/TECH/ NIS install, fai scripts?

Henning Glawe glaweh at physik.fu-berlin.de
Tue Oct 25 20:28:09 CEST 2005 

On Tue, Oct 25, 2005 at 12:58:35PM -0400, Dan B. Phung wrote:
> so..i'm trying to understand the way fcopy works in the fai's scripts dir.  
> i'm friggen confused.  i'm trying to have NIS setup automatically, but
> haven't been able to copy the files I want over.  i'd like to copy my
> predefined files such as passwd, groups, and shadow onto the new system.
> my files are currently located on the NFS mount directory, which I don't
> think is the correct place.
> 
> from what I understand, to do:
> 
>   fcopy -i /etc/passwd /etc/groups /etc/shadow
> 
> I need the directories in FAI/files/etc/{passwd,groups,shadow} and 
> in each, I need to have a file with the name of the class that
> is installed.  Is that correct?  ...and the contents of the
> file are the contents of my actual file (ie, my /etc/passwd)

this is completely wrong. the contents of these files depend highly on the
packages installed to the system (and their order): packages use 'adduser' to
add accounts/groups to run daemons under and a lot of other different things.

if you blindly copy a /etc/passwd to your system, you will end up with wrong
file ownerships assume installation of packages 'blah' and 'blubb'

- blah.postinst: adduser --system blahuser (allocates UID 127 for blahuser)
	chown blahuser $somefile
	  ($somefile has owner 127 in the filesystem)
- blubb.postinst: adduser --system blubbuser (allocate UID 128 for blubbuser)
	chown blubbuser $someotherfile 
	  ($someotherfile has owner 128 in the fs)
- if you copy a /etc/passwd to the system where blahuser is 128 and blubbuser
  is 127, blubbuser owns $somefile and blahuser $someotherfile 

you can have even more fun with 4750 binaries and swapped groups...

conclusion: never, ever copy /etc/{passwd,shadow,group} from one system to
another, edit them via sed, perl or cfengine
-- 
c u
henning
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.uni-koeln.de/pipermail/linux-fai/attachments/20051025/423b3b94/attachment.bin

More information about the linux-fai mailing list