Password Reset
Toshio Kuratomi
a.badger at gmail.com
Tue Mar 10 10:53:04 UTC 2009
Michael Schwendt wrote:
> On Tue, 10 Mar 2009 02:26:07 +0100, Kevin wrote:
>
>> Another unfortunate side effect of that password expiration: mail to
>> username at fedoraproject.org bounces for those people who haven't renewed
>> their password in time. This is also a security risk because it means
>> people can commit bad things to their packages without them noticing. (I
>> just got such a bounce for the commit message for a rebuild for broken
>> dependencies.)
>
> Just for the record, two hours ago I got a delivery failure notification
> for 14 users expanded from the packager sponsors' group alias. IMO there
> is an additional problem [unless the accounts for all these well-known
> names have been disabled].
>
The following patch should remove inactive accounts from group aliases.
If this looks right I'll request a change freeze exception tommorrow.
If anyone wants to look before I get up, output from old and new (with
the patch) fasClient is on bastion:~toshio/aliases.{old,new}
-Toshio
diff --git a/client/fasClient b/client/fasClient
index ee83eae..8203e90 100644
--- a/client/fasClient
+++ b/client/fasClient
@@ -500,6 +500,10 @@ class MakeShellAccounts(AccountSystem):
for membership in self.memberships[name]:
role_type = membership['role_type']
person =
self.all_people[membership['person_id']]['username']
+ if person not in sorted_emails:
+ # If the person isn't in sorted_emails, their
account has
+ # been inactivated. Don't add them to the group
aliases
+ continue
try:
members['members'].append(person)
except KeyError:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20090310/a0cea6e1/attachment.sig>
More information about the Fedora-infrastructure-list
mailing list