/TECH/ NIS install, fai scripts?
Dan B. Phung
phung at cs.columbia.edu
Tue Oct 25 21:19:54 CEST 2005
I understand your concerns with the incorrect uid/gids, but these files
will be owned by root.root, which is standard for all systems, so this
shouldn't be a problem for this particular case, right?
-dan
On 25, Oct, 2005, Henning Glawe declared:
> On Tue, Oct 25, 2005 at 12:58:35PM -0400, Dan B. Phung wrote:
> > so..i'm trying to understand the way fcopy works in the fai's scripts dir.
> > i'm friggen confused. i'm trying to have NIS setup automatically, but
> > haven't been able to copy the files I want over. i'd like to copy my
> > predefined files such as passwd, groups, and shadow onto the new system.
> > my files are currently located on the NFS mount directory, which I don't
> > think is the correct place.
> >
> > from what I understand, to do:
> >
> > fcopy -i /etc/passwd /etc/groups /etc/shadow
> >
> > I need the directories in FAI/files/etc/{passwd,groups,shadow} and
> > in each, I need to have a file with the name of the class that
> > is installed. Is that correct? ...and the contents of the
> > file are the contents of my actual file (ie, my /etc/passwd)
>
> this is completely wrong. the contents of these files depend highly on the
> packages installed to the system (and their order): packages use 'adduser' to
> add accounts/groups to run daemons under and a lot of other different things.
>
> if you blindly copy a /etc/passwd to your system, you will end up with wrong
> file ownerships assume installation of packages 'blah' and 'blubb'
>
> - blah.postinst: adduser --system blahuser (allocates UID 127 for blahuser)
> chown blahuser $somefile
> ($somefile has owner 127 in the filesystem)
> - blubb.postinst: adduser --system blubbuser (allocate UID 128 for blubbuser)
> chown blubbuser $someotherfile
> ($someotherfile has owner 128 in the fs)
> - if you copy a /etc/passwd to the system where blahuser is 128 and blubbuser
> is 127, blubbuser owns $somefile and blahuser $someotherfile
>
> you can have even more fun with 4750 binaries and swapped groups...
>
> conclusion: never, ever copy /etc/{passwd,shadow,group} from one system to
> another, edit them via sed, perl or cfengine
>
--
email: phung at cs.columbia.edu
www: http://www.cs.columbia.edu/~phung
phone: 646-775-6090
fax: 212-666-0140
office: CS Dept. 520, 1214 Amsterdam Ave., MC 0401, New York, NY 10027
More information about the linux-fai
mailing list