Use openssl passwd -6 instead of Python crypt.crypt since crypt is deprecated and getting removed in Python 3.13
(And some sweet code cleanup too!)
This commit is contained in:
parent
de812ce3bd
commit
f0e758b997
14
adduser
14
adduser
|
@ -2,7 +2,6 @@
|
|||
|
||||
# A wrapper script over ldapadd
|
||||
|
||||
from crypt import crypt
|
||||
from os import remove
|
||||
from secrets import token_urlsafe
|
||||
from subprocess import run, call, check_output
|
||||
|
@ -14,17 +13,16 @@ def adduser(username, firstname, lastname, email, password):
|
|||
|
||||
# Get UID
|
||||
output = check_output(['ldapsearch', '-x', 'uidNumber']).decode('utf-8')
|
||||
used = set()
|
||||
for line in output.split('\n'):
|
||||
if line.startswith('uidNumber'):
|
||||
used.add(int(line.split()[1]))
|
||||
uid = [u for u in range(1001, 10000) if u not in used][0]
|
||||
used = {int(line.split()[1]) for line in output.split('\n') if line.startswith('uid')}
|
||||
uid = next(u for u in range(1001, 10000) if u not in used)
|
||||
|
||||
if firstname == lastname:
|
||||
fullname = firstname
|
||||
else:
|
||||
fullname = f'{firstname} {lastname}'
|
||||
|
||||
hashed_password = check_output(['openssl', 'passwd', '-6', password]).decode('utf-8')[:-1]
|
||||
|
||||
# Construct LDIF
|
||||
ldif = f'''dn: uid={username},ou=People,dc=exozy,dc=me
|
||||
objectClass: top
|
||||
|
@ -37,7 +35,7 @@ uid: {username}
|
|||
cn: {fullname}
|
||||
sn: {lastname}
|
||||
givenName: {firstname}
|
||||
userPassword: {{CRYPT}}{crypt(password)}
|
||||
userPassword: {{CRYPT}}{hashed_password}
|
||||
mail: {email}
|
||||
loginShell: /bin/fish
|
||||
uidNumber: {uid}
|
||||
|
@ -81,4 +79,4 @@ gidNumber: {uid}'''
|
|||
password = token_urlsafe(6)
|
||||
print('Temporary password:', password)
|
||||
|
||||
adduser(*[argv[i] for i in range(1, 5)], password)
|
||||
adduser(*argv[1:], password)
|
||||
|
|
Loading…
Reference in a new issue