Re: tlug: NFS question

To: tlug@example.com
Subject: Re: tlug: NFS question
From: Rex Walters <rex@example.com>
Date: Wed, 14 Oct 1998 19:13:28 +0900
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <Pine.LNX.3.96LJ1.1b7.981014181410.2090c-100000@example.com>; from Scott Stone on Wed, Oct 14, 1998 at 06:16:37PM +0900
Mail-Followup-To: tlug@example.com
References: <199810140858.RAA03506@example.com> <Pine.LNX.3.96LJ1.1b7.981014181410.2090c-100000@example.com>
Reply-To: tlug@example.com
Sender: owner-tlug@example.com

>>>>> Scott Stone writes:  (on 14 Oct 98)

> you do need to have identical UID/GIDs on all the machines.  Perhaps put
> passwd in /home and have /etc/passwd on each machine be a symlink to it?
> Same for /etc/shadow, /etc/group, /etc/gshadow if used, etc etc.

You should be REALLY careful when mucking with /etc/passwd and friends.
If you are moving things around the network you must consider a crash on
the server or a crash on the client at any point.  Pretty easy to end up
with an unbootable system if you mess up.  For dataless clients this is
usually no big deal (just boot from floppy, fix the problem and be on
your way) but it pays to be clean.

I would do something like the following:

1) Maintain master copies of passwd, group, shadow, and gshadow on a
   designated server.  These should NOT be /etc/passwd, /etc/group, etc.
   but should be stored separately (/etc/MASTER or somesuch).  Create
   perl scripts to act as substitutes for useradd, etc., that manipulate
   these files rather than /etc/passwd.  They should be owned by root
   with 600 permisions.  RCS can be your friend.

2) Either using rdist or NFS, copy these files onto the client.  Let me
   know if you can't figure out how to do this.  Store the files as
   /etc/passwd.new on each client (/etc must be locally mounted).
   Ensure that any previous file is deleted and check for errors at
   every point.

3) Once you are sure that /etc/passwd.new is safely written to each
   client's disk (trickier than it sounds) farm out a job using rsh or
   ssh that does the equivalent of the following on each client:

	# cd /etc
	# mv passwd passwd.old && ln passwd.new passwd && rm passwd.new

	# #repeat for group, shadow, gshadow

    (I'd actually use a perl script for this for easier bullet
    proofing).

> OR do an NFS-root type thing, which linux does support.  You could even
> use diskless workstations.  I'd suggest a 100MBit network for this,
> though, since that's not even very expensive anymore.

Avoid diskless workstations if at all possible.  Simply too much network
traffic.  Better is to define a "standard" client configuration and
install the OS on all clients identically.  The idea is to be able to
clone a client from scratch in just a few minutes.  This is easiest if all
of your clients have identical hardware configurations, but isn't too
hard even with minor variations.  Use standard scripts to do the
post-install configuration (hostname, ip address, etc.).  DHCP can be
your friend.

NFS-roots are useful during an install from scratch, but otherwise I'd
try to avoid them.

Regards,
-- 
Rex
---------------------------------------------------------------
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 12 December, 12:30 Tokyo Station Yaesu central gate
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp

Follow-Ups:
- Re: tlug: NFS question
  - From: Frank Bennett <bennett@example.com>
- Re: tlug: NFS question
  - From: Frank Bennett <bennett@example.com>

References:
- tlug: NFS question
  - From: Frank Bennett <bennett@example.com>
- Re: tlug: NFS question
  - From: Scott Stone <sstone@example.com>

Prev by Date: Re: tlug: NFS question
Next by Date: Re: tlug: NFS question
Prev by thread: Re: tlug: NFS question
Next by thread: Re: tlug: NFS question
Index(es):
- Date
- Thread

Home | Main Index | Thread Index