X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=blobdiff_plain;f=ud-info;h=8fde99a39343a85b00ff285fcb217882a56b5337;hp=9739380ba5d19d3c185476b4d569f1f29af1075c;hb=a6fb69805c3999a85c064a96c93417bb1c284c5c;hpb=57d51d7e5cc0a79bb97a55d9eaa0263a4cfc2005 diff --git a/ud-info b/ud-info index 9739380..8fde99a 100755 --- a/ud-info +++ b/ud-info @@ -16,10 +16,8 @@ # database # -r Enable 'root' functions, do this if your uid has access to # restricted variables. -# -# http://www.geocode.com/eagle.html-ssi -import string, time, posix, pwd, sys, getopt, ldap, crypt, whrandom, readline, copy; +import time, os, pwd, sys, getopt, ldap, crypt, readline, copy; from userdir_ldap import *; RootMode = 0; @@ -29,45 +27,69 @@ AttrInfo = {"cn": ["First Name", 101], "c": ["Country Code",1], "l": ["Locality",2], "ou": ["Membership",0], - "facsimiletelephonenumber": ["Fax Phone Number",3], - "telephonenumber": ["Phone Number",4], - "postaladdress": ["Mailing Address",5], - "postalcode": ["Postal Code",6], + "facsimileTelephoneNumber": ["Fax Phone Number",3], + "telephoneNumber": ["Phone Number",4], + "postalAddress": ["Mailing Address",5], + "postalCode": ["Postal Code",6], "uid": ["Unix User ID",0], - "loginshell": ["Unix Shell",7], - "supplementarygid": ["Unix Groups",0], - "allowedhosts": ["Host ACL",0], + "loginShell": ["Unix Shell",7], + "supplementaryGid": ["Unix Groups",0], + "allowedHost": ["Host ACL",0], "member": ["LDAP Group",0], - "emailforward": ["Email Forwarding",8], - "ircnick": ["IRC Nickname",9], - "onvacation": ["Vacation Message",10], - "labeledurl": ["Home Page",11], + "emailForward": ["Email Forwarding",8], + "ircNick": ["IRC Nickname",9], + "onVacation": ["Vacation Message",10], + "labeledURI": ["Home Page",11], "latitude": ["Latitude",12], "longitude": ["Longitude",13], - "comment": ["Comment",114], - "userpassword": ["Crypted Password",115]}; + "icqUin": ["ICQ UIN",14], + "jabberJID": ["Jabber ID",15], + "privateSub": ["Debian-Private",16], + "gender": ["Gender",17], + "birthDate": ["Date of Birth",18], + "mailDisableMessage": ["Mail Disabled",19], + "mailGreylisting": ["Mail Greylisting",20], + "mailCallout": ["Mail Callouts",21], + "mailRBL": ["Mail RBLs",22], + "mailRHSBL": ["Mail RHSBLs",23], + "mailWhitelist": ["Mail Whitelist",24], + "comment": ["Comment",116], + "userPassword": ["Crypted Password",117], + "dnsZoneEntry": ["d.net Entry",118]}; AttrPrompt = {"cn": ["Common name or first name"], "mn": ["Middle name (or initial if it ends in a dot)"], "sn": ["Surname or last name"], "c": ["ISO 2 letter country code, such as US, DE, etc"], "l": ["City name, State/Provice (Locality)\n e.g. Dallas, Texas"], - "facsimiletelephonenumber": ["Fax phone number, with area code and country code"], - "telephonenumber": ["Voice phone number"], - "postaladdress": ["Complete mailing address including postal codes and country designations\nSeperate lines using a $ character"], - "postalcode": ["Postal Code or Zip Code"], - "loginshell": ["Login shell with full path (no check is done for validity)"], - "emailforward": ["EMail address to send all mail to or blank to disable"], - "ircnick": ["IRC nickname if you use IRC"], - "onvacation": ["A message if on vaction, indicating the time of departure and return"], - "userpassword": ["The users Crypt'd password"], + "facsimileTelephoneNumber": ["Fax phone number, with area code and country code"], + "telephoneNumber": ["Voice phone number"], + "postalAddress": ["Complete mailing address including postal codes and country designations\nSeperate lines using a $ character"], + "postalCode": ["Postal Code or Zip Code"], + "loginShell": ["Login shell with full path (no check is done for validity)"], + "emailForward": ["EMail address to send all mail to or blank to disable"], + "ircNick": ["IRC nickname if you use IRC"], + "onVacation": ["A message if on vaction, indicating the time of departure and return"], + "userPassword": ["The users Crypt'd password"], "comment": ["Admin Comment about the account"], - "supplementarygid": ["Groups the user is in"], - "allowedhosts": ["Grant access to certain hosts"], + "supplementaryGid": ["Groups the user is in"], + "allowedHost": ["Grant access to certain hosts"], + "privateSub": ["Debian-Private mailing list subscription"], + "gender": ["ISO5218 Gender code (1=male,2=female,9=unspecified)"], + "birthDate": ["Date of Birth (YYYYMMDD)"], + "mailDisableMessage": ["Error message to return via SMTP"], + "mailGreylisting": ["SMTP Greylisting (TRUE/FALSE)"], + "mailCallout": ["SMTP Callouts (TRUE/FALSE)"], + "mailRBL": ["SMTP time RBL lists"], + "mailRHSBL": ["SMTP time RHSBL lists"], + "mailWhitelist": ["SMTP time whitelist from other checks"], "member": ["LDAP Group Member for slapd ACLs"], "latitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"], "longitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"], - "labeledurl": ["Web home page"]}; + "dnsZoneEntry": ["DNS Zone fragment associated this this user"], + "labeledURI": ["Web home page"], + "jabberJID": ["Jabber ID"], + "icqUin": ["ICQ UIN Number"]}; # Create a map of IDs to desc,value,attr OrderedIndex = {}; @@ -78,10 +100,10 @@ OrigOrderedIndex = copy.deepcopy(OrderedIndex); # Show shadow information def PrintShadow(Attrs): - Changed = int(GetAttr(Attrs,"shadowlastchange","0")); - MinDays = int(GetAttr(Attrs,"shadowmin","0")); - MaxDays = int(GetAttr(Attrs,"shadowmax","0")); - WarnDays = int(GetAttr(Attrs,"shadowwarning","0")); + Changed = int(GetAttr(Attrs,"shadowLastChange","0")); + MinDays = int(GetAttr(Attrs,"shadowMin","0")); + MaxDays = int(GetAttr(Attrs,"shadowMax","0")); + WarnDays = int(GetAttr(Attrs,"shadowWarning","0")); InactDays = int(GetAttr(Attrs,"shadowinactive","0")); Expire = int(GetAttr(Attrs,"shadowexpire","0")); @@ -95,14 +117,14 @@ def PrintShadow(Attrs): # Print out the automatic time stamp information def PrintModTime(Attrs): - Stamp = GetAttr(Attrs,"modifytimestamp",""); + Stamp = GetAttr(Attrs,"modifyTimestamp",""); if len(Stamp) >= 13: Time = (int(Stamp[0:4]),int(Stamp[4:6]),int(Stamp[6:8]), int(Stamp[8:10]),int(Stamp[10:12]),int(Stamp[12:14]),0,0,-1); print "%-24s:" % ("Record last modified on"), time.strftime("%a %d/%m/%Y %X UTC",Time), - print "by",ldap.explode_dn(GetAttr(Attrs,"modifiersname"),1)[0]; + print "by",ldap.explode_dn(GetAttr(Attrs,"modifiersName"),1)[0]; - Stamp = GetAttr(Attrs,"createtimestamp",""); + Stamp = GetAttr(Attrs,"createTimestamp",""); if len(Stamp) >= 13: Time = (int(Stamp[0:4]),int(Stamp[4:6]),int(Stamp[6:8]), int(Stamp[8:10]),int(Stamp[10:12]),int(Stamp[12:14]),0,0,-1); @@ -110,52 +132,30 @@ def PrintModTime(Attrs): # Print the PGP key for a user def PrintKeys(Attrs): - if Attrs[1].has_key("keyfingerprint") == 0: + if Attrs[1].has_key("keyFingerPrint") == 0: return; First = 0; - for x in Attrs[1]["keyfingerprint"]: + for x in Attrs[1]["keyFingerPrint"]: if First == 0: print "%-24s:" % ("PGP/GPG Key Fingerprints"), First = 1; else: print "%-24s:" % (""), - - # PGP Print - if (len(x) == 32): - I = 0; - while (I < len(x)): - print x[I]+x[I+1], - I = I + 2; - if I == 32/2: - print "", - elif (len(x) == 40): - # GPG Print - I = 0; - while (I < len(x)): - print x[I]+x[I+1]+x[I+2]+x[I+3], - I = I + 4; - if I == 40/2: - print "", - else: - print x, - print; + print FormatPGPKey(x); # Print the SSH RSA Authentication keys for a user def PrintSshRSAKeys(Attrs): - if Attrs[1].has_key("sshrsaauthkey") == 0: + if Attrs[1].has_key("sshRSAAuthKey") == 0: return; First = 0; - for x in Attrs[1]["sshrsaauthkey"]: + for x in Attrs[1]["sshRSAAuthKey"]: if First == 0: - print "%-24s:" % ("SSH RSA Auth Keys"), + print "%-24s:" % ("SSH Auth Keys"), First = 1; else: print "%-24s:" % (""), - Split = string.split(x," "); - - if len(Split) != 4: - del Split[0]; - print Split[0],Split[1],Split[2][:8]+".."+Split[2][-8:],string.join(Split[3:]); + + print FormatSSHAuth(x); # Display all of the attributes in a numbered list def ShowAttrs(Attrs): @@ -173,7 +173,7 @@ def ShowAttrs(Attrs): for x in Attrs[1][at]: print "'%s'" % (x), if at == "uid": - print "(id=%s, gid=%s)" % (GetAttr(Attrs,"uidnumber","-1"),GetAttr(Attrs,"gidnumber","-1")), + print "(id=%s, gid=%s)" % (GetAttr(Attrs,"uidNumber","-1"),GetAttr(Attrs,"gidNumber","-1")), print; else: OrderedIndex[AttrInfo[at][1]][1] = Attrs[1][at]; @@ -189,7 +189,9 @@ def ShowAttrs(Attrs): # Change a single attribute def ChangeAttr(Attrs,Attr): - if (Attr == "supplementarygid" or Attr == "allowedhosts" or Attr == "member"): + if (Attr == "supplementaryGid" or Attr == "allowedHost" or \ + Attr == "member" or Attr == "dnsZoneEntry" or Attr == "mailWhitelist" or \ + Attr == "mailRBL" or Attr == "mailRHSBL"): return MultiChangeAttr(Attrs,Attr); print "Old value: '%s'" % (GetAttr(Attrs,Attr,"")); @@ -227,7 +229,7 @@ def MultiChangeAttr(Attrs,Attr): Attrs[1][Attr].sort(); print "Old values: ",Attrs[1][Attr]; - Mode = string.upper(raw_input("[D]elete or [A]dd? ")); + Mode = raw_input("[D]elete or [A]dd? ").upper() if (Mode != 'D' and Mode != 'A'): return; @@ -256,10 +258,15 @@ def MultiChangeAttr(Attrs,Attr): print; # Main program starts here -User = pwd.getpwuid(posix.getuid())[0]; +User = pwd.getpwuid(os.getuid())[0]; BindUser = User; # Process options -(options, arguments) = getopt.getopt(sys.argv[1:], "nu:c:a:r") +try: + (options, arguments) = getopt.getopt(sys.argv[1:], "nu:c:a:r") +except getopt.GetoptError, data: + print data + sys.exit(1) + for (switch, val) in options: if (switch == '-u'): User = val; @@ -295,7 +302,7 @@ UserDn = "uid=" + User + "," + BaseDn; # Enable changing of supplementary gid's if (RootMode == 1): # Items that root can edit - list = ["supplementarygid","allowedhosts","member"]; + list = ["supplementaryGid","allowedHost","member"]; Count = 0; for x in list: AttrInfo[x][1] = 200 + Count; @@ -317,6 +324,7 @@ while(1): if RootMode == 1: print " a) Arbitary Change"; + print " R) Randomize Password"; print " p) Change Password"; print " u) Switch Users"; print " x) Exit"; @@ -355,21 +363,38 @@ while(1): raw_input("Press a key"); continue; - # Hash it telling glibc to use the MD5 algorithm - if you dont have - # glibc then just change Salt = "$1$" to Salt = ""; - SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/."; - Salt = "$1$"; - for x in range(0,10): - Salt = Salt + SaltVals[whrandom.randint(0,len(SaltVals)-1)]; - Pass = crypt.crypt(Pass1,Salt); - if len(Pass) < 14: - print "Caution! MD5 Password hashing failed, not changing password!"; + try: + Pass = HashPass(Pass1); + except: + print "%s: %s\n" %(sys.exc_type,sys.exc_value); raw_input("Press a key"); continue; print "Setting password.."; Pass = "{crypt}" + Pass; - l.modify_s(UserDn,[(ldap.MOD_REPLACE,"userpassword",Pass)]); + l.modify_s(UserDn,[(ldap.MOD_REPLACE,"userPassword",Pass)]); + Attrs[0][1]["userPassword"] = [Pass]; + continue; + + # Randomize password + if Response == 'R' and RootMode == 1: + Resp = raw_input("Randomize Users Password? [no/yes]"); + if Resp != "yes": + continue; + + # Generate a random password + try: + Password = GenPass(); + Pass = HashPass(Password); + except: + print "%s: %s\n" %(sys.exc_type,sys.exc_value); + raw_input("Press a key"); + continue; + + print "Setting password.."; + Pass = "{crypt}" + Pass; + l.modify_s(UserDn,[(ldap.MOD_REPLACE,"userPassword",Pass)]); + Attrs[0][1]["userPassword"] = [Pass]; continue; # Handle changing an arbitary value