projects
/
mirror
/
userdir-ldap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Store a mac with confirmed sudo passwords, so that they cannot be modified by editing...
[mirror/userdir-ldap.git]
/
ud-generate
diff --git
a/ud-generate
b/ud-generate
index
4852003
..
1782f09
100755
(executable)
--- a/
ud-generate
+++ b/
ud-generate
@@
-223,14
+223,15
@@
def GenShadowSudo(l,File):
Pass = None
for entry in x[1]['sudoPassword']:
Pass = None
for entry in x[1]['sudoPassword']:
- Match = re.compile('^('+UUID_FORMAT+') (confirmed|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry.lower())
+ Match = re.compile('^('+UUID_FORMAT+') (confirmed
:[0-9a-f]{40}
|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry.lower())
if Match == None:
continue
if Match == None:
continue
+ uuid = Match.group(1)
status = Match.group(2)
hosts = Match.group(3)
cryptedpass = Match.group(4)
status = Match.group(2)
hosts = Match.group(3)
cryptedpass = Match.group(4)
- if status != 'confirmed
'
:
+ if status != 'confirmed
:'+make_sudopasswd_hmac('password-is-confirmed', uuid, hosts, cryptedpass)
:
continue
for_all = hosts == "*"
for_this_host = CurrentHost in hosts.split(',')
continue
for_all = hosts == "*"
for_this_host = CurrentHost in hosts.split(',')