diff --git a/mkapachepw.py b/mkapachepw.py index 20ba7da..ceaee31 100755 --- a/mkapachepw.py +++ b/mkapachepw.py @@ -9,7 +9,7 @@ # Program Information PROGNAME = "mkapachepw" -RCSID = "$Id: mkapachepw.py,v 1.107 2005/04/04 21:41:37 root Exp $" +RCSID = "$Id: mkapachepw.py,v 1.108 2005/04/04 22:23:24 root Exp $" VERSION = RCSID.split()[2] # Copyright Information @@ -71,6 +71,7 @@ ##### TIMESTAMP = "# Created By %s %s On %s At %s\n" % (PROGNAME, VERSION, getfqdn(), time.asctime()) +CMDLINE = "# Command Line: %s\n" % " ".join(sys.argv) #----------------------------------------------------------# @@ -95,13 +96,13 @@ ##### uTable = [PROGNAME + " " + VERSION + " - %s\n" % COPYRIGHT, - "usage: " + PROGNAME + " [-GUfghpv] where,\n", + "usage: " + PROGNAME + " [-GUfghuv] where,\n", " -G list of groups to include (+group) or exclude (-group) (default: none)", " -U list of users to include (+user) or exclude (-user) (default: none)", " -f file configuration file to use (default: none)", " -g # smallest GID to include in output (default: 100)", " -h print this help information", - " -p # smallest UID to include in output (default: 100)", + " -u # smallest UID to include in output (default: 100)", " -v print detailed version information", ] @@ -177,31 +178,28 @@ ErrorMsg("'%s' Must Be Prefixed With '+' or '-' To Indicate Desired Action." % item) sys.exit(2) - item = item[1:] # We just need the item ID portion + item = item[1:] # We just need the item Name/ID portion - # See if it's a GID/UID (a number) + # Convert GIDs and UIDs to names first try: item = int(item) + # Handle the case where the ID does not exist + try: + item = lookup(item)[0] + + except: + ErrorMsg("'%s' Is An Invalid %s ID." % (orig[1:], name)) + sys.exit(2) + + # If not, assume it is a name and look it up + except ValueError: + # Make sure it even exists if item not in master: - ErrorMsg("'%s' Is An Invalid %s ID." % (item, name)) + ErrorMsg("'%s' Is An Invalid %s Name." % (item, name)) sys.exit(2) - - # If not, assume it is a name and look it up - except ValueError: - - # Handle the case where the name does not exist - try: - item = lookup(item)[2] - - except: - ErrorMsg("'%s' Is An Invalid %s Name." % (orig[1:], name)) - sys.exit(2) - - - print additem, item # Do the actual in/exclusion @@ -236,9 +234,9 @@ gname, gpw, gid, gmembers = group[:4] - groups[gid] = [gname, [], Protected] + groups[gname] = [gid, [], Protected] for member in gmembers: - groups[gid][1].append(member) + groups[gname][1].append(member) ##### # Build A List Of Users @@ -247,10 +245,11 @@ for user in pwd.getpwall(): uname, pw, uid, gid = user[:4] - - users[uid] = [uname, pw, Protected] - if uname not in groups[gid][1]: - groups[gid][1].append(uname) + gname = grp.getgrgid(gid)[0] + + users[uname] = [uid, pw, Protected] + if uname not in groups[gname][1]: + groups[gname][1].append(uname) ##### @@ -264,16 +263,16 @@ OPTIONS = envopt.split() + OPTIONS try: - opts, args = getopt.getopt(OPTIONS, '-G:U:f:g:hp:v') + opts, args = getopt.getopt(OPTIONS, '-G:U:f:g:hu:v') except getopt.GetoptError: Usage() sys.exit(1) for opt, val in opts: if opt == "-G": - ProcessEnumeratedList(val, groups, grp.getgrnam, "Group") + ProcessEnumeratedList(val, groups, grp.getgrgid, "Group") if opt == "-U": - ProcessEnumeratedList(val, users, pwd.getpwnam, "User") + ProcessEnumeratedList(val, users, pwd.getpwuid, "User") if opt == "-f": CFGFILE=val if opt == "-g": @@ -281,14 +280,12 @@ if opt == "-h": Usage() sys.exit(0) - if opt == "-p": + if opt == "-u": STARTUID=int(val) if opt == "-v": print RCSID sys.exit(0) -print users, groups - ##### # Write Out The Files ##### @@ -301,12 +298,15 @@ grfile = open(GRFILE, "w") grfile.write(TIMESTAMP) +grfile.write(CMDLINE) # Write out groups if they are either protected or >= specified starting ID -for gid in groups: - if (groups[gid][2]) or (gid >= STARTGID): - grfile.write("%s: %s\n" % (groups[gid][0], " ".join(groups[gid][1]))) +gnames = groups.keys() +gnames.sort() +for gname in gnames: + if (groups[gname][2]) or (groups[gname][0] >= STARTGID): + grfile.write("%s: %s\n" % (gname, " ".join(groups[gname][1]))) grfile.close() @@ -314,12 +314,16 @@ pwfile = open(PWFILE, "w") pwfile.write(TIMESTAMP) +pwfile.write(CMDLINE) # Write out users if they are either protected or >= specified starting ID +# Unless explicitly protected, any account that has '*' as a password +# (thus indicating it does not support login), will be suppressed. -for uid in users: - print users[uid] - if (users[uid][2]) or (uid >= STARTUID): - pwfile.write("%s:%s\n" % tuple(users[uid])[:2]) +unames = users.keys() +unames.sort() +for uname in unames: + if (users[uname][2]) or ((users[uname][0] >= STARTUID) and (users[uname][1] != '*')): + pwfile.write("%s:%s\n" % (uname, users[uname][1])) pwfile.close()