[Da-tools-commits] ./debian/userdir-ldap r502: export dns zones to the zonefile for roleaccounts

Peter Palfrader peter at palfrader.org
Sat Jan 3 14:35:30 UTC 2009 

------------------------------------------------------------
revno: 502
committer: Peter Palfrader <peter at palfrader.org>
branch nick: userdir-ldap
timestamp: Sat 2009-01-03 15:35:30 +0100
message:
  export dns zones to the zonefile for roleaccounts
modified:
  debian/changelog
  ud-generate
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog	2009-01-03 14:21:25 +0000
+++ b/debian/changelog	2009-01-03 14:35:30 +0000
@@ -1,8 +1,9 @@
 userdir-ldap (0.3.XX) Xnstable; urgency=low
 
   * Role accounts may have dnsZoneEntry attributes.
+  * ud-generate: and export dns zones to the zonefile for roleaccounts.
 
- -- Peter Palfrader <weasel at debian.org>  Sat, 03 Jan 2009 15:21:02 +0100
+ -- Peter Palfrader <weasel at debian.org>  Sat, 03 Jan 2009 15:34:53 +0100
 
 userdir-ldap (0.3.58) unstable; urgency=low
 

=== modified file 'ud-generate'
--- a/ud-generate	2008-12-14 00:58:15 +0000
+++ b/ud-generate	2009-01-03 14:35:30 +0000
@@ -735,6 +735,16 @@
    raise;
   Done(File,F,None);
 
+def isRoleAccount(pwEntry):
+   if not pwEntry.has_key("objectClass"):
+      raise "pwEntry has no objectClass"
+   oc =  pwEntry['objectClass']
+   try:
+      i = oc.index('debianRoleAccount')
+      return True
+   except ValueError:
+      return False
+
 # Generate the DNS Zone file
 def GenDNS(l,File,HomePrefix):
   F = None;
@@ -752,7 +762,7 @@
          continue;
 
       # If the account has no PGP key, do not write it
-      if x[1].has_key("keyFingerPrint") == 0:
+      if x[1].has_key("keyFingerPrint") == 0 and not isRoleAccount(x[1]):
          continue;
       try:
          F.write("; %s\n"%(EmailAddress(x)));
@@ -1015,7 +1025,7 @@
                  "allowedHost","sshRSAAuthKey","dnsZoneEntry","cn","sn",\
                  "keyFingerPrint","privateSub","mailDisableMessage",\
                  "mailGreylisting","mailCallout","mailRBL","mailRHSBL",\
-                 "mailWhitelist", "sudoPassword"]);
+                 "mailWhitelist", "sudoPassword", "objectClass"]);
 # Fetch all the hosts
 HostAttrs    = l.search_s(HostBaseDn,ldap.SCOPE_ONELEVEL,"sshRSAHostKey=*",\
                 ["hostname","sshRSAHostKey","purpose"]);

More information about the Da-tools-commits mailing list