add voipPassword

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>

diff --git a/ud-generate b/ud-generate
index 51437b2..9bad07a 100755 (executable)
--- a/ud-generate
+++ b/ud-generate
@@ -390,6 +390,27 @@ def GenWebPassword(accounts, File):
       Die(File, None, F)
       raise
 
       Die(File, None, F)
       raise
 

+# Generate the voipPassword list
+def GenVoipPassword(accounts, File):
+   F = None
+   try:
+      OldMask = os.umask(0077)
+      F = open(File, "w", 0600)
+      os.umask(OldMask)
+
+      for a in accounts:
+         if not 'voipPassword' in a: continue
+         if not a.pw_active(): continue
+
+         Pass = str(a['voipPassword'])
+         Line = "<user id=\"%s\">\n <params>\n  <param name=\"password\" value=\"%s\"/>\n <params />\n</user>" % (a['uid'], Pass)
+         Line = Sanitize(Line) + "\n"
+         F.write("%s" % (Line))
+
+   except:
+      Die(File, None, F)
+      raise
+

 def GenSSHtarballs(global_dir, userlist, ssh_userkeys, grouprevmap, target, current_host):
    OldMask = os.umask(0077)
    tf = tarfile.open(name=os.path.join(global_dir, 'ssh-keys-%s.tar.gz' % current_host), mode='w:gz')
 def GenSSHtarballs(global_dir, userlist, ssh_userkeys, grouprevmap, target, current_host):
    OldMask = os.umask(0077)
    tf = tarfile.open(name=os.path.join(global_dir, 'ssh-keys-%s.tar.gz' % current_host), mode='w:gz')


@@ -1021,7 +1042,7 @@ def get_accounts(ldap_conn):
                     "keyFingerPrint", "privateSub", "mailDisableMessage",\
                     "mailGreylisting", "mailCallout", "mailRBL", "mailRHSBL",\
                     "mailWhitelist", "sudoPassword", "objectClass", "accountStatus",\
                     "keyFingerPrint", "privateSub", "mailDisableMessage",\
                     "mailGreylisting", "mailCallout", "mailRBL", "mailRHSBL",\
                     "mailWhitelist", "sudoPassword", "objectClass", "accountStatus",\

-                    "mailContentInspectionAction", "webPassword"])
+                    "mailContentInspectionAction", "webPassword", "voipPassword"])

 
    if passwd_attrs is None:
       raise UDEmptyList, "No Users"
 
    if passwd_attrs is None:
       raise UDEmptyList, "No Users"


@@ -1107,6 +1128,7 @@ def generate_all(global_dir, ldap_conn):
    GenMailList(accounts, global_dir + "mail-rhsbl", "mailRHSBL")
    GenMailList(accounts, global_dir + "mail-whitelist", "mailWhitelist")
    GenWebPassword(accounts, global_dir + "web-passwords")
    GenMailList(accounts, global_dir + "mail-rhsbl", "mailRHSBL")
    GenMailList(accounts, global_dir + "mail-whitelist", "mailWhitelist")
    GenWebPassword(accounts, global_dir + "web-passwords")

+   GenVoipPassword(accounts, global_dir + "voip-passwords")

    GenKeyrings(global_dir)
 
    # Compatibility.
    GenKeyrings(global_dir)
 
    # Compatibility.

diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 12a50be..dfd094e 100644 (file)
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -48,7 +48,7 @@ access to filter="(!(supplementaryGid=adm))" attrs=keyFingerPrint
        by * break
 
 # allow users write access to an explicit subset of their fields
        by * break
 
 # allow users write access to an explicit subset of their fields

-access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions,facsimileTelephoneNumber,telephoneNumber,postalAddress,postalCode,loginShell,onVacation,privateSub,latitude,longitude,VoIP,userPassword,sudoPassword,webPassword,bATVToken
+access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions,facsimileTelephoneNumber,telephoneNumber,postalAddress,postalCode,loginShell,onVacation,privateSub,latitude,longitude,VoIP,userPassword,sudoPassword,webPassword,voipPassword,bATVToken

        by self write
        by * break
 
        by self write
        by * break
 


@@ -58,7 +58,7 @@ access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,bi
 ##
 
 # allow authn/z by anyone
 ##
 
 # allow authn/z by anyone

-access to attrs=userPassword,sudoPassword,webPassword,bATVToken
+access to attrs=userPassword,sudoPassword,webPassword,voipPassword,bATVToken

        by * compare
 
 # readable only by self
        by * compare
 
 # readable only by self

diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index 73c8640..b45f6c7 100644 (file)
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -109,6 +109,7 @@
 #   .41 - sshdistAuthKeysHost
 #   .42 - dnsTTL
 #   .43 - webPassword
 #   .41 - sshdistAuthKeysHost
 #   .42 - dnsTTL
 #   .43 - webPassword

+#   .44 - voipPassword

 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper
 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper


@@ -407,6 +408,12 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.2.43
        EQUALITY octetStringMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 
        EQUALITY octetStringMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 

+attributetype ( 1.3.6.1.4.1.9586.100.4.2.44
+       NAME 'voipPassword'
+       DESC 'password for voip.debian.org'
+       EQUALITY octetStringMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+

 # Experimental attribute types
 
 # There are existing schemas for doing DNS in LDAP; would one of
 # Experimental attribute types
 
 # There are existing schemas for doing DNS in LDAP; would one of


@@ -536,7 +543,7 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
        DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
        SUP top AUXILIARY
        MUST ( cn $ uid $ uidNumber $ gidNumber )
        DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
        SUP top AUXILIARY
        MUST ( cn $ uid $ uidNumber $ gidNumber )

-       MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword ) )
+       MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ voipPassword ) )

 
 objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
        NAME 'debianGroup'
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
        NAME 'debianGroup'