Set shadow expiry for locked accounts

author Mark Hymers <mark@hymers.org.uk>

Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)

committer Mark Hymers <mark@hymers.org.uk>

Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)
author Mark Hymers <mark@hymers.org.uk>
Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)
committer Mark Hymers <mark@hymers.org.uk>
Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)
diff --git a/ud-generate b/ud-generate

index c6484cb..3a9840b 100755 (executable)
--- a/ud-generate
+++ b/ud-generate
@@ -147,11 +147,20 @@ def GenShadow(l,File):
           Pass = '*';
        else:
           Pass = Pass[7:];
+
+      # If the account is locked, mark it as such in shadow
+      # See Debian Bug #308229 for why we set it to 1 instead of 0
+      if (string.find(GetAttr(x,"userPassword"),"*LK*")  != -1) \
+          or GetAttr(x,"userPassword").startswith("!"):
+         ShadowExpire = '1'
+      else:
+         ShadowExpire = GetAttr(x,"shadowexpire")
+
        Line = "%s:%s:%s:%s:%s:%s:%s:%s:" % (GetAttr(x,"uid"),\
                Pass,GetAttr(x,"shadowLastChange"),\
                GetAttr(x,"shadowMin"),GetAttr(x,"shadowMax"),\
                GetAttr(x,"shadowWarning"),GetAttr(x,"shadowinactive"),\
-              GetAttr(x,"shadowexpire"));
+              ShadowExpire);
        Line = Sanitize(Line) + "\n";
        F.write("0%u %s" % (I,Line));
        F.write(".%s %s" % (GetAttr(x,"uid"),Line));
author	Mark Hymers <mark@hymers.org.uk>
	Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)
committer	Mark Hymers <mark@hymers.org.uk>
	Wed, 26 Dec 2007 00:36:13 +0000 (00:36 +0000)