in the 'write-zonefile debian.org' call,
but instead re-use the domain from email-append.
- now preserve server side modifcation times when rsyncing data.
+ * userdir_ldap.py: read auth password from environment if set.
+ * Introduce BaseBaseDN which is the real base dn. BaseDN itself
+ has historically been used as the root of the user tree.
+ * Allow a set of users to be ignored for picking UIDs.
+ * When picking uid/gid numbers try to pick the same number for both.
+ * Merge from torproject.org:
+ - Allow sshRSAAuthKey for role accounts.
+ - Support ssh key attributes for gitolite export.
+ - Add ssh-gitolite support.
+ * debianGroups may have cn attribute (helpful when putting samba stuff into
+ ldap).
+ * ud-mailgate: Do not try to do an ldap modify with no changes - now show
+ command to changes@ should work again.
+ * ud-generate: No longer expand $ in dnsZoneEntry data to a \n\t.
+ * ud-generate: Move code into getLastBuildTime() and getLastLDAPChangeTime()
+ functions.
+ * ud-generate: Add -f option to build even if cache is current.
+ * ud-generate: Move main code into a ud_generate()
+ * ud-generate: speed improvements:
+ - cut down on calls to IsInGroup by doing it once in generate_host()
+ and not having the individual generators run it.
+ o side effect: Up until now we exported empty groups to a host, if
+ that group had a user with that group as their primary group - even
+ if that particular user was not exported to this this. No we no
+ longer export empty groups.
+ - speed up ssh tarball generation: No longer write indidividual user's ssh
+ authorized_keys to disk, only to read them later. Directly create a
+ TarInfo object without referring to any on-disk files.
+ - get rid of global state variable CurrentHost. This will enable upcoming
+ changes.
+ - UDLdap.py: make a cache for __getitem__() decisions.
+ - wrap cdbmake calls in eatmydata. Nothing else does any fsync stuff,
+ so doing it here just costs a lot.
+ * ud-generate: Use a flock() lock instead of python's lockfile class.
+ * ud-generate: The ssh authorized_keys file for the sshdist user now wraps
+ the rsync call in an flock wrapper that acquires a shared lock on
+ ud-generate's lock. This prevents syncing while ud-generate runs.
[ Stephen Gran ]
* Fix deprecation warnings for sha module by using hashlib module instead
* ud-fingerserv: update Net::LDAP import
+ * Implement audit logging for ldap
+ * stop running ud-generate if nothing has changed, based on audit logs
- -- Peter Palfrader <weasel@debian.org> Thu, 29 Dec 2011 22:05:22 +0100
+ [ Martin Zobel-Helas ]
+ * ud-generate: generate webPasswords
+ * ud-replicate: set correct permissions for web-passwords
+ * add freecdb to depends
+ * userdir-ldap.schema
+ - add webPasswords
+ - add mailPreserveSuffixSeperator
+
+ -- Martin Zobel-Helas <zobel@debian.org> Fri, 23 Mar 2012 19:19:16 +0100
userdir-ldap (0.3.79) unstable; urgency=low
projects / mirror / userdir-ldap.git / blobdiff