[Da-tools-commits] ./da-tools/userdir-ldap-common r405: Merge from Debian. If only people would stop generating changelog conflicts that would be mostly automagic

Joerg Jaspert joerg at debian.org
Mon May 19 15:36:13 UTC 2008 

------------------------------------------------------------
revno: 405
committer: Joerg Jaspert <joerg at debian.org>
branch nick: userdir-ldap-common
timestamp: Mon 2008-05-19 17:36:13 +0200
message:
  Merge from Debian. If only people would stop generating changelog conflicts that would be mostly automagic
modified:
  debian/changelog
  ud-generate
  ud-mailgate
    ------------------------------------------------------------
    revno: 349.5.20
    committer: Peter Palfrader <peter at palfrader.org>
    branch nick: userdir-ldap
    timestamp: Sun 2008-05-18 14:26:33 +0200
    message:
      ud-mailgate: a bug in DoSSH caused all changes to fail that came after DoSSH in
      HandleChange.  Now DoSSH properly returns without raising an exception if the
      line to handle is not an ssh public key.
    modified:
      debian/changelog
      ud-mailgate
    ------------------------------------------------------------
    revno: 349.5.21
    committer: Peter Palfrader <peter at palfrader.org>
    branch nick: userdir-ldap
    timestamp: Sun 2008-05-18 14:28:28 +0200
    message:
      Merge from zobel: Fix userdir-ldap.schema (objectClass now contains MAY: VoIP)
    modified:
      debian/changelog
      userdir-ldap.schema
    ------------------------------------------------------------
    revno: 349.5.22
    committer: Peter Palfrader <peter at palfrader.org>
    branch nick: userdir-ldap
    timestamp: Mon 2008-05-19 08:56:21 +0200
    message:
      * Export ssh-keys.tar.gz to [UNTRUSTED] hosts.  Since we already export
        ssh-rsa-shadow this is probably the right thing.
      * Make keys in the ssh-keys tarball mode 0400 instead of mode 0600.
    modified:
      debian/changelog
      ud-generate
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog	2008-05-18 17:00:05 +0000
+++ b/debian/changelog	2008-05-19 15:36:13 +0000
@@ -1,14 +1,22 @@
-userdir-ldap (0.3.XX) Xnstable; urgency=low
-
-  [ Peter Palfrader ]
+userdir-ldap (0.3.27) unstable; urgency=low
+
+  * Export ssh-keys.tar.gz to [UNTRUSTED] hosts.  Since we already export
+    ssh-rsa-shadow this is probably the right thing.
+  * Make keys in the ssh-keys tarball mode 0400 instead of mode 0600.
+
+ -- Peter Palfrader <weasel at debian.org>  Mon, 19 May 2008 08:55:28 +0200
+
+userdir-ldap (0.3.26) unstable; urgency=low
+
   * ud-replicate: sgran pointed out that if all we care about ignoring is
     EEXIST then we should use mkdir -p instead of [ -d userkeys ] || mkdir
     userkeys.
-
-  [ Stephen Gran ]
-  * Document how to use unique overlay for uid and keyFingerPrint
-
- -- Stephen Gran <sgran at debian.org>  Sun, 18 May 2008 17:58:46 +0100
+  * ud-mailgate: a bug in DoSSH caused all changes to fail that came after
+    DoSSH in HandleChange.  Now DoSSH properly returns without raising an
+    exception if the line to handle is not an ssh public key.
+  * Fix userdir-ldap.schema (objectClass now contains MAY: VoIP). [zobel]
+
+ -- Peter Palfrader <weasel at debian.org>  Sun, 18 May 2008 14:27:50 +0200
 
 userdir-ldap (0.3.25+common1) unstable; urgency=low
 
@@ -23,6 +31,9 @@
   * Use ud-config to get the emailappend value in ud-replicate, no longer
   hardcoding @debian.org
 
+  [ Stephen Gran ]
+  * Document how to use unique overlay for uid and keyFingerPrint
+
  -- Joerg Jaspert <joerg at debian.org>  Sun, 18 May 2008 13:32:01 +0200
 
 userdir-ldap (0.3.25) unstable; urgency=low

=== modified file 'ud-generate'
--- a/ud-generate	2008-05-18 11:32:27 +0000
+++ b/ud-generate	2008-05-19 15:36:13 +0000
@@ -959,10 +959,6 @@
       userlist = GenPasswd(l,OutDir+"passwd",Split[1], "x");
    sys.stdout.flush();
    grouprevmap = GenGroup(l,OutDir+"group");
-   if ExtraList.has_key("[UNTRUSTED]"):
-	continue;
-   if not ExtraList.has_key("[NOPASSWD]"):
-     GenShadow(l,OutDir+"shadow");
 
    # Now we know who we're allowing on the machine, export
    # the relevant ssh keys
@@ -1007,13 +1003,18 @@
         # to give a shit^W^W^Wcare about the UIDoffset stuff.
         to.uname = f
         to.gname = grname
-        to.mode  = 0600
+        to.mode  = 0400
         tf.addfile(to, file(os.path.join(GlobalDir, 'userkeys', f)))
 
       tf.close()
       os.rename(os.path.join(GlobalDir, 'ssh-keys-%s.tar.gz' % CurrentHost),
                 os.path.join(OutDir, 'ssh-keys.tar.gz'))
 
+   if ExtraList.has_key("[UNTRUSTED]"):
+     continue;
+   if not ExtraList.has_key("[NOPASSWD]"):
+     GenShadow(l,OutDir+"shadow");
+
    # Link in global things   
    DoLink(GlobalDir,OutDir,"markers");
    DoLink(GlobalDir,OutDir,"mail-forward.cdb");

=== modified file 'ud-mailgate'
--- a/ud-mailgate	2008-05-17 09:18:45 +0000
+++ b/ud-mailgate	2008-05-18 12:26:33 +0000
@@ -239,6 +239,8 @@
 #  [options] 1024 35 13188913666680[..] [comment]
 def DoSSH(Str, Attrs, badkeys, uid):
    Match = SSH2AuthSplit.match(Str);
+   if Match == None:
+      return None;
    g = Match.groups()
    typekey = g[1]
    if Match == None:

More information about the Da-tools-commits mailing list