[SGVLUG] NFS question
Jeff Carlson
jeff at ultimateevil.org
Tue May 2 15:49:42 PDT 2006
Claude Felizardo wrote:
> However I've run into the problem that my userid on Linux and Solaris
> don't match. Fortunately there's no one with a userid of 500 so I'm
> not likely to accidentally smash someone else's files by accident. I
> really don't want to have to change the userid on my Linux box because
> then all my backups won't match. Short of creating another user on
> my local box with a userid of my Solaris account is anyone aware of
> any program that will allow me to remap userid's?
It was exactly this situation at my previous job that expedited my move
to LDAP on that network. I wound up with a regular user who owned the
database depending on which machine you looked at.
From that point on, all machines were a member of the LDAP
authentication system. Simply, no exceptions. I would say I'm
surprised your SAs didn't insist you be a part of it as well, but I'd be
lying, they probably didn't anticipate this, and it is still technically
your problem, not theirs. But it would have been easier if you had
matched their environment from the very beginning. I suggest you
inquire with them about making your box a member of the NIS domain or
LDAP if that's what they use.
Anyway, from the practical point of view, you're going to have to change
your UID or add a new one with the correct ID. I'd prefer changing over
adding because you basically won't use one of the two if you add one.
> In fact, there's a guy down the hall who has a windoze box and he uses
> a program called NFS Maestro that comes with Exceed which apparently
> lets him enter his UNIX username/password to access his Solaris home
> directory. I thought maybe they were running a samba server
> somewhere but I can't find it.
It has already been pointed out, this is how Maestro is discovering your
Unix ID since Windows can't provide it.
It looks like Tom found something on using Kerberos. Assuming your
Solaris hosts even have Kerberos, then this is going to be very similar
in the amount of setup you have to do as SSHFS, at least I would imagine
so. (Sounds like your host isn't already using Kerberos.)
My policy for users running Linux on their desktops has always been
this: The host will authenticate off my LDAP server. Your /home will
be shared from NFS in order to simplify things and make sure your files
are always on every machine. You may have root on your box (unless it
becomes a problem) so you can install stuff you want if I don't do it
for you. I will definitely have root on your box. Don't try to
circumvent cfengine. Some users won't break things like that, but
unifying the environment is critical in my estimation.
I say change your user id and just deal with restores from backup if
that ever even comes up.
More information about the SGVLUG
mailing list