-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2013-04-17 at 00:12 -0700, Marc Chamberlin wrote:
In my effort to upgrade our servers to openSuSE12.3, I have yet again encountered a problem that required a lot of time to debug and track down. This has plagued me and frosted my tootsies before... I often copy data (whole directory trees) that is required for various servers from an older OS into the realm of the new OS that I am upgrading to. For example, the MySQL databases, the Apache and Tomcat web site data, James mail data, etc. In the process user and group ID's from the old version of files can "change" because the underlying integer value - UID/GID - for these IDs is different for the two different OS versions. This in turn can lead to hard to debug security problems.
It seems to me that when installing a new version of openSuSE, there ought to be a way to import the /etc/passwd and /etc/group files from an older OS into the new OS BEFORE anything gets actually installed.
And there is, there is such a feature while you run the installer.
There are two places.
One, when you get the partition proposal, you can tell yast to instead
read the fstab from an existing filesystem. You point yast to a partition,
it looks around, reads fstabs, and displays the filesystem layout that
would result.
The next is during user creation: again, there is an entry to import the
user list from a previous system. You can choose the partition to read
from, and they are imported.
However, this applies to users created with UID ≥1000, I don't know what
happens below with users the system uses for services. When I have
services like databases, mail service, web, etc, I do system upgrades
instead, not fresh installs.
http://en.opensuse.org/SDB:System_upgrade Online upgrade method
http://en.opensuse.org/SDB:Offline_upgrade Offline upgrade method