Bug 207387
| Summary: | useradd can not add a user to /etc/passwd if the same user exists in NIS | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Chuck Berg <cberg> |
| Component: | shadow-utils | Assignee: | Peter Vrabec <pvrabec> |
| Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.4 | CC: | carl, mitr |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-03-29 07:26:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Does option "-r" on Solaris mean same(system account) as "-r" in shadow-utils? In Solaris, passwd -r refers to "repository". You can either specify "nis", "files" or "ldap" after -r to tell which passwd should change. Example on Solaris: passwd -r files username Would change /etc/passwd and /etc/shadow. passwd -r nis username Would change the NIS account. I don't see anything about -r in passwd, and your statement "-r as in shadow-utils" doesn't tell us what specific command refers to. Certainly, passwd in Linux does not have "-r". Could you be more specific about your question? I should also point out that for useradd on Solaris, it assumes local accounts. So, on Solaris, if you want to add an account to NIS, you need to do it on the NIS master. If you want to *change* the password, you can use "passwd -r nis" to then change the NIS account. On Solaris if you want to add a local account, useradd assumes local accounts only, so useradd will succeed unless there is a duplicate UID in /etc/passwd. Then, you can use "passwd -r files" to change the password. In this manner, you can have two accounts - with the same UID and username - and different passwords. We do take advantage of this fact. In RHEL, there is no way to force a local account with useradd. The same problem for passwd: no way to specify NIS versus /etc files. From the man pages, -r for useradd seems to mean UIDs lower than 100. Is that right? Could you try luseradd? It might solve the problem. Ok, that does the job. Two concerns though: (1) man luseradd -> No manual entry for luseradd (2) The SEE ALSO section of useradd(8) should contain luseradd(8) [once that page is added]. If (1) is too difficult, appropriate mention in the useradd(8) man page would be nice; perhaps that would go under NOTES and state something about the existence and purpose of luseradd. Obviously this also needs to be done for lusermod and luserdel, which I see also exist. Thank you. 1, man luser{add,mod,del} exist from RHEL-5 and FC-6.
2, I'll do it.
|
Description of problem: useradd can not add a local user if getpwnam() can find it - e.g. it exists in NIS. From useradd.c line 2190: if (getpwnam (user_name)) { fprintf (stderr, _("%s: user %s exists\n"), Prog, user_name); Solaris allows you to do this with "useradd -r files". This unfortunately does not allow me to override a NIS user with a local user, for example to specify a different home directory. It also thwarts the common practice of creating a redundant local user for critical application accounts, to allow sane behavior in the event of a NIS failure. My workaround is of course the dangerous manual editing of /etc/passwd and /etc/shadow.