[DRBD-user] Synching users, /etc/passwd /etc/shadow

Boulytchev, Vasiliy vboulytchev at coinfotech.com
Wed Jan 28 23:32:58 CET 2004

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

Todd, please keep me posted if you find anything regarding this.

THANKS LIST!

Vasiliy Boulytchev
Colorado Information Technologies, Inc.
http://www.coinfotech.com


-----Original Message-----
From: drbd-user-admin at lists.linbit.com
[mailto:drbd-user-admin at lists.linbit.com] On Behalf Of Todd Denniston
Sent: Tuesday, January 27, 2004 11:34 AM
Cc: drbd-user at nudlaug.linbit.com
Subject: Re: [DRBD-user] Synching users, /etc/passwd /etc/shadow



"Boulytchev, Vasiliy" wrote:
> 
> OK, will absolutely go this route.  Anything against running two NIS 
> servers on the two redundant servers?  Kinda aiming to a contained 
> environment.
>

As I understand NIS, you can only have one 'Master' server, but you can
have many slave servers. While the Master is down the slaves can operate
on the cached info, but you can't update the info on the slaves till the
master comes back[1].
 
Also as I have recently found out, the 'Real' name[2][3] of the host
seems to be used in the communications between master and slave[5], so
it may be difficult to setup one of your drbd backed servers as a master
and switch over to the other one (as the master) in case of failure.

If anyone has information on making the above statement false, I would
very much like to hear it, as until I had the difficulty, we were
planning on moving our nis server to the drbd machine(s). If I knew how
to get around the 'Real' name problem we could probably use the
information in the last paragraph of how to set up the "ypserv" NIS
server[4], to setup the information files on a drbd controlled device.


[1] Again, As I understand NIS, which is just barely.
[2] on Red Hat:
 find /etc/sysconfig/ -type f | xargs grep HOSTNAME 

other systems are probably:
find /etc/ -type f | xargs grep $HOSTNAME 

[3] as opposed to the name of the IP that the machine takes over on fall
over.

[4] http://www.linux.org/docs/ldp/howto/NIS-HOWTO/ypserv.html#AEN400
"Alternatively, you could edit the /var/yp/Makefile file and set NIS to
use another source password file. On large systems the NIS password and
group files are usually stored in /etc/yp/. If you do this the normal
tools to administrate the password file such as passwd, chfn, adduser
will not work anymore and you need special homemade tools for this.
However, yppasswd, ypchsh and ypchfn will work of course."

[5] someone had changed the 'Real' name of our fileserver&NIS server to
the generic DNS name used for the fileserver, and when I changed it back
to the 'Real' name it was supposed to have (so we could migrate the
fileserver name to the drbd machines) and did a yppush the slaves
revolted and trashed their caches.  After thrashing for a while I
figured out I had to cause the ypserver to update ALL of the db's for
everything it serves (thus change the name in each of those to the new
one), and then do a new `ypinit -s Real_name` on the slaves. 

I suppose one workaround then, might be that when you have to switch to
the other drbd machine have either a heartbeat or manual job that causes
the update of ALL db's to happen on the 'new' yp master and then causes
the slaves to do a `ypinit -s drbd_slave_name`.

> Vasiliy Boulytchev
> Colorado Information Technologies, Inc. http://www.coinfotech.com
> 
> -----Original Message-----
> From: Benjamin Diaz [mailto:bdiaz at aullox.com]
> Sent: Friday, January 23, 2004 5:09 PM
> To: Boulytchev, Vasiliy
> Subject: Re: [DRBD-user] Synching users, /etc/passwd /etc/shadow
> 
> Boulytchev, Vasiliy wrote:
> > Ladies and Gents,
> >   Can anyone point me in the right direction.  I wish to synch my 
> > users between the nodes.
> >
> 
> YP/NIS/NIS+ is the service you're looking for. Most distros include a 
> yp{server|client|tools} package. There's a howto in 
> http://www.linux.org/docs/ldp/howto/NIS-HOWTO/index.html

-- 
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane) 
Harnessing the Power of Technology for the Warfighter
_______________________________________________
drbd-user mailing list
drbd-user at lists.linbit.com
http://lists.linbit.com/mailman/listinfo/drbd-user

More information about the drbd-user mailing list