X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=blobdiff_plain;f=ud-generate;h=7b9ca4cf21d562cf6930b2b8512e97dfb17093d7;hp=41350d07093a1f31818c1e3e85ae6c4da67531ee;hb=871ab5f2e8bda25130c70834052fa8fb020a5373;hpb=3a9baa335455ffcfbe195b1e65de4104405d7fab diff --git a/ud-generate b/ud-generate index 41350d0..7b9ca4c 100755 --- a/ud-generate +++ b/ud-generate @@ -161,9 +161,6 @@ def IsRetired(account): return False -#def IsGidDebian(account): -# return account['gidNumber'] == 800 - # See if this user is in the group list def IsInGroup(account, allowed, current_host): # See if the primary group is in the list @@ -307,7 +304,7 @@ def GenShadowSudo(accounts, File, untrusted, current_host): Pass = '*' if 'sudoPassword' in a: for entry in a['sudoPassword']: - Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry) + Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*-]+) ([^ ]+)$').match(entry) if Match == None: continue uuid = Match.group(1) @@ -886,10 +883,14 @@ def ExtractDNSInfo(x): Algorithm = 1 if Split[0] == 'ssh-dss': Algorithm = 2 + if Split[0] == 'ssh-ed25519': + Algorithm = 4 if Algorithm == None: continue Fingerprint = hashlib.new('sha1', base64.decodestring(Split[1])).hexdigest() DNSInfo.append("%sIN\tSSHFP\t%u 1 %s" % (TTLprefix, Algorithm, Fingerprint)) + Fingerprint = hashlib.new('sha256', base64.decodestring(Split[1])).hexdigest() + DNSInfo.append("%sIN\tSSHFP\t%u 2 %s" % (TTLprefix, Algorithm, Fingerprint)) if 'architecture' in x[1]: Arch = GetAttr(x, "architecture") @@ -1191,7 +1192,6 @@ def generate_all(global_dir, ldap_conn): accounts_disabled = GenDisabledAccounts(accounts, global_dir + "disabled-accounts") accounts = filter(lambda x: not IsRetired(x), accounts) - #accounts_DDs = filter(lambda x: IsGidDebian(x), accounts) CheckForward(accounts)