Carlos - Thank you for your reply. I am aware that if I update an existing openSuSE system "in place" then I won't have these sort of UID/GID issues. Unfortunately, I have been burned in the past doing so, and because an upgrade can take quite awhile to complete, we want to keep the older version in a runnable state while we upgrade and test the new version. In particular we don't always upgrade our servers as each new version of openSuSE comes out, and often have to jump across several versions. So that means we must do fresh installs of each new version of openSuSE we upgrade to, in separate partitions and migrate services/data from the older version to the newer version manually. So that is why I am asking if there is an easy way to migrate UIDs/GIDs from an older system to a newer one, either during installation or after the initial installation is complete. I kinda suspect not, but will leave the question open hoping for enlightenment.. Meanwhile will continue to use YaST and bore myself to tears doing it on a case by case basis while avoiding conflicts... Cheers to you also.... Marc... On 4/17/2013 3:09 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wednesday, 2013-04-17 at 00:12 -0700, Marc Chamberlin wrote:
In my effort to upgrade our servers to openSuSE12.3, I have yet again encountered a problem that required a lot of time to debug and track down. This has plagued me and frosted my tootsies before... I often copy data (whole directory trees) that is required for various servers from an older OS into the realm of the new OS that I am upgrading to. For example, the MySQL databases, the Apache and Tomcat web site data, James mail data, etc. In the process user and group ID's from the old version of files can "change" because the underlying integer value - UID/GID - for these IDs is different for the two different OS versions. This in turn can lead to hard to debug security problems.
It seems to me that when installing a new version of openSuSE, there ought to be a way to import the /etc/passwd and /etc/group files from an older OS into the new OS BEFORE anything gets actually installed.
And there is, there is such a feature while you run the installer.
There are two places.
One, when you get the partition proposal, you can tell yast to instead read the fstab from an existing filesystem. You point yast to a partition, it looks around, reads fstabs, and displays the filesystem layout that would result.
The next is during user creation: again, there is an entry to import the user list from a previous system. You can choose the partition to read from, and they are imported.
However, this applies to users created with UID ≥1000, I don't know what happens below with users the system uses for services. When I have services like databases, mail service, web, etc, I do system upgrades instead, not fresh installs.
http://en.opensuse.org/SDB:System_upgrade Online upgrade method http://en.opensuse.org/SDB:Offline_upgrade Offline upgrade method
http://doc.opensuse.org/documentation/html/openSUSE/opensuse-startup/cha.update.html> Chapter 16. Upgrading the System and System Changes - -- Cheers, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux)
iEYEARECAAYFAlFudNUACgkQtTMYHG2NR9U1RQCgmAuMLkreFrhDGyk5EPrUxsWz B7YAn0kzsa7tmJij1UzK54dt+kz5PzN1 =WUoT -----END PGP SIGNATURE-----
-- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org