2
# passwd.py - lookup functions for user account information
4
# Copyright (C) 2010, 2011 Arthur de Jong
6
# This library is free software; you can redistribute it and/or
7
# modify it under the terms of the GNU Lesser General Public
8
# License as published by the Free Software Foundation; either
9
# version 2.1 of the License, or (at your option) any later version.
11
# This library is distributed in the hope that it will be useful,
12
# but WITHOUT ANY WARRANTY; without even the implied warranty of
13
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
# Lesser General Public License for more details.
16
# You should have received a copy of the GNU Lesser General Public
17
# License along with this library; if not, write to the Free Software
18
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
28
attmap = common.Attributes(uid='uid',
30
uidNumber='uidNumber',
31
gidNumber='gidNumber',
32
gecos='"${gecos:-$cn}"',
33
homeDirectory='homeDirectory',
34
loginShell='loginShell',
35
objectClass='objectClass')
36
filter = '(objectClass=posixAccount)'
37
bases = ( 'ou=people,dc=test,dc=tld', )
40
class PasswdRequest(common.Request):
42
def write(self, dn, attributes, parameters):
43
# get uid attribute and check against requested user name
44
names = attributes['uid']
45
if 'uid' in parameters:
46
if parameters['uid'] not in names:
48
names = ( parameters['uid'], )
49
# get user password entry
50
if 'shadowAccount' in attributes['objectClass']:
53
passwd = attributes['userPassword'][0]
54
# get numeric user and group ids
55
uids = ( parameters['uidNumber'], ) if 'uidNumber' in parameters else attributes['uidNumber']
56
uids = [ int(x) for x in uids ]
57
# get other passwd properties
58
gid = int(attributes['gidNumber'][0])
59
gecos = attributes['gecos'][0]
60
home = attributes['homeDirectory'][0]
61
shell = attributes['loginShell'][0]
64
if not common.isvalidname(name):
65
print 'Warning: passwd entry %s contains invalid user name: "%s"' % ( dn, name )
68
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
69
self.fp.write_string(name)
70
self.fp.write_string(passwd)
71
self.fp.write_uid_t(uid)
72
self.fp.write_gid_t(gid)
73
self.fp.write_string(gecos)
74
self.fp.write_string(home)
75
self.fp.write_string(shell)
78
class PasswdByNameRequest(PasswdRequest):
80
action = constants.NSLCD_ACTION_PASSWD_BYNAME
82
def read_parameters(self, fp):
83
name = fp.read_string()
84
common.validate_name(name)
88
class PasswdByUidRequest(PasswdRequest):
90
action = constants.NSLCD_ACTION_PASSWD_BYUID
92
def read_parameters(self, fp):
93
return dict(uidNumber=fp.read_uid_t())
96
class PasswdAllRequest(PasswdRequest):
98
action = constants.NSLCD_ACTION_PASSWD_ALL
101
# FIXME: have something in common that does this
102
def do_search(conn, flt=None, base=None):
103
mybases = ( base, ) if base else bases
106
# perform a search for each search base
110
scope = locals().get('scope', cfg.scope)
111
res = conn.search_s(base, scope, flt, [attmap['uid']])
115
except ldap.NO_SUCH_OBJECT:
119
def uid2entry(conn, uid):
120
"""Look up the user by uid and return the LDAP entry or None if the user
122
myfilter = '(&%s(%s=%s))' % ( filter,
123
attmap['uid'], ldap.filter.escape_filter_chars(uid) )
124
for dn, attributes in do_search(conn, myfilter):
125
if uid in attributes[attmap['uid']]:
126
return dn, attributes
128
def uid2dn(conn, uid):
129
"""Look up the user by uid and return the DN or None if the user was
131
x = uid2entry(conn, uid)
135
# FIXME: use cache of dn2uid and try to use DN to get uid attribute
137
def dn2uid(conn, dn):
138
"""Look up the user by dn and return a uid or None if the user was
141
for dn, attributes in do_search(conn, base=dn):
142
return attributes[attmap['uid']][0]
143
except ldap.NO_SUCH_OBJECT: