> On Wed, Jul 02, 2008 at 12:01:05PM -0400, Brian Wheeler wrote:
> > True, but you have to make sure that the passwd/group file is in sync
> > for all of the files or there'll be weirdness unless you use
> > --numeric-owner.
>
> What do you mean "there'll be weirdness unless you use --numeric-owner"?
>
> GNU Tar stores both the text name, and the numeric ID for users and
> groups. It favors the text name if possible and falls back to the
> numeric ID if the name is unavailable.
Yep
> This means you can have three machines each with three users. Each
> of the users could have been added to the machines in a different
> order. (So on MachineA, UserA is 1000, etc.) However, GNU Tar will work
> properly in this case, and the files will not get confused.
>
> This actually makes GNU Tar handy to use if you ever find yourself
> working with a machine where the user or group IDs have gotten totally
> out of hand and you want to clean them up. (For instance, if you're
> using a system where useradd always picks the last user ID, and some
> fool of a prior administrator saw an example giving postfix a user ID of
> 54321 and copied that in as-is.)
>
We use the UITS UID on our machines so we get some really large UIDs...I
make it a point to always specify the new user uid just so I don't
clobber a future employee by accident.
> Of course, if you over-write a passwd file on one machine with a passwd
> file from another machine you're basically screwed. It isn't Tar that
> screws you, it is just that you should never-ever do it. (So you're
> basically screwing yourself. It is easy to forget this and do it without
> thinking -- I know I've done it before.)
>
as have I :)
> Most Linux distributions don't guarantee the IDs of even the system
> users/groups. With the system IDs you may be able to find a tool to help
> you correct them. With the user IDs, you'll basically be forced to chown
> the home directories to who they're expected to be, and just correct any
> other files to a user/group that will allow the user community access
> from there.
>
Here's what I was doing: I booted a rescue CD and did a full system
copy from a remote machine to the one I booted the rescue disk on. The
system accounts had different uids (sendmail, in particular) so when I
booted the resulting system, sendmail was broken because the uid suid
binaries didn't match the sendmail uid in passwd.
When I recopied it later I used the --numeric-uid option and the IDs
were synced up properly.
I didn't explain it properly, but any time there are differences between
source/dest password files there may be issues. Gnu tar does a pretty
good job of getting it right, but there are still surprises lurking for
the unwary.
Brian
> Cheers,
> Steven Black
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug
No comments:
Post a Comment