Michael Schwendt wrote:
> On Tue, 10 Mar 2009 02:26:07 +0100, Kevin wrote:
>
>> Another unfortunate side effect of that password expiration: mail to
>> username@xxxxxxxxxxxxxxxxx bounces for those people who haven't renewed
>> their password in time. This is also a security risk because it means
>> people can commit bad things to their packages without them noticing. (I
>> just got such a bounce for the commit message for a rebuild for broken
>> dependencies.)
>
> Just for the record, two hours ago I got a delivery failure notification
> for 14 users expanded from the packager sponsors' group alias. IMO there
> is an additional problem [unless the accounts for all these well-known
> names have been disabled].
>
The following patch should remove inactive accounts from group aliases.
If this looks right I'll request a change freeze exception tommorrow.
If anyone wants to look before I get up, output from old and new (with
the patch) fasClient is on bastion:~toshio/aliases.{old,new}
-Toshio
diff --git a/client/fasClient b/client/fasClient
index ee83eae..8203e90 100644
--- a/client/fasClient
+++ b/client/fasClient
@@ -500,6 +500,10 @@ class MakeShellAccounts(AccountSystem):
for membership in self.memberships[name]:
role_type = membership['role_type']
person =
self.all_people[membership['person_id']]['username']
+ if person not in sorted_emails:
+ # If the person isn't in sorted_emails, their
account has
+ # been inactivated. Don't add them to the group
aliases
+ continue
try:
members['members'].append(person)
except KeyError:
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
