[OpenAFS] Re: [Slightly OT] changing UID of a user to 1
Sun, 28 Aug 2005 16:25:43 -0400
On Sunday 28 August 2005 3:39 pm, Russ Allbery wrote:
> > Well, that seems to leave only one option. Change the Unix ID of the
> > user in question to 1. How do I :
> > Change the UID of the user "daemon" to something else (say 11), change
> > all the ownerships on all the files owned by it on the system
> > consistently and make sure that no processes crash.
> I wouldn't really recommend this. The system probably isn't going to like
> it, and then you'd have to maintain it forever. I'd recommend instead to
> ask your local Kerberos administrator to temporarily create you a second
> identity that you can add to system:administrators and use to do the delet
> and recreate of your regular principal.
> This is another good reason to use a separate admin principal from your
> regular principal, one that I'd not thought about before.
Thanks. I have requested this. Let us see what they do.
Right now, I am restoring (via sftp) the files I had backed up onto another
server for each user. After they are copied, I will be doing a bunch of
chown's (which will change the Unix permissions and ownerships of those files
and directories). Do I need to change the ACL's as well or will simply a
chown with the right ID do the job (ACLs are inherited from a parent
directory, aren't they) ?
Second unrelated question : I have another partition on this server machine
(named /vicepb) available for the AFS cell. How do I make it available to
user.* volumes ?
For whatever it is worth, I am including the script that I used to generate
pts createuser $1 $2
vos create omega.domain.edu /vicepa user.$1 -maxquota 30000000
fs mkmount /afs/.omega.domain.edu/user/$1 user.$1
fs setacl /afs/.omega.domain.edu/user/$1 -acl $1 all
pts examine $1
chown $2 $1
pts adduser $1 bgroup
vos backup user.$1
fs mkmount /afs/omega.domain.edu/user/$1/OldFiles user.$1.backup
fs lsmount /afs/omega.domain.edu/user/$1/OldFiles
adduser --home /afs/omega.domain.edu/user/$1 --shell /bin/bash --uid $2
--ingroup bgroup --disabled-password $1
chgrp bgroup /afs/omega.domain.edu/user/$1
cp /etc/skel/.* /afs/omega.domain.edu/user/$1
chown -R $1.bgroup /afs/omega.mit.edu/user/$1
Hopefully, someone will find it useful.