import userdir_ldap
class Account:
- array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey']
+ array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey', 'sudoPassword']
int_values = ['shadowExpire', 'gidNumber']
defaults = {
'accountStatus': 'active',
global PasswdAttrs
for x in PasswdAttrs:
+ a = UDLdap.Account(x[0], x[1])
Pass = '*'
- if x[1].has_key("uidNumber") == 0 or not IsInGroup(x):
- continue
+ if not IsInGroup(x): continue
- if x[1].has_key('sudoPassword'):
- for entry in x[1]['sudoPassword']:
+ if 'sudoPassword' in a:
+ for entry in a['sudoPassword']:
Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry)
if Match == None:
continue
hosts = Match.group(3)
cryptedpass = Match.group(4)
- if status != 'confirmed:'+make_passwd_hmac('password-is-confirmed', 'sudo', x[1]['uid'][0], uuid, hosts, cryptedpass):
+ if status != 'confirmed:'+make_passwd_hmac('password-is-confirmed', 'sudo', a['uid'], uuid, hosts, cryptedpass):
continue
for_all = hosts == "*"
for_this_host = CurrentHost in hosts.split(',')
if len(Pass) > 50:
Pass = '*'
- Line = "%s:%s" % (GetAttr(x, "uid"), Pass)
+ Line = "%s:%s" % (a['uid'], Pass)
Line = Sanitize(Line) + "\n"
F.write("%s" % (Line))