projects
/
mirror
/
userdir-ldap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
eed406d
)
Locked accounts
author
jgg
<>
Fri, 5 Nov 1999 04:26:30 +0000
(
04:26
+0000)
committer
jgg
<>
Fri, 5 Nov 1999 04:26:30 +0000
(
04:26
+0000)
doc/ud-info.1.yo
patch
|
blob
|
history
ud-gpgimport
patch
|
blob
|
history
ud-mailgate
patch
|
blob
|
history
diff --git
a/doc/ud-info.1.yo
b/doc/ud-info.1.yo
index
b72db4d
..
816d664
100644
(file)
--- a/
doc/ud-info.1.yo
+++ b/
doc/ud-info.1.yo
@@
-138,6
+138,12
@@
are password equivelents, whoever has the private half of the key can use it
to login to any machine, but not affect changes to the LDAP entry. SSH
authentication keys are kept private.
to login to any machine, but not affect changes to the LDAP entry. SSH
authentication keys are kept private.
+manpagesection(NOTES)
+To lock out an account take the password and prepend *LK* before the hash
+and after the {crypt} this is understood by ssh, shadow and the mailgateway to
+indicate a disabled account. No manipulations what so ever will be permitted.
+
+
manpageoptions()
startdit()
dit(bf(-a))
manpageoptions()
startdit()
dit(bf(-a))
diff --git
a/ud-gpgimport
b/ud-gpgimport
index
73e2a03
..
c85c9ba
100755
(executable)
--- a/
ud-gpgimport
+++ b/
ud-gpgimport
@@
-159,6
+159,7
@@
Keys = os.popen(string.join(Args," "),"r");
# Loop over the GPG key file
Outstanding = 0;
Ignored = 0;
# Loop over the GPG key file
Outstanding = 0;
Ignored = 0;
+SeenKeys = {};
while(1):
Line = Keys.readline();
if Line == "":
while(1):
Line = Keys.readline();
if Line == "":
@@
-179,6
+180,11
@@
while(1):
if Line2 == "":
break;
if Line2 == "":
break;
+ if SeenKeys.has_key(Split2[9]):
+ print "Dup key 0x",Split2[9],"belonging to",KeyMap[Split2[9]][0];
+ continue;
+ SeenKeys[Split2[9]] = None;
+
if KeyMap.has_key(Split2[9]):
Ignored = Ignored + 1;
# print "Ignoring keyID",Split2[9],"belonging to",KeyMap[Split2[9]][0];
if KeyMap.has_key(Split2[9]):
Ignored = Ignored + 1;
# print "Ignoring keyID",Split2[9],"belonging to",KeyMap[Split2[9]][0];
@@
-197,7
+203,7
@@
while(1):
Rec = [(ldap.MOD_ADD,"keyfingerprint",Split2[9])];
Dn = "uid=" + UID + "," + BaseDn;
Rec = [(ldap.MOD_ADD,"keyfingerprint",Split2[9])];
Dn = "uid=" + UID + "," + BaseDn;
- print "Adding key
ID
",Split2[9],"to",UID;
+ print "Adding key
0x
",Split2[9],"to",UID;
if KeyCount.has_key(UID):
KeyCount[UID] = KeyCount[UID] + 1;
else:
if KeyCount.has_key(UID):
KeyCount[UID] = KeyCount[UID] + 1;
else:
@@
-223,7
+229,7
@@
print Ignored,"keys already in the directory (ignored)";
# Look for unmatched keys
for x in KeyMap.keys():
if KeyMap[x][1] == 0:
# Look for unmatched keys
for x in KeyMap.keys():
if KeyMap[x][1] == 0:
- print "key
ID
",x,"belonging to",KeyMap[x][0],"removed";
+ print "key
0x
",x,"belonging to",KeyMap[x][0],"removed";
if KeyCount.has_key(KeyMap[x][0]) :
KeyCount[KeyMap[x][0]] = KeyCount[KeyMap[x][0]] - 1
if KeyCount[KeyMap[x][0]] <= 0:
if KeyCount.has_key(KeyMap[x][0]) :
KeyCount[KeyMap[x][0]] = KeyCount[KeyMap[x][0]] - 1
if KeyCount[KeyMap[x][0]] <= 0:
diff --git
a/ud-mailgate
b/ud-mailgate
index
38f9aca
..
91dcf40
100755
(executable)
--- a/
ud-mailgate
+++ b/
ud-mailgate
@@
-352,6
+352,9
@@
try:
if Sender == None:
raise Error, "Unable to determine the sender's address";
if Sender == None:
raise Error, "Unable to determine the sender's address";
+ if (string.find(GetAttr(Attrs[0],"userPassword"),"*LK*") != -1):
+ raise Error, "This account is locked";
+
# Formulate a reply
Date = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time()));
Reply = "To: %s\nReply-To: %s\nDate: %s\n" % (Sender,ReplyTo,Date);
# Formulate a reply
Date = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time()));
Reply = "To: %s\nReply-To: %s\nDate: %s\n" % (Sender,ReplyTo,Date);