[freeside] Importing Legacy Data

ivan ivan at 420.am
Tue Jun 13 18:14:52 PDT 2000 

On Tue, Jun 13, 2000 at 10:34:27AM -0700, Turtle wrote:
> 
> 
> Ok... i'm running /usr/local/fs-1.2.3/bin/svc_acct.import and i get through
> all the options then it asks me:
> 
> Enter the location and name of your _user_ passwd file, for example "Mail.isp.com:/etc/passwd"
> or "nis.isp.com:/etc/global/passwd"
> 
> Well... That would be nice if I USED rsh and rlogin... Which I don't.

The import script uses SSH, not rsh or rlogin.

> I don't
> even know if that's what it's for but I've never heard of that syntax for a
> file being used on anything else, and even with rsh it would be root at dns.netzon.net:/etc/passwd

If you'd read the source or tried the script before firing off an flame,
you'd have found out that `root@' is prepended automatically.

> but even so, it doesn't even need to leave the local machine!  I have the files
> I want to import on the local machine and there doesn't seem to be an option
> for importing them from there.

localhost:/path/to/local/file

> This is really starting to become annoying now...
>  It's not doing things the logical way I think that it should be doing them.

Then modify the source; no one is stopping you.  Ranting on a public
mailing list is neither productive nor appriciated. 

>  The best way it could do it is to have some kind of a server program
> running on the machine that has the passwd and shadow files that would
> accept connections only over the local lan,

That's not good security.  SSH's public-key authentication is more secure. 
(No reason it couldn't be used to make a daemon like you describe, of
course) 

> then go in and MODIFY the
> existing passwd and shadow files.

I disagree.  This is no longer a replication problem, but now a
synchronization problem, which is far more complicated, and more prone to
error.

You can use the "shellmachine" configuration file to control the running
of the `useradd' and `userdel' commands, and the copying of directories.
See htdocs/docs/export.html.  Doing this without also doing exporting will
break most account modifications from Freeside (passwords, shells, etc.).

> I really don't want to have to overwrite my passwd/shadow files.  I
> REALLY don't want to have to do that.

Then don't use the package, or modify it to suit your needs.  Freeside was
designed from the start to automate administration and farming of remote 
machines from a central database of user information.

>  What happens to all the other things
> like root and what not that I don't want to go through freeside?

You should import your entire passwd file.

-- 
meow
_ivan

More information about the freeside-users mailing list