From bbf29a44f1a0ffd74bf52d6e643ab3f44a0de185 Mon Sep 17 00:00:00 2001
From: Valentin Samir <valentin.samir@crans.org>
Date: Sun, 24 Nov 2013 17:44:57 +0100
Subject: [PATCH] =?UTF-8?q?[gestion/tools]=20apt-keys-crans.py,=20un=20scr?=
 =?UTF-8?q?ipt=20qui=20g=C3=A9n=C3=A8re=20automatiquement=20/bcfg2/Cfg/etc?=
 =?UTF-8?q?/crans/apt-keys/?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

À partir des fpr de la base ldap
---
 gestion/tools/apt-keys-crans.py | 51 +++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100755 gestion/tools/apt-keys-crans.py

diff --git a/gestion/tools/apt-keys-crans.py b/gestion/tools/apt-keys-crans.py
new file mode 100755
index 00000000..fd94666c
--- /dev/null
+++ b/gestion/tools/apt-keys-crans.py
@@ -0,0 +1,51 @@
+#!/bin/bash /usr/scripts/python.sh
+# -*- coding: utf-8 -*-
+
+import os
+from subprocess import Popen, PIPE, STDOUT
+import lc_ldap.shortcuts
+from socket import gethostname
+
+
+keyserver='komaz.adm.crans.org'
+basedir='/bcfg2/Cfg/etc/crans/apt-keys/'
+
+
+conn=lc_ldap.shortcuts.lc_ldap_readonly()
+nounou=conn.search(u"(&(gpgFingerprint=*)(droits=nounou))")
+fpr=[u['gpgFingerprint'][0].value for u in nounou]
+
+def refresh_keys():
+    p = Popen(['gpg', '--keyserver', 'komaz.adm.crans.org', '--recv-keys'] + fpr, stdout=PIPE, stdin=PIPE, stderr=STDOUT)
+    ret=p.communicate()
+    if ret[1]:
+        print ret[1]
+    if ret[0]:
+        print ret[0]
+
+
+def write_keys():
+    for user in nounou:
+        try:
+            os.mkdir(basedir + '%s.asc/' % user['uid'][0])
+        except OSError:
+            pass
+        path=basedir + '%s.asc/%s.asc' % (user['uid'][0],user['uid'][0])
+        # Est-ce que ça serait bien de mettre --export-options export-minimal ?
+        p = Popen(['gpg', '--armor', '--export', user['gpgFingerprint'][0].value], stdout=PIPE, stdin=PIPE, stderr=STDOUT)
+        ret=p.communicate()
+        if ret[1]:
+            print ret[1]
+        if ret[0]:
+            with open(path, 'w') as f:
+                f.write(ret[0])
+                f.close()
+            print "Witten down %s" % path
+
+if __name__ == '__main__':
+    if gethostname() != 'bcfg2':
+        print "Doit être lancé sur bcfg2"
+        exit(1)
+    else:
+        refresh_keys()
+        write_keys()