Merge "Patch ldapscripts to support user password change"

ldap/ldapscripts/debian/patches/0001-Reset-password-after-user-is-added.patch

@@ -0,0 +1,46 @@
+From 78fd27c8a743b8de335fa1d2578c0569114f1bfe Mon Sep 17 00:00:00 2001
+From: Andy Ning <andy.ning@windriver.com>
+Date: Tue, 9 Aug 2022 15:40:50 +0000
+Subject: [PATCH] Reset password after user is added
+
+After user is added and password set, reset its password so that
+the user will be asked to change password at first login, a similar
+behavior as in CentOS.
+
+Signed-off-by: Andy Ning <andy.ning@windriver.com>
+---
+ sbin/ldapadduser | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/sbin/ldapadduser b/sbin/ldapadduser
+index cc44f7d..ecc073e 100755
+--- a/sbin/ldapadduser
++++ b/sbin/ldapadduser
+@@ -77,6 +77,24 @@ if [ -n "$_PASSWORD" ]
+ then
+   _changepassword "$_PASSWORD" "uid=$_USER,$USUFFIX,$SUFFIX"
+   [ $? -eq 0 ] && echo_log "Successfully set password for user $_USER"
++
++  # reset user's password so the user will be asked to change password.
++  # These variables are used by the runtime script _ldapmodify which is sourced.
++  _ACTION="add"
++  _FIELD="pwdReset"
++  _VALUE="TRUE"
++
++  # Use template if necessary
++  if [ -n "$UMTEMPLATE" ] && [ -r "$UMTEMPLATE" ]
++  then
++    _getldif="cat $UMTEMPLATE"
++  else
++    _getldif="_extractldif 2"
++  fi
++
++  $_getldif | _filterldif | _utf8encode | _ldapmodify
++  [ $? -eq 0 ] || end_die "Error resetting password for user $_USER"
++  warn_log "Warning : password is reset, user will be asked to change password at login"
+ else
+   [ -n "$PASSWORDGEN" ] && warn_log "Warning : got invalid password for user $_USER (password not set)"
+ fi
+-- 
+2.25.1
+

ldap/ldapscripts/debian/patches/series

@@ -5,3 +5,4 @@ ldap-user-setup-support.patch
 allow-anonymous-bind-for-ldap-search.patch
 ldapscripts-templates.patch
 install-ldapscripts-files-to-etc.patch
+0001-Reset-password-after-user-is-added.patch