Generate a disabled-accounts file exported to all hosts

The goal is that Alioth can also disable accounts which have been
locked by DSA.  Currently it has no way to know if a given account is
locked or not.

diff --git a/ud-generate b/ud-generate
index d55f10b..c6484cb 100755 (executable)
--- a/ud-generate
+++ b/ud-generate
@@ -390,6 +390,39 @@ def GenPrivate(l,File):
    raise;
   Done(File,F,None);
 
+# Generate a list of locked accounts
+def GenDisabledAccounts(l,File):
+  F = None;
+  try:
+   F = open(File + ".tmp","w");
+
+   # Fetch all the users
+   global PasswdAttrs;
+   if PasswdAttrs == None:
+      raise "No Users";
+
+   I = 0;
+   for x in PasswdAttrs:
+      if x[1].has_key("uidNumber") == 0:
+         continue;
+        
+      Pass = GetAttr(x,"userPassword");
+      Line = ""
+      # *LK* is the reference value for a locked account
+      # password starting with ! is also a locked account
+      if string.find(Pass,"*LK*") != -1 or Pass.startswith("!"):
+        # Format is <login>:<reason>
+        Line = "%s:%s" % (GetAttr(x,"uid"), "Account is locked")
+
+      if Line != "":
+        F.write(Sanitize(Line) + "\n")
+
+  # Oops, something unspeakable happened.
+  except:
+   Die(File,F,None);
+   raise;
+  Done(File,F,None);
+
 # Generate the list of local addresses that refuse all mail
 def GenMailDisable(l,File):
   F = None;
@@ -760,6 +793,7 @@ GenSSHShadow(l,GlobalDir+"ssh-rsa-shadow");
 GenAllForward(l,GlobalDir+"mail-forward.cdb");
 GenMarkers(l,GlobalDir+"markers");
 GenPrivate(l,GlobalDir+"debian-private");
+GenDisabledAccounts(l,GlobalDir+"disabled-accounts");
 GenSSHKnown(l,GlobalDir+"ssh_known_hosts");
 GenHosts(l,GlobalDir+"debianhosts");
 GenMailDisable(l,GlobalDir+"mail-disable");
@@ -806,6 +840,7 @@ while(1):
    DoLink(GlobalDir,OutDir,"ssh-rsa-shadow");
    DoLink(GlobalDir,OutDir,"debianhosts");
    DoLink(GlobalDir,OutDir,"ssh_known_hosts");
+   DoLink(GlobalDir,OutDir,"disabled-accounts")
 
    sys.stdout.flush();
    GenPasswd(l,OutDir+"passwd",Split[1]);