Shell Programming and Scripting

Good Morning,


I have 2 Solaris 9 machines sharing a NAS, and need to have users to be able to log in from the 2nd machine and get to all of their files on the NAS that were created on the 1st machine.


So far its working ok, but when users log in to the second machine, their user IDs show up as numbers, and they are not considered the owner. I used

Code:

usermod -u 1234 username

to get the user ID on the second machine to match the user ID on the first, but the user could not log in after that. I believe the issue is with the home directory: I think I need to change the owner of it recursively which makes me nervous. Should I:

Code:

chown -R username /home/username

?



I'm concerned because when looking over that home directory, there are 2 folders in the root group, and one of those has root as the owner. These appear to be for navigation. eg. commands

Code:

.

and

Code:

..

(These always appear at the top of directories.)


Would changing the directory recursively mess things up? Is there something else I should do as well?

Assuming I got what you want -
The problem is the OS on box 1. It thinks requests from box 2 are network only requests.

The user coming in from 2 is treated as a network login on 1. You need to have those directories mounted locally on 2 (via samba on machine 2, for example). That way all of the permissions for a user from 2 are valid "inside" the filesystem. In other words, accessing the directory on 1 by a user on 2 gets "treated" as if the origin of the request was local to 1.

The samba example is just one method, there are some others, IIRC. It has been 10 years since I did anything with Solaris 9.

BTW, if anything happens to box 1, the users on box 2 are locked out as well. Because their home directory is nopt available. So your initial design is less than optimal. You may have some NAS options that bypass this problem - I do not know.

Normally a home directory is fully owned by the user, and you can do

Code:

chown -hR username /home/username

The -h is necessary because by default chown follows a symbolic link. Imagine the user has a symlink mypasswd -> /etc/passwd ...
If you want to be safe then use "find" to only change owner to "username" if current owner is "olduser".

Code:

find /home/username -user olduser -exec chown -h username {} +

Both chown and find -user take a numeric UID or a username (that they automatically map to a UID).

Whoa!! Hang on a minute. Let's explain some things here.

Any one filesystem can only be mounted by one operating system at a time. Mounting the same filesystem on multiple machines is an instant recipe for corruption.

Sometimes storage systems (SANs, NAS's, etc) can be dual-tailed into two different machines but only when a suitable software suite (cluster software) is managing the ownership (at any one time) of each filesystem on the storage. Then, when a failover occurs, the (expensive) cluster suite will swap over the mounted filesystems from one system to another.

As Jim eluded to, the filesystem(s) can only be mounted by one O/S which controls file locking, file access (read/write), etc, and any second node needs to access those filesystems over the network (via NFS). So, repeat, mounting a filesystem on more than one system at the same time is big trouble. Make no mistake about that.

My understanding is that the two Solaris boxes NFS-mount the same file system from another box, a NAS (Network Attached Storage) box.
Perfectly normal.
But there is no common naming service in place, so users were created on each Solaris box and got different UIDs.

Hmm- it was set up like that prior to my arrival- possibly for years- I simply moved files from machine 1 to the NAS and then added symbolic links on both machines to the directories on the NAS.


Not sure if its important, but there are 7 or 8 other machines (Windows, RedHat) on that switch with access to this NAS as well.


I've shut the second machine down for the moment so I can get to the bottom of this.


I read Jim's response again. I have to admit I didn't quite grasp it. He seems to be saying that the first machine has some kind of priority over the files on the NAS and the second machine is lower priority, and that I should mount the NAS to machine two (which I did, but you disagree with).. not sure if I'm getting that right.


We've had a regular weekly ufsdumps of both machines, saved on the NAS weekly for a long time without issue, for what its worth.


Does this change or clarify things any? I guess I'm wondering what is the purpose of a NAS if only one machine can use it.


Thanks for your help!

Clarification:

We have two boxes. Box 1 is parent. Box 1 owns the filesystem. Box1 shares the filesystem via NFS or samba or whatever. Box 1 does not care who connects to the filesystem and then remote mounts it - via NFS. So you really have a proxy acting in box 1 in its very own kernel space when a request comes over the network. Box 1 controls entirely the NFS mounted disk, because it is actually physically mounted on box 1, not box 2.

Box 2 now runs an NFS/Samba client that connects over to box 1 via the smb protocol (example protocol). Box 2 has a symlink to the NFS mountpoint (that lives on box 2) then points to box 1. This is a mountpoint that connects as a proxy to the real disk on box 1.

This works great. I do not know what Made In Germany saw in your post, but what I described, I think, is clear. Samba or NFS works fine on Solaris 9. You will need to read a little on configuring your fileserver on Box 1. You do not seem to be running NFS to make box 1 a fileserver, and make box 2 a client of that fileserver.

The only weenie you need to know:
As of 2013 the NFS version on Solaris 9 has/had a bug.

Before rebooting:
If you have a user that stays logged on in spite of policy (I did), then you must kill all users processes on both systems. And any process that has the filesystem in question open. All logged on users and possibly system maintenance processes can have open files/directories there.

Why? If there is a file held open on box 2 (i.e., some user has a process with the current directory aimed "in" the NFS mount) then box 1 will hang on shutdown. Forever. If you force kill box 1, it will not rebuild NFS , so you lose the connection when you do reboot . Forever. Forever = you have to destroy and rebuild the connection on both sides. And it fails sometimes. As of 2015 there was a patch for this on Solaris 10, Solaris 11 did not have the problem, and no patch for Solaris 9. Verify this with Oracle support, if you still have support for your Solaris 9 box.

See: Solaris Operating System - Releases