Subject: | |
From: | |
Reply To: | |
Date: | Wed, 19 Aug 2015 08:51:27 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On 08/18/2015 01:02 PM, Alec T. Habig wrote:
> Hi folks,
>
> I want to add some new machines, running 7.1, into an ldap managed
> cluster consisting of 6.x machines. 7 wants system accounts numbered
> under 1000, 6 was happy with under 500. Many users and countless files
> over a number of machines have uids between 500 and 1000: a global
> migration to the new scheme would be A Lot Of Work. This fedora
> features proposal page:
>
> https://fedoraproject.org/wiki/Features/1000SystemAccounts
>
> suggests dropping in a tweaked /etc/login.defs file in kickstart's %pre
> section for people in my situation.
>
> Unfortunately, the filesystem doesn't exist yet in %pre, so that's too
> early to pull in a tweaked file. In %post, all the system accounts are
> already made and many config files have pulled the UID min and max
> values from the default login.defs file already, so that's too late.
Are you *sure* it doesn't work? It would seem possible the initial install to the new root might use the login.defs from the kickstart environment, and by fixing login.defs again in %post you patch your installed system.
I wouldn't imagine migrating to the new scheme would be *that* difficult once you nail down the user, old uid, new uid, change their passwd uid, then run something like this on all your systems: find PATHS -user $oldID -exec chown -h $newID {} +
|
|
|