[Da-tools-commits] r353 ./da-tools/userdir-ldap-common: Merge shadow branch
Mark Hymers
mark at hymers.org.uk
Wed Dec 26 00:37:11 UTC 2007
------------------------------------------------------------
revno: 353
committer: Mark Hymers <mark at hymers.org.uk>
branch nick: userdir-ldap-common
timestamp: Wed 2007-12-26 00:37:11 +0000
message:
Merge shadow branch
modified:
ud-generate
------------------------------------------------------------
revno: 352.1.1
committer: Mark Hymers <mark at hymers.org.uk>
branch nick: userdir-ldap-common-shadow
timestamp: Wed 2007-12-26 00:36:13 +0000
message:
Set shadow expiry for locked accounts
modified:
ud-generate
-------------- next part --------------
=== modified file 'ud-generate'
--- a/ud-generate 2007-09-04 17:11:52 +0000
+++ b/ud-generate 2007-12-26 00:36:13 +0000
@@ -147,11 +147,20 @@
Pass = '*';
else:
Pass = Pass[7:];
+
+ # If the account is locked, mark it as such in shadow
+ # See Debian Bug #308229 for why we set it to 1 instead of 0
+ if (string.find(GetAttr(x,"userPassword"),"*LK*") != -1) \
+ or GetAttr(x,"userPassword").startswith("!"):
+ ShadowExpire = '1'
+ else:
+ ShadowExpire = GetAttr(x,"shadowexpire")
+
Line = "%s:%s:%s:%s:%s:%s:%s:%s:" % (GetAttr(x,"uid"),\
Pass,GetAttr(x,"shadowLastChange"),\
GetAttr(x,"shadowMin"),GetAttr(x,"shadowMax"),\
GetAttr(x,"shadowWarning"),GetAttr(x,"shadowinactive"),\
- GetAttr(x,"shadowexpire"));
+ ShadowExpire);
Line = Sanitize(Line) + "\n";
F.write("0%u %s" % (I,Line));
F.write(".%s %s" % (GetAttr(x,"uid"),Line));
More information about the Da-tools-commits
mailing list