diff options
author | Dan Fandrich <dan@coneharvesters.com> | 2016-01-28 03:03:08 +0100 |
---|---|---|
committer | Olivier Blin <dev@blino.org> | 2017-02-23 01:52:38 +0100 |
commit | 43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82 (patch) | |
tree | 1a06f0d1a80b62e6aeaec5ffdfcccc043d8e9d8f | |
parent | 657b594b15c9799672b182ae3f96de69c8669647 (diff) | |
download | puppet-43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82.tar puppet-43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82.tar.gz puppet-43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82.tar.bz2 puppet-43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82.tar.xz puppet-43ebf501a5cea3ccb2e4e8ceecaa62750e1adf82.zip |
Fix ldap-sshkey2file so it doesn't crash when a user has no uidNumber
This shouldn't happen in normal operation, but can happen when binding
to a DN who doesn't have access to that attribute.
-rwxr-xr-x | modules/openssh/templates/ldap-sshkey2file.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/openssh/templates/ldap-sshkey2file.py b/modules/openssh/templates/ldap-sshkey2file.py index d974ec9a..e8597a6a 100755 --- a/modules/openssh/templates/ldap-sshkey2file.py +++ b/modules/openssh/templates/ldap-sshkey2file.py @@ -39,7 +39,7 @@ def usage(): print "It will return failure when no keys are updated and success" print "when one or more keys have changed." print - print "This script is intented to be run from cron as root" + print "This script is intended to be run from cron as root" print def get_bindpw(): @@ -124,7 +124,7 @@ def write_keys(keys, user, uid, gid): os.chmod(tmpname, 0600) os.chown(tmpname, uid, gid) shutil.move(tmpname, keyfile) - # Hmm, aparently shutil.move does not preserve user/group so lets reapply + # Hmm, apparently shutil.move does not preserve user/group so lets reapply # them. I still like doing it before as this should be more "automic" # if it actually worked, so it's "good practice", even if shutil.move sucks os.chown(keyfile, uid, gid) @@ -156,7 +156,7 @@ try: for result in res: dn, entry = result # skip possible system users - if int(entry['uidNumber'][0]) < 500: + if 'uidNumber' not in entry or int(entry['uidNumber'][0]) < 500: continue if write_keys(entry['sshPublicKey'], entry['uid'][0], int(entry['uidNumber'][0]), int(entry['gidNumber'][0])): changed = True |