From 6b038cc113dde577b9cc19c62656bf6d2b41362d Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 2 Aug 2010 21:35:07 +0000 Subject: [PATCH] GenShadowSudo --- UDLdap.py | 2 +- ud-generate | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/UDLdap.py b/UDLdap.py index f11c8b3..096f117 100644 --- a/UDLdap.py +++ b/UDLdap.py @@ -3,7 +3,7 @@ import time import userdir_ldap class Account: - array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey'] + array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey', 'sudoPassword'] int_values = ['shadowExpire', 'gidNumber'] defaults = { 'accountStatus': 'active', diff --git a/ud-generate b/ud-generate index 412e210..6ac9bde 100755 --- a/ud-generate +++ b/ud-generate @@ -274,12 +274,12 @@ def GenShadowSudo(File, untrusted): global PasswdAttrs for x in PasswdAttrs: + a = UDLdap.Account(x[0], x[1]) Pass = '*' - if x[1].has_key("uidNumber") == 0 or not IsInGroup(x): - continue + if not IsInGroup(x): continue - if x[1].has_key('sudoPassword'): - for entry in x[1]['sudoPassword']: + if 'sudoPassword' in a: + for entry in a['sudoPassword']: Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry) if Match == None: continue @@ -288,7 +288,7 @@ def GenShadowSudo(File, untrusted): hosts = Match.group(3) cryptedpass = Match.group(4) - if status != 'confirmed:'+make_passwd_hmac('password-is-confirmed', 'sudo', x[1]['uid'][0], uuid, hosts, cryptedpass): + if status != 'confirmed:'+make_passwd_hmac('password-is-confirmed', 'sudo', a['uid'], uuid, hosts, cryptedpass): continue for_all = hosts == "*" for_this_host = CurrentHost in hosts.split(',') @@ -303,7 +303,7 @@ def GenShadowSudo(File, untrusted): if len(Pass) > 50: Pass = '*' - Line = "%s:%s" % (GetAttr(x, "uid"), Pass) + Line = "%s:%s" % (a['uid'], Pass) Line = Sanitize(Line) + "\n" F.write("%s" % (Line)) -- 2.20.1