View previous topic :: View next topic |
Author |
Message |
CaptainPuppydog n00b
Joined: 02 Jan 2003 Posts: 41
|
Posted: Thu Jan 02, 2003 10:13 pm Post subject: Emerge changing group id's |
|
|
Ok, i've noticed a few times when I emerge new or updated prog's that /etc/groups wants to be changed. Not a biggie in itself, but when some of the changes that Gentoo wants to do involves reassigning group ids (i.e. ssh was id #78, now wants to be 32, ftp was 54 wants to be 78, etc) , I get _very_ cautious. Especially when group id's seem to be 'trading' between groups.
Question 1: Am I right in my assumtion that if, say ssh and ftp 'trade' id's, the files owned by ssh now would be listed as owned by ftp after the change?
Question 2: What is the 'proper' way of handling changing group id's (whether they 'trade' or just change to a different number)? |
|
Back to top |
|
|
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Fri Jan 03, 2003 1:15 am Post subject: Re: Emerge changing group id's |
|
|
CaptainPuppydog wrote: | (i.e. ssh was id #78, now wants to be 32, ftp was 54 wants to be 78, etc) , I get _very_ cautious. Especially when group id's seem to be 'trading' between groups. |
i'm currently using baselayout 1.8.5.5. my user sshd has uid and gid 22, user ftp has uid and gid 21. what makes somehow sense if daemon-users have their standard listening port number as their [ug]id. but... i wonder what happened to your system. but maybe i better don't want to know...
Quote: | Question 1: Am I right in my assumtion that if, say ssh and ftp 'trade' id's, the files owned by ssh now would be listed as owned by ftp after the change? | yes.
Quote: | Question 2: What is the 'proper' way of handling changing group id's (whether they 'trade' or just change to a different number)? |
if a new baselayout release changes the [ug]id of a user you can safely ignore this. but if you want to apply the change, you should check before which files are owned by the users new ids. for example, if user sshd switches [ug]id from 712 to 22, i'd do the following two steps:- check if there are any files owned by sshd's new ids:
Code: | $ find / -uid 22 -o -gid 22 | if find outputs filename, you should change their ownership.
update id's of all files belonging to sshd: Code: | $ find / -uid 712 | xargs chown 22
$ find / -gid 712 | xargs chgrp 22 |
hth, jukka |
|
Back to top |
|
|
CaptainPuppydog n00b
Joined: 02 Jan 2003 Posts: 41
|
Posted: Fri Jan 03, 2003 2:39 am Post subject: Re: Emerge changing group id's |
|
|
jukka wrote: | CaptainPuppydog wrote: | (i.e. ssh was id #78, now wants to be 32, ftp was 54 wants to be 78, etc) , I get _very_ cautious. Especially when group id's seem to be 'trading' between groups. |
i'm currently using baselayout 1.8.5.5. my user sshd has uid and gid 22, user ftp has uid and gid 21. what makes somehow sense if daemon-users have their standard listening port number as their [ug]id. but... i wonder what happened to your system. but maybe i better don't want to know...
|
The numbers were just ones I pulled out of the air for example purposes. I knew they weren't likely right,but for examples, they were good enough...
jukka wrote: |
Quote: | Question 1: Am I right in my assumtion that if, say ssh and ftp 'trade' id's, the files owned by ssh now would be listed as owned by ftp after the change? | yes.
Quote: | Question 2: What is the 'proper' way of handling changing group id's (whether they 'trade' or just change to a different number)? |
if a new baselayout release changes the [ug]id of a user you can safely ignore this. but if you want to apply the change, you should check before which files are owned by the users new ids. for example, if user sshd switches [ug]id from 712 to 22, i'd do the following two steps:- check if there are any files owned by sshd's new ids:
Code: | $ find / -uid 22 -o -gid 22 | if find outputs filename, you should change their ownership.
update id's of all files belonging to sshd: Code: | $ find / -uid 712 | xargs chown 22
$ find / -gid 712 | xargs chgrp 22 |
hth, jukka |
Ok, that's about what I thought. The changes to 'standard' [ug]id's don't happen very often, but just enough to start getting on my nerves. I find myself thinking 'pick one & stay with it', you know... <sigh> ...and with another thread that I saw when searching about this that was about smtp(?) issues after the emerging it changed the [ug]id changing but not the passwd file, [I'd insert a link, but I can't find the thread at the moment] I started wondering if I was missing something...
I guess for the (very) special case where [ug]id #1 'trades' with [ug]id #2, I'd have to do a shuffle with a temporary [ug]id ... I guess I could write a short script...
Thanks. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|