/TECH/ NIS install, fai scripts?

Dan B. Phung phung at cs.columbia.edu
Tue Oct 25 21:19:54 CEST 2005


I understand your concerns with the incorrect uid/gids, but these files
will be owned by root.root, which is standard for all systems, so this
shouldn't be a problem for this particular case, right?

-dan

On 25, Oct, 2005, Henning Glawe declared:

> On Tue, Oct 25, 2005 at 12:58:35PM -0400, Dan B. Phung wrote:
> > so..i'm trying to understand the way fcopy works in the fai's scripts dir.  
> > i'm friggen confused.  i'm trying to have NIS setup automatically, but
> > haven't been able to copy the files I want over.  i'd like to copy my
> > predefined files such as passwd, groups, and shadow onto the new system.
> > my files are currently located on the NFS mount directory, which I don't
> > think is the correct place.
> > 
> > from what I understand, to do:
> > 
> >   fcopy -i /etc/passwd /etc/groups /etc/shadow
> > 
> > I need the directories in FAI/files/etc/{passwd,groups,shadow} and 
> > in each, I need to have a file with the name of the class that
> > is installed.  Is that correct?  ...and the contents of the
> > file are the contents of my actual file (ie, my /etc/passwd)
> 
> this is completely wrong. the contents of these files depend highly on the
> packages installed to the system (and their order): packages use 'adduser' to
> add accounts/groups to run daemons under and a lot of other different things.
> 
> if you blindly copy a /etc/passwd to your system, you will end up with wrong
> file ownerships assume installation of packages 'blah' and 'blubb'
> 
> - blah.postinst: adduser --system blahuser (allocates UID 127 for blahuser)
> 	chown blahuser $somefile
> 	  ($somefile has owner 127 in the filesystem)
> - blubb.postinst: adduser --system blubbuser (allocate UID 128 for blubbuser)
> 	chown blubbuser $someotherfile 
> 	  ($someotherfile has owner 128 in the fs)
> - if you copy a /etc/passwd to the system where blahuser is 128 and blubbuser
>   is 127, blubbuser owns $somefile and blahuser $someotherfile 
> 
> you can have even more fun with 4750 binaries and swapped groups...
> 
> conclusion: never, ever copy /etc/{passwd,shadow,group} from one system to
> another, edit them via sed, perl or cfengine
> 

-- 
email:  phung at cs.columbia.edu
www:    http://www.cs.columbia.edu/~phung
phone:  646-775-6090
fax:    212-666-0140
office: CS Dept. 520, 1214 Amsterdam Ave., MC 0401, New York, NY 10027



More information about the linux-fai mailing list