export dns zones to the zonefile for roleaccounts

diff --git a/debian/changelog b/debian/changelog
index da91ca8..be261c6 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,9 @@
 userdir-ldap (0.3.XX) Xnstable; urgency=low
 
   * Role accounts may have dnsZoneEntry attributes.
+  * ud-generate: and export dns zones to the zonefile for roleaccounts.
 
- -- Peter Palfrader <weasel@debian.org>  Sat, 03 Jan 2009 15:21:02 +0100
+ -- Peter Palfrader <weasel@debian.org>  Sat, 03 Jan 2009 15:34:53 +0100
 
 userdir-ldap (0.3.58) unstable; urgency=low
 

diff --git a/ud-generate b/ud-generate
index dfb3b3c..b00125c 100755 (executable)
--- a/ud-generate
+++ b/ud-generate
@@ -735,6 +735,16 @@ def GenMailList(l,File,Key):
    raise;
   Done(File,F,None);
 
+def isRoleAccount(pwEntry):
+   if not pwEntry.has_key("objectClass"):
+      raise "pwEntry has no objectClass"
+   oc =  pwEntry['objectClass']
+   try:
+      i = oc.index('debianRoleAccount')
+      return True
+   except ValueError:
+      return False
+
 # Generate the DNS Zone file
 def GenDNS(l,File,HomePrefix):
   F = None;
@@ -752,7 +762,7 @@ def GenDNS(l,File,HomePrefix):
          continue;
 
       # If the account has no PGP key, do not write it
-      if x[1].has_key("keyFingerPrint") == 0:
+      if x[1].has_key("keyFingerPrint") == 0 and not isRoleAccount(x[1]):
          continue;
       try:
          F.write("; %s\n"%(EmailAddress(x)));
@@ -1015,7 +1025,7 @@ PasswdAttrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid=*",\
                  "allowedHost","sshRSAAuthKey","dnsZoneEntry","cn","sn",\
                  "keyFingerPrint","privateSub","mailDisableMessage",\
                  "mailGreylisting","mailCallout","mailRBL","mailRHSBL",\
-                 "mailWhitelist", "sudoPassword"]);
+                 "mailWhitelist", "sudoPassword", "objectClass"]);
 # Fetch all the hosts
 HostAttrs    = l.search_s(HostBaseDn,ldap.SCOPE_ONELEVEL,"sshRSAHostKey=*",\
                 ["hostname","sshRSAHostKey","purpose"]);