...

* Greg Freemyer (freemyer@NorcrossGroup.com) [030328 10:55]:

...

I have a series of similar boxes that I want to have identical system disks.

Then use mount --bind over to a configuration/data disk for the few unique files like passwd/shadow/group/etc.

...

You might just want to rsync /etc, seems much simpler and can be done over ssh if that's a concern.

I don't understand. During normal day to day admin, I would need to rsync files from /etc to /config/etc. Then immediately after a system disk replacement, I would have to reverse the rsync. It seems possible, but it also seems like eventually I would screw something up and lose my user accounts. I could use timestamps to try to avoid a screw up, but somehow I don't really trust that approach.

...

...

I should be able to just write a short script:

#!/bin/sh chroot /config useradd $*

...

You'll need to copy a shell, libc, and whatever else useradd needs into the chroot as well.

...

--

...

-ckm

I copied over a dozen or so files and I still could not get it to work. I ran strace on useradd to see what was failing. It seemed to revolve around PAM authentication which can get fairly involved. So I gave up on that approach. Instead, I got the shadow-4.0.2.src.rpm off of the CDs and extracted the source. Then I edited ./lib/defines.h to have === #define PASSWD_FILE "/config/etc/passwd" #define GROUP_FILE "/config/etc/group" #define SHADOW_FILE "/config/etc/shadow" #define SGROUP_FILE "/config/etc/gshadow" === And did a make; make install. So far it seems to be working, but I have done very little testing. In particular, I have not tested a single-user boot!!! I hope this effectively means that all changes are made to my /config/etc set of files, but PAM uses the /etc set I have setup as --bind to the /config set. BTW: One nice thing about using binds for this is that if /config is not available, or if I boot single user mode, then the underlying files are still available and I _hope_ I can still login with the base accounts like root. Thanks Greg