Alias a User ID?
I seem to remember that there is a reasonable way to alias a user id but darned if I can find anything about doing that.
I have an application, DSpace, that runs in Tomcat and must have the same user id as Tomcat (no big deal, I simply make Tomcat the owner and group of the DSpace directories) -- but "dspace" must exist as an account for some things.
I can just edit /etc/passwd and change dspace to the Tomcat ID and group but that, as I recall, is a Big No-No; it works, but ya just ain't supposed to be doing that.
Anybody have any ideas, I'd appreciate knowing them.
You can do it by setting the UID of both users to be the same number. See http://docstore.mik.ua/orelly/networ...is/ch04_01.htm
See section: 4.1.2 Multiple Accounts with the Same UID
Which, upon inspection, seems to be the same thing that you were suggesting, but now with supporting excuses! ;vD
You have to remember to change the UID and GID of all files owned by that user.
If there are programs/scripts looking for that specific UID/GID by number instead of name, then those must also be modified. The best situation is when you know the UID/GID must match in multiple systems and you set up those accounts to match when they are created. Then any autogenerated scripts using that user/group as part of an installation process are correctly created.
If any "permissions" lists use UID/GID instead of the name those would need to be modified. (ACLs?)
On UNIX systems in the past I've changed the name of UID "zero" from root to something innocuous in an attempt to increase security on multi-user systems. (security through obscurity) I always had to change it back to root however because many (most?) programs/scripts use the name (root) and not the UID (0) when installing software updates and such (a bad choice IMHO).
There may be something different in Linux from UNIX that I'm not considering.
EDIT: I recommend changing the UID/GID of a single user rather than having two or more user names with the same UID/GID. Although both methods will probably work for your purposes, other complications can arise when user names need to match.
Thanks for those thoughts; I decided to simply change the dspace UID to that of Tomcat (along with the GID). DSpace, the application, works fine, no problems.
I kind of held my nose, though, just have a real hard time reconciling two user accounts with the same UID and GID (even though Tomcat is not actually a "user"). Many (too many) years ago I spent time chasing down a problem on a System 3 box that turned out to be a duplicate UID user causing difficulties; that, a lesson learned during a wasted youth.
Oh, well, make a note, remember that it's there and get on with it.
|All times are GMT -5. The time now is 12:54 AM.|