echo "userdir_gpg" >> $(i)/$(pysite)/userdir_ldap.pth
install -m 644 userdir_ldap.py userdir_gpg.py \
$(i)/$(pysite)/userdir_ldap/
- install -m 755 {ud-forwardlist,ud-gpgimport,ud-info,ud-ldapshow,ud-userimport,ud-mailgate,ud-generate,ud-passchk,ud-useradd,ud-replicate,ud-xearth,ud-fingerserv,ud-echelon,ud-groupadd,ud-host,ud-zoneupdate} $(i)/usr/bin/
+ install -m 755 {ud-forwardlist,ud-gpgimport,ud-info,ud-ldapshow,ud-userimport,ud-mailgate,ud-generate,ud-passchk,ud-useradd,ud-replicate,ud-xearth,ud-fingerserv,ud-echelon,ud-groupadd,ud-host,ud-zoneupdate,ud-roleadd} $(i)/usr/bin/
install -m 755 sigcheck $(i)/usr/bin/
install -m 644 debian/ud-replicate.cron.d $(i)/etc/cron.d/ud-replicate
--- /dev/null
+#!/usr/bin/env python
+# -*- mode: python -*-
+
+# Copyright (c) 1999-2000 Jason Gunthorpe <jgg@debian.org>
+# Copyright (c) 2001-2003 James Troup <troup@debian.org>
+# Copyright (c) 2004-2005 Joey Schulze <joey@infodrom.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+import string, time, ldap, getopt, sys, os, pwd
+from userdir_ldap import *
+
+# This tries to search for a free UID. There are two possible ways to do
+# this, one is to fetch all the entires and pick the highest, the other
+# is to randomly guess uids until one is free. This uses the former.
+# Regrettably ldap doesn't have an integer attribute comparision function
+# so we can only cut the search down slightly
+
+# [JT] This is broken with Woody LDAP and the Schema; for now just
+# search through all UIDs.
+def GetFreeID(l):
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,
+ "uidNumber=*",["uidNumber"])
+ HighestUID = 0
+ for I in Attrs:
+ ID = int(GetAttr(I,"uidNumber","0"))
+ if ID > HighestUID:
+ HighestUID = ID
+ return HighestUID + 1
+
+# Main starts here
+AdminUser = pwd.getpwuid(os.getuid())[0]
+
+# Process options
+(options, arguments) = getopt.getopt(sys.argv[1:], "u:")
+for (switch, val) in options:
+ if (switch == '-u'):
+ AdminUser = val
+
+l = passwdAccessLDAP(LDAPServer, BaseDn, AdminUser)
+
+while 1:
+ account = raw_input("Who are you going to add? ")
+ if account == "":
+ sys.exit(0)
+
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid=" + account)
+ if len(Attrs) == 0:
+ break
+
+ print "That account already exists."
+
+Res = raw_input("Name for GECOS field? ")
+if Res != "":
+ cn = Res
+
+# GID
+Res = raw_input("Group ID Number? ")
+if Res != "":
+ gidNumber = Group2GID(Res)
+
+# UID
+uidNumber = GetFreeID(l)
+
+# Now we have all the bits of information.
+print "------------"
+print "Final information collected:"
+print " Username %s:" % cn
+print " Assigned UID:",uidNumber," GID:", gidNumber
+print " GECOS Field: \"%s,,,,\"" % cn
+print " Login Shell: /bin/false"
+Res = raw_input("Continue [No/yes]? ")
+if Res != "yes":
+ sys.exit(1)
+
+# Submit the modification request
+Dn = "uid=" + account + "," + BaseDn
+print "Updating LDAP directory..",
+sys.stdout.flush()
+
+Details = [("uid",account),
+ ("objectClass",
+ ("top","inetOrgPerson","debianAccount","shadowAccount","debianRoleAccount")),
+ ("uidNumber",str(uidNumber)),
+ ("gidNumber",str(gidNumber)),
+ ("gecos",cn+",,,,"),
+ ("loginShell","/bin/false"),
+ ("cn",cn),
+ ("shadowLastChange",str(int(time.time()/24/60/60))),
+ ("shadowMin","0"),
+ ("shadowMax","99999"),
+ ("shadowWarning","7"),
+ ("userPassword","{crypt}*")]
+l.add_s(Dn,Details)
+
+print