LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   combine shadow files (http://www.linuxquestions.org/questions/linux-newbie-8/combine-shadow-files-636181/)

packets 04-18-2008 03:41 AM

combine shadow files
 
I have 5 mail server that will be planning to join as 1. Let's say A,B,C,D and E. The mail server that will act as 1 is A.

My first concern is how do I transfer the user account from B,C,D and E going to A while retaining their password in their previous mail server?
Emails is no concern since I can rsync the home directory.

I'm thinking of combining shadow file but is it advisable? Any software/commands that can do this? Will different OS such as Rh9, FC2 and Centos4 will be an issue even they are all rpm-like OS?

marquardl 04-18-2008 04:16 AM

This depends on a lot of things, first of all the mail server itself. Is it the same mail server application on all servers?

Some mail servers allow to set user accounts without the need for a system account. If so, then you don't have to bother with the shadow password files. If the servers run different mail server applications, then you will need a different approach for each.

To merge shadow files you will also have to merge the password files and actually have to create user accounts. You must check for matching username conflicts and also for the more likely conflict of matching UID and GID values.

It can be done with a shell script. Not easy to write, but possible. Needs careful testing before applying.

Fedora HP webcam drivers

jschiwal 04-18-2008 05:14 AM

The /etc/passwd and /etc/shadow files also contain system users that you don't want to merge.

Code:

UID_MAX=$(awk '/^UID_MAX/{ print $2}' /etc/login.defs)
jschiwal@hpamd64:~> UID_MIN=$(awk '/^UID_MIN/{ print $2}' /etc/login.defs)
jschiwal@hpamd64:~> echo $UID_MAX
60000
jschiwal@hpamd64:~> echo $UID_MIN
1000

Here I extracted the UID_MIN and UID_MAX values from /etc/login.defs. Values between these values inclusively are regular users.
Here I use these UID ranges to extract the regular users from /etc/passwd:
Code:

awk 'BEGIN { FS=":" } int($3) >= '$UID_MIN' && int($3) <= '$UID_MAX' { print $1 }' /etc/passwd
jschiwal
testuser
tuser

You will also have a problem if there are users that have the same username. Also, if one user has a UID that is used by another user on one of the other machines.
You would also need to merge both the regular users in /etc/passwd and /etc/shadow.

If you change a users UID you also have to change the UID (ownership) of any files that the user owns, such as the mail in /var/cache/mail/.

If you have a lot of users, you might want to produce a couple of files, similar to /etc/passwd and /etc/shadow, but with extra fields in them. For example, the first field could be the username. The second field the new username. The forth field the UID of the user. The fifth, the new UID of the user. Then read in each line and if an old field differs from a new field, perform any chown on files needed before writing the new values into a new /etc/password or /etc/shadow.

You could use something like this to produce a csv file from /etc/passwd containing the regular users:
Code:

awk 'BEGIN { FS=":" } int($3) >= '$UID_MIN' && int($3) <= '$UID_MAX' { print $0 }' /etc/passwd | sed 's/:/","/g;s/^/"/;s/$/"/' >passwords
This could be read into a spreadsheet like oocalc. This would allow you to easily sort by any field or replace the UID numbers with a column of sequential integers. Sorting by the username, you could easily spot any two user names that are the same.


All times are GMT -5. The time now is 01:40 AM.