Hi Abhishek, Things are much better now, thanks! There are still some glitches (see below):
On 11/4/08, Abhishek Kulkarni <[EMAIL PROTECTED]> wrote: > > On Tue, 2008-11-04 at 18:20 -0500, Daniel Gruner wrote: > > Hey Ab, great stuff! > > > > With some caveats, though... > > > > Single user addition now appears to work properly. > > > > Adding all groups also appears to work, for those groups in the > > /etc/group file, as well as the groups available from NIS. > > > > Adding all users only partly works. I suspect there is an issue with > > parsing the passwd file. Also, apparently the software does get the > > NIS passwd info in addition to /etc/passwd, but only some of the users > > get added and some not. > > > the /etc/passwd file is not parsed directly, the entries are obtained > from the passwd database using getpwent(). the users should be added if > the user has a key at $PWDIR/.ssh/id_rsa.pub which has read permissions > for root. if the home dir for the user is NFS-mounted check if root can > read from the key in the user's home dir. > > > > In fact, I got users to add even though their > > group was not in the node database (as checked with "xgetent group > > n0000"). > > > can you paste the output for > xgetent passwd n0000 > > xgetent group n0000 Sorry, this was my mistake (things just flew off the screen). > > > > > In addition, the "flush" options to xgroupset and xuserset return errors: > > > > [EMAIL PROTECTED] sxcpu]# xuserset flush n0000 > > xp_user_flush: n0000: Error 5: unknown command > > Error: unknown command > > > > [EMAIL PROTECTED] sxcpu]# xgroupset flush n0000 > > xp_group_flush: n0000: Error 5: unknown command > > Error: unknown command > > > > > no, this works fine. > did you update the xcpu module that perceus uses for the slave nodes? > It should be in /var/lib/perceus/modules/xcpu, IIRC. > I did now. It works. > > > Furthermore: xuserset delete n0000 -u appears to work. However, > > after doing that, re-adding the root user, showing with xgetent passwd > > n0000 that only root and the admin user are there, when I tried > > "xgroupset delete n0000 -u" I got a pile of error messages saying that > > the groups in question were not empty: > > xp_group_del: n0000: Error 5: jockusch:group not empty > > xp_group_del: n0000: Error 5: segal:group not empty > > > > > yes that looks like a bug. i'll look into this. This is still giving me an error when I try to delete a single group. I was under the impression that if you decide to delete a group it would delete all its users too. Did this change? Regardless, even when I delete all the users in a group, manually, when I try to delete the individual group I still get the error message that the group is not empty. I guess it is just a book-keeping bug that doesn't clean up the database when empty... > > > > > > One more: is it possible to avoid adding the admin-type groups and > > users (like lp, nobody, etc)? > > > > > the -u switch adds all the groups in the group database. it does not > differentiate between admin-type groups and groups you would want. at > the most, groups with gids < 500 (maybe 1000?) could be skipped but i am > not sure if it would be worth it. > > thanks again! > I have one more suggestion about filtering users to be added with -u: Those users that do not log in, i.e. whose shell is specified as /bin/nologin, should not be added. For instance, I got the user "operator" added because its passwd entry is: operator:x:11:0:operator:/root:/sbin/nologin so it did find a .ssh/id_rsa.pub (the one for root), and so the operator user got added. > > > Daniel > > > > > > > > > > On Tue, Nov 4, 2008 at 4:45 PM, Abhishek Kulkarni <[EMAIL PROTECTED]> > wrote: > > > after a few off-the-list exchanges with Daniel, i caught two bugs with > > > xuserset. > > > > > > 1) the supplied arguments were not parsed properly when trying to add a > > > single user with xuserset. > > > > > > 2) to add all the users from /etc/passwd, xuserset made a looping call > > > over getpwent() but xp_user_add did a getpwnam() to find the uid for > > > xcpu-admin which reset the passwd database causing it to go in an > > > infinite loop. > > > > > > few more structural changes in xuserset & xgroupset. > > > > > > -- > > > Signed-off-by: Abhishek Kulkarni <[EMAIL PROTECTED]> > > > > >
