On Mon, Dec 10, 2012 at 6:55 PM, Todd D. Taft <[email protected]> wrote: > Thanks to a reorganization, I have to move about 50 Linux systems from the > LDAP server run by one group to the LDAP server run by a different group. > In most cases, the UIDs (uidNumber) and GIDs (gidNumber) for a given user or > group don't match between the systems. Since most files are accessed via > local filesystems or NFS, I think I will need to renumber the ownership of > all of the files on these systems. Are there any tools/utilities available > (or hints from people who have done similar projects) that make this process > less painful and go faster?
If you are doing one user at a time, try something like this (GNU find/xargs required): find /path/to/fix -user olduid -print0 | xargs -0 chown -h newuid Reasonably efficient (and won't churn out processes for each file). Walks the filesystem once per user. If you are doing all users at once, then you need an ugly find (I don't recall the precise syntax) that does something like this: find /path/to/fix \( -user olduid -exec chown -h newuid \) -o \( -user olduid#2 -exec chown -h newuid#2) Walks the filesystem once, beats the heck out of the process table (one exec per file). Make sure to do chown -h, not just chown lest someone have a sym link from the place you are walking to /etc/shadow (or less sensitive but still annoying places). It looks like GNU chown doesn't break stuff and this may not be needed there. My experience with this is ~10 years ago with Solaris and ufs. The process was unpleasant. I took some shortcuts since 99% of the files under a user's top level directory were owned by them I could do the first style finds at that level and get most of the filesystem cleaned up fairly quickly. We had quotas set on the filesystem (with values larger than the filesystem size) so we could keep an eye on how much space each person used. This helped a bit with the process- tracking down stray files that were missed and now were unowned (our uid's went from 4-5 digits to 7+ (employee id) which made this easy). Do watch out for problems if there are possible conflicts and look for them first if you can (i.e. uid 1234 should be 2345, but existing 2345 should be 3456). Some apps (Clearcase comes to mind) do NOT like uid changes. Look out for this too. We didn't have to do gids, but the process should be similar. _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
