Big /etc/group creating issue


 
Thread Tools Search this Thread
Operating Systems Solaris Big /etc/group creating issue
# 1  
Old 09-17-2013
Big /etc/group creating issue

I have Solaris-10 with kernel patch 142900-03, Update 7 Sparc server.
Code:
root@ddlomps40:/# uname -a
SunOS ddlomps40 5.10 Generic_142900-03 sun4u sparc SUNW,SPARC-Enterprise
root@ddlomps40:/# cat /etc/release
                       Solaris 10 5/09 s10s_u7wos_08 SPARC
           Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
                        Use is subject to license terms.
                             Assembled 30 March 2009
root@ddlomps40:/# cat /etc/group | wc -l
     102
root@ddlomps40:/# zoneadm list -icv
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared
root@ddlomps40:/# cat /etc/passwd | wc -l
    1043
root@ddlomps40:/# cat /etc/group | wc -l
     102
root@ddlomps40:/#

As group file is increased huge, so whenever I am adding new person to group, few old user is getting removed from group. Since /etc/group file is huge, it does not allow "usermod -G" and we have add user in that group manually with vi. Is there any way to increase this limit with any kernel patch level or update ?
Any any other way to fix this issue ?

Last edited by solaris_1977; 09-17-2013 at 02:26 PM..
# 2  
Old 09-17-2013
Most big sites use NIS or YP to handle this stuff remotely and centrally, and probably with more scalability.

Purging groups is fine if there are no users and file entangled with it, so first you need to purge quiescent users and their files. If their files are readable or writable to others, that can affect them. Once you have purged the files and then users, you can safely remove groups.

Pragmatically, most people move to a new server and make a lame but convenient excuse of incompatibility against migrating all users and groups. Active users move their files, and then you can say goodbye. Disks and related server technologies have a finite life, so this is many ways good. It's like converting code: writing new is an opportunity to clean lots of stuff up, using the old for reference.
# 3  
Old 09-17-2013
We have plans to move it to NIS, but is going to take 6 months from now. Seems like as of now only option for us to find out non-existing user in organization and remove their id's from passwd, shadow and group file to cleanup.
I am not getting any document which can tell me limit of characters in each group or any way to increase it.
# 4  
Old 09-19-2013
NIS has such limits, too.
With the file /etc/group, try the following:
have two lines with the same group name and the same GID, and distribute the group members on them!
# 5  
Old 09-20-2013
LDAP is an alternative to using /etc/shaddow and /etc/passwd, or NIS. The advantage that LDAP has over password file is all information about users and groups can be held on one (centrally administered) server so the user information does not have to be replicated. The advantage over NIS is that LDAP can be used to store information besides user information (such as Netscape Roaming Profiles) and can be used on multiple platforms (NT, Novel, Solaris, and Linux for starters).

LDAP Authentication HOWTO

Set one system up and then make a mirror on the second, and put all the others on it until the other guys want to merge.

http://www.freebsd.org/doc/en/articl...h/article.html

I'd love to see something with real RDBMS logic under it. An XML interface would be nicer, too. It'd be nice to have persistent-caching slave LDAP servers on each host, so they can run without the masters short term.

Last edited by DGPickett; 09-20-2013 at 02:55 PM..
# 6  
Old 09-21-2013
You could also set the system to lock an account after X days of no logins. I suspect a 30 day lockout period would quickly identify a large group of users who are no longer using the system regularly.

---------- Post updated at 11:48 PM ---------- Previous update was at 11:48 PM ----------

Obviously, you delete the locked accounts. Smilie

After making a full backup of course.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. HP-UX

Creating a group of users with script

Hi, I have a file with usernames, and the comment section, e.g : Data removed by request of sanchitadutta91, 20 May 2020 I need to add these users into a server. Is it possible to use a script to create the users, together with the comment ? From the commandline to add one user, the... (2 Replies)
Discussion started by: anaigini45
2 Replies

2. Shell Programming and Scripting

Delete big directory issue

Hello folks, I am deleting a directory with script it is taking 11Hour and also increase the IO on server. I am using below command, inside date directory there are hour directories, which i am deleting after archiving. Archiving is not taking long time, only "rm -rf" is taking alot of time with... (21 Replies)
Discussion started by: learnbash
21 Replies

3. Shell Programming and Scripting

NFS Mount 16+ group Issue in AIX

Hi, I am trying to read files from NFS mount. The ID with which I am trying to read is part of 16+ groups. This is causing problem in doing change directory to the NFS mount directory. I was able to get some code which does newgrp to change the default group so that I could change... (3 Replies)
Discussion started by: pinnacle
3 Replies

4. Linux

Default user:group permissions while creating files and directories

Hi, I am working on setup a environment where only a specific user can upload the builds on htdocs of apache. Now i want that a specific user can copy the builds on htdocs folder. I created a group "deploy" and assign user1 and user2 to this group. On Apache side i mentioned User=deploy... (3 Replies)
Discussion started by: sunnysthakur
3 Replies

5. UNIX for Dummies Questions & Answers

Creating a file where the owner and group is not root

Hi, I'm the root user on my computer, but I'm writing a script that does a lot of file handling. Every time I create a file or directory it automatically requires root privileges. Is there a way I can just create a file that the user can access without a password? For example in my script I... (20 Replies)
Discussion started by: jdilts
20 Replies

6. UNIX for Advanced & Expert Users

creating a secondary read only group with setfacl

We have created ACL's to allow two differnet groups to access some directories. You can see output from getfacl below. group::rwx group:rbauser:r-- The original group has full access, the secondary group has read only. However users in the secondary group can't see the directories. Think this... (1 Reply)
Discussion started by: dw82199
1 Replies

7. Programming

SQL Developer JOINS / GROUP BY issue.

Am having a nightmare with a certain piece of code.. have tried almost everything and just cannot see what the issue is.. CREATE OR REPLACE VIEW TOP_EARNER_PER_LOCATION AS SELECT E.FIRST_NAME || ' ' || E.LAST_NAME AS EMPLOYEE_NAME, L.REGIONAL_GROUP AS REGIONAL_GROUP, ... (1 Reply)
Discussion started by: U_C_Dispatj
1 Replies

8. Shell Programming and Scripting

Hello - Have a big issue need help please ASAP

I have been using this simple grep command to extract fields from a file that ALPHANUMERIC field has been set to 16 grep -w 'ALPHANUMERIC *16' filename ------------------------- sample data file SAMP_RICS "SAMPLE RICS" 5694 NULL ALPHANUMERIC 60 RMTES_STRING ... (11 Replies)
Discussion started by: mnassiri
11 Replies

9. Shell Programming and Scripting

Creating a control file for a group of files

Hi, We have almost 45,000 data files created by a script daily. The file names are of format-ODS.POS.<pharmacyid>.<table name>.<timestamp>.dat. There will be one data file like this for each pharmacy and each table.(Totally around 45,000) The requirement is to create a control file for each... (2 Replies)
Discussion started by: Maya_Pillai
2 Replies

10. Linux

Problem with creating big files

Hi... I have a very wired problem with my redhat4 update 4 server... Every time i create a file bigger then my physical memory the server kills the process\session that creates the file, and in the "messages" file i see this error: "Oct 21 15:22:22 optidev kernel: Out of Memory: Killed process... (6 Replies)
Discussion started by: eliraza6
6 Replies
Login or Register to Ask a Question