[Da-tools-commits] ./da-tools/userdir-ldap-sshkeys r354: implement per-user ssh-keys as an option
Mark Hymers
mark at hymers.org.uk
Wed Dec 26 14:01:40 UTC 2007
------------------------------------------------------------
revno: 354
committer: Mark Hymers <mark at hymers.org.uk>
branch nick: userdir-ldap-common-sshkeys
timestamp: Wed 2007-12-26 14:01:40 +0000
message:
implement per-user ssh-keys as an option
modified:
ud-generate
userdir-ldap.conf
-------------- next part --------------
=== modified file 'ud-generate'
--- a/ud-generate 2007-12-26 00:36:13 +0000
+++ b/ud-generate 2007-12-26 14:01:40 +0000
@@ -173,14 +173,20 @@
Done(File,None,F);
# Generate the shadow list
-def GenSSHShadow(l,File):
- F = None;
- try:
- OldMask = os.umask(0077);
- F = open(File + ".tmp","w",0600);
- os.umask(OldMask);
-
+def GenSSHShadow(l,masterFileName):
# Fetch all the users
+ files = []
+ # Depending on config, we write out either a single file,
+ # multiple files, or both
+ if ConfModule.singlesshfile is True:
+ try:
+ OldMask = os.umask(0077);
+ masterFile = open(File + ".tmp","w",0600);
+ os.umask(OldMask);
+ except:
+ Die(masterFileName,masterFile,None)
+ raise
+
global PasswdAttrs;
if PasswdAttrs == None:
raise "No Users";
@@ -196,16 +202,41 @@
if x[1].has_key("uidNumber") == 0 or \
x[1].has_key("sshRSAAuthKey") == 0:
continue;
- for I in x[1]["sshRSAAuthKey"]:
- User = GetAttr(x,"uid");
- Line = "%s: %s" %(User,I);
- Line = Sanitize(Line) + "\n";
- F.write(Line);
- # Oops, something unspeakable happened.
- except:
- Die(File,F,None);
- raise;
- Done(File,F,None);
+ User = GetAttr(x,"uid");
+ F = None;
+
+ try:
+ if ConfModule.multiplesshfiles is True:
+ OldMask = os.umask(0077);
+ File = masterFileName + "-" + User
+ F = open(File + ".tmp","w",0600);
+ os.umask(OldMask);
+
+ for I in x[1]["sshRSAAuthKey"]:
+ if ConfModule.multiplesshfiles is True:
+ MultipleLine = "%s" % I
+ MultipleLine = Sanitize(MultipleLine) + "\n"
+ F.write(MultipleLine)
+ if ConfModule.singlesshfile is True:
+ SingleLine = "%s: %s" % (User, I)
+ SingleLine = Sanitize(SingleLine) + "\n"
+ masterFile.write(SingleLine)
+
+ if ConfModule.multiplesshfiles is True:
+ Done(File,F,None);
+ files.append(File)
+
+ # Oops, something unspeakable happened.
+ except:
+ Die(File,F,None)
+ Die(masterFileName,masterFile,None)
+ raise;
+
+ if ConfModule.singlesshfile is True:
+ Done(masterFileName,masterFile,None)
+ files.append(masterFileName)
+
+ return files
# Generate the group list
def GenGroup(l,File):
@@ -798,7 +829,7 @@
# Generate global things
GlobalDir = GenerateDir+"/";
-GenSSHShadow(l,GlobalDir+"ssh-rsa-shadow");
+SSHFiles = GenSSHShadow(l,GlobalDir+"ssh-rsa-shadow");
GenAllForward(l,GlobalDir+"mail-forward.cdb");
GenMarkers(l,GlobalDir+"markers");
GenPrivate(l,GlobalDir+"debian-private");
@@ -846,7 +877,8 @@
Allowed = None
CurrentHost = Split[0];
- DoLink(GlobalDir,OutDir,"ssh-rsa-shadow");
+ for file in SSHFiles:
+ DoLink(GlobalDir,OutDir,file);
DoLink(GlobalDir,OutDir,"debianhosts");
DoLink(GlobalDir,OutDir,"ssh_known_hosts");
DoLink(GlobalDir,OutDir,"disabled-accounts")
=== modified file 'userdir-ldap.conf'
--- a/userdir-ldap.conf 2004-11-18 15:26:28 +0000
+++ b/userdir-ldap.conf 2007-12-26 14:01:40 +0000
@@ -29,6 +29,8 @@
# For the output generator
generateconf = "/etc/userdir-ldap/generate.conf"
generatedir = "/var/cache/userdir-ldap/hosts/";
+singlesshfile = True
+multiplesshfiles = True
passdir = "/etc/userdir-ldap/";
# GPG Things
More information about the Da-tools-commits
mailing list