Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: "Synchronize" users/groups
Operating Systems HP-UX "Synchronize" users/groups Post 302604710 by methyl on Monday 5th of March 2012 06:33:50 PM
Old 03-05-2012
We have had to do this. At first it seemed impossible because the oldest users on the master system had UIDs which clashed with system users the backup system.

Do not embark on this sort of exercise without an Ignite backup and a full backup of your system and a decent amount of booked downtime.

To cut a long story short, and working on a non-Trusted system:

Used "vipw" on the master system to move any system accounts to be definitely before any user accounts in /etc/passwd. This is only needed if system software was installed after any user accounts. i.e. what normally happens.

Created a cross-reference table of before-and-after UIDs and changed every non-system UID to a new range well clear of the system accounts (I chose 1001+). The choice of 1001 for the base was because I did not have any UID higher than 1001 on the master system or the backup system. This is not trivial because after changing the passwd file with "vipw" it involves issuing the correct "find" and "chown" command for every file owned by every non-system user.

Once you have got all your user accounts in a section of /etc/passwd which definitely does not contain any system accounts you can copy files at will to your backup system and periodically replace the "user" section of the /etc/passwd file with the user section from your source system using "vipw" (which can be scripted).

I must stress again that this technique does not work at all on Trusted systems.


There was a hint earlier. Never delete a user account. Lock it, remove data files, whatever, but do not delete it from /etc/passwd. It will mess up you backup system big time the moment you allow two different users to have the same UID.

Imho. In a D.R. backup scenario, never let two different users have the same UID.
Last edited by methyl; 03-05-2012 at 07:39 PM..
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Limit "exploring" from users/groups

I have a unix box which runs as a webserver and ftp server. I have a user account for a friend and while I trust him, I noticed that he can view directories above his own "web" folder which is his default directory. I'm still trying to understand users/groups and privileges so bear with me if... (2 Replies)
Discussion started by: creyc
2 Replies

2. UNIX for Dummies Questions & Answers

Explain the line "mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`"

Hi Friends, Can any of you explain me about the below line of code? mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'` Im not able to understand, what exactly it is doing :confused: Any help would be useful for me. Lokesha (4 Replies)
Discussion started by: Lokesha
4 Replies

3. Shell Programming and Scripting

cat $como_file | awk /^~/'{print $1","$2","$3","$4}' | sed -e 's/~//g'

hi All, cat file_name | awk /^~/'{print $1","$2","$3","$4}' | sed -e 's/~//g' Can this be done by using sed or awk alone (4 Replies)
Discussion started by: harshakusam
4 Replies

4. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

5. Solaris

The slices "usr", "opt", "tmp" disappeared!!! Help please.

The system don't boot. on the screen appears following: press enter to maintenance (or type CTRL-D to continue)...I checked with format command. ... the slices "0-root","1-swap","2-backup" exist. ...the slises "3-var","6-usr" -unassigned. :( (16 Replies)
Discussion started by: wolfgang
16 Replies

6. Post Here to Contact Site Administrators and Moderators

Suggestion: adding two new groups "sed" and "awk"

Majority of the questions are pertaining file/string parsing w.r.t sed or awk It would be nice to have these two as their own sub category under shell-programming-scripting which can avoid lot of duplicate posts. (1 Reply)
Discussion started by: jville
1 Replies

7. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address and column 3 contains “cc” e-mail address to include with same email. Sample input file, email.txt Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies

8. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

9. AIX

Apache 2.4 directory cannot display "Last modified" "Size" "Description"

Hi 2 all, i have had AIX 7.2 :/# /usr/IBMAHS/bin/apachectl -v Server version: Apache/2.4.12 (Unix) Server built: May 25 2015 04:58:27 :/#:/# /usr/IBMAHS/bin/apachectl -M Loaded Modules: core_module (static) so_module (static) http_module (static) mpm_worker_module (static) ... (3 Replies)
Discussion started by: penchev
3 Replies

LEARN ABOUT OSF1

vipw

vipw(8) 						      System Manager's Manual							   vipw(8)

NAME

       vipw - Edits the /etc/passwd file

SYNOPSIS

       /usr/sbin/vipw

DESCRIPTION

       You  use  the vipw command to edit the /etc/passwd file with the editor defined in the EDITOR environment variable.  If the variable is not
       set, the default editor is vi.

       The vipw command performs basic consistency checks on the edited file.  If a hashed indexed passwd existed  previously,	the  vipw  command
       uses the mkpasswd command to create recreate it.

       The  command must not be used on systems that use extended security attributes since it cannot set or change them.  You must be root to run
       this command.  Only root and security administrators should have execute access to this command.

       Since the vipw command cannot effectively change all the attributes of users, it should not be used in a secure environment.

       The vipw command accesses the following files, and requires the listed permissions:

       ------------------------------
       Permissions   File
       ------------------------------
	   rw	     /etc/passwd

	   rw	     /etc/passwd.pag

	   rw	     /etc/passwd.dir

	   rw	     /etc/ptmp

	   rw	     /etc/ptmp.pag

	   rw	     /etc/ptmp.dir
       ------------------------------

EXAMPLE

       To edit the /etc/passwd file, type the following command and add the required line entry: vipw

FILES

       Specifies the command path

RELATED INFORMATION

       Commands:  passwd(1), passwd(4), adduser(8), mkpasswd(8) delim off

																	   vipw(8)
All times are GMT -4. The time now is 01:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy