Bug 478222 - FEATURE: Ownership Alignment Tool for Unix (OAT)
FEATURE: Ownership Alignment Tool for Unix (OAT)
Status: MODIFIED
Product: penrose
Classification: Retired
Component: Scripting (Show other bugs)
2.0
All Linux
high Severity low
: ---
: ---
Assigned To: Endi Sukma Dewata
Ben Levenson
:
Depends On:
Blocks: 471500
  Show dependency treegraph
 
Reported: 2008-12-27 03:09 EST by Chandrasekar Kannan
Modified: 2018-02-07 15:50 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chandrasekar Kannan 2008-12-27 03:09:52 EST
The Ownership Alignment Tool (OAT) provides an automated solution to changing resource ownership to accommodate changes in users' uids/gids, and changes to group memberships.  The Ownership Alignment Tool also supports matching users' Unix Identities to their Windows account.  Another aspect of consolidating identity stores is managing resource ownership. When a single UID exists for multiple users or multiple UIDs exist for a single user, new UIDs will be assigned as part of the migration. A group's GIDs and memberships may also change. Accommodating conflicting GIDs, consolidating roles, and combining redundant groups all influence ownership changes. Further, Unix limits the maximum number of supplementary groups that can be assigned to a user. Resources, such as files, are marked with the UID and GID of the owner. The resources must have the ownership updated to reflect the newly assigned UIDs and GIDs.The Ownership Alignment Tool (OAT) is a general-purpose tool that combines an automated solution with adequate control, reporting, error recovery, the ability to stop and restart bulk updates, and rollback capability. OAT provides the necessary flexibility to accomplish updating resource ownership in a production environment. In particular, the combination of OAT and the Penrose NIS Tool supports changing ownerships in environments with complex application and system interdependencies.



=========================================================
Issue dump from jira
$VAR1 = {
          'priority' => '3',
          'customFieldValues' => [],
          'project' => 'PENROSE',
          'status' => '1',
          'components' => [
                            {
                              'name' => 'Scripting',
                              'id' => '10015'
                            },
                            {
                              'name' => 'Studio',
                              'id' => '10010'
                            }
                          ],
          'reporter' => 'jimyang',
          'key' => 'PENROSE-251',
          'assignee' => 'jimyang',
          'summary' => 'Ownership Alignment Tool for Unix',
          'id' => '10818',
          'updated' => '2007-10-23 16:30:43.0',
          'votes' => '0',
          'fixVersions' => [],
          'affectsVersions' => [],
          'description' => 'The Ownership Alignment Tool (OAT) provides an automated solution to changing resource ownership to accommodate changes in users' uids/gids, and changes to group memberships.  The Ownership Alignment Tool also supports matching users' Unix Identities to their Windows account.  Another aspect of consolidating identity stores is managing resource ownership. When a single UID exists for multiple users or multiple UIDs exist for a single user, new UIDs will be assigned as part of the migration. A group's GIDs and memberships may also change. Accommodating conflicting GIDs, consolidating roles, and combining redundant groups all influence ownership changes. Further, Unix limits the maximum number of supplementary groups that can be assigned to a user. Resources, such as files, are marked with the UID and GID of the owner. The resources must have the ownership updated to reflect the newly assigned UIDs and GIDs.The Ownership Alignment Tool (OAT) is a general-purpose tool that combines an automated solution with adequate control, reporting, error recovery, the ability to stop and restart bulk updates, and rollback capability. OAT provides the necessary flexibility to accomplish updating resource ownership in a production environment. In particular, the combination of OAT and the Penrose NIS Tool supports changing ownerships in environments with complex application and system interdependencies.

',
          'created' => '2007-08-27 15:28:48.0',
          'type' => '2'
        };


=========================================================
Comment 1 Endi Sukma Dewata 2009-02-23 19:03:28 EST
This feature has been implemented as several components:
- NIS Synchronization (synchronizing NIS to LDAP)
- Identity Linking (linking NIS identities to global identities)
- Conflict Detection (detecting UID/GID conflicts among global identities)
- Ownership Alignment (reporting UID's/GID's that changed from NIS to global)

The output of the last tool can be used to change the actual owners of the files in the entire domain.

Note You need to log in before you can comment on or make changes to this bug.