On 08/18/2015 01:02 PM, Alec T. Habig wrote:
Hi folks,
I want to add some new machines, running 7.1, into an ldap managed
cluster consisting of 6.x machines. 7 wants system accounts numbered
under 1000, 6 was happy with under 500. Many users and countless files
over a number of machines have uids between 500 and 1000: a global
migration to the new scheme would be A Lot Of Work. This fedora
features proposal page:
https://fedoraproject.org/wiki/Features/1000SystemAccounts
suggests dropping in a tweaked /etc/login.defs file in kickstart's %pre
section for people in my situation.
Unfortunately, the filesystem doesn't exist yet in %pre, so that's too
early to pull in a tweaked file. In %post, all the system accounts are
already made and many config files have pulled the UID min and max
values from the default login.defs file already, so that's too late.
Are you *sure* it doesn't work? It would seem possible the initial install to
the new root might use the login.defs from the kickstart environment, and by
fixing login.defs again in %post you patch your installed system.
I wouldn't imagine migrating to the new scheme would be *that* difficult once
you nail down the user, old uid, new uid, change their passwd uid, then run
something like this on all your systems: find PATHS -user $oldID -exec chown -h
$newID {} +
