Managing passwords on several QNX nodes

Charlie_Powell1 · January 8, 2001, 8:20pm

Hi,

We have over 45 QNX nodes running in our facility and each has its own
copy of QNX, including their own passwd and shadow files.

When a user needs to change their password a QNX system administrator
has to be involved to coordinate the user’s password update and the
distribution of the updated passwd and shadow files to all the QNX
nodes. This allows the user to perform the update once yet have all
the QNX nodes get the updated password.

We’d like to releive the system administator from having to be involved
in this process and not have to force the user to log into every QNX
node.

Can you suggest a tool or method to provide this capability?

Thanks in advance,
Charlie Powell

Stephen_Thomas · January 8, 2001, 8:37pm

You could use cron to periodically copy the newest password files to all
nodes. Make sure all your network clocks are synced before doing this
though.

Charlie Powell <charlie.powell@nokia.com> wrote in message
news:3A5A2111.4B6188C5@nokia.com…

Hi,

We have over 45 QNX nodes running in our facility and each has its own
copy of QNX, including their own passwd and shadow files.

When a user needs to change their password a QNX system administrator
has to be involved to coordinate the user’s password update and the
distribution of the updated passwd and shadow files to all the QNX
nodes. This allows the user to perform the update once yet have all
the QNX nodes get the updated password.

We’d like to releive the system administator from having to be involved
in this process and not have to force the user to log into every QNX
node.

Can you suggest a tool or method to provide this capability?

Thanks in advance,
Charlie Powell

David_Gibbs1 · January 8, 2001, 8:42pm

Charlie Powell <charlie.powell@nokia.com> wrote:

Hi,

We have over 45 QNX nodes running in our facility and each has its own
copy of QNX, including their own passwd and shadow files.

When a user needs to change their password a QNX system administrator
has to be involved to coordinate the user’s password update and the
distribution of the updated passwd and shadow files to all the QNX
nodes. This allows the user to perform the update once yet have all
the QNX nodes get the updated password.

We’d like to releive the system administator from having to be involved
in this process and not have to force the user to log into every QNX
node.

Can you suggest a tool or method to provide this capability?

There is an existing tool that will do this – but there are some
possible strategies for dealing with this. The choices depend on
your system and setup.

Do you have a single machine that will “always” be up and running? That is,
a single primary file server or network server? (By “always”, I mean that
if it is down, it is ok for people to not be able to login on other
machines.)

If so, only keep a really passwd and shadow file on this machine. On all
the other machines, insert a set of prefixes (probably in the sysinit)
that point the passwd and shadow file to the main server. Remember, also,
that you should point /etc/.pwlock (the locking file that passwd uses to
prevent conflicting updates to the passwd or shadow files) to that server
as well. You may, also, want to point /etc/group to the central server too.
Assuming node 1 was your main server, the prefix commands would look like:
prefix -A /etc/passwd=//1/etc/passwd
prefix -A /etc/shadow=//1/etc/shadow
prefix -A /etc/.pwlock=//1/etc/.pwlock

If that is not the case, then you have to do local updates and distribute
them. The problem isn’t really in the distribution of the updates – a
script or program that is setuid root, and replaces the passwd utility
(but invokes it) is fairly easy to write. The problem is handling (or,
more exactly, preventing) simultaneous but conflicting updates. You
need to establish some sort of peer-to-peer locking, but without a central
known to be up server. Also, without a central server, you have to deal
with the issue of delayed updates to a node that might be down, or just
not connected to the network (networking cable failure, or somebody
unplugging or kicking the wrong cable, or other worse problems) while
an update is being done – how do you flag this update for later
propagation? Doing this in a consistent, safe, way, completely peer-to-peer
is a non-trivial exercise. (Actually, it is probably a CS PHD level
non-trivial exercise.)

What is the configuration of your network like – logically I mean, not
physical connectivity? Are there some server nodes, and some client or
leaf nodes? If so, it is easier to come up with schemes that will work
reasonably well.

-David

QNX Training Services
dagibbs@qnx.com

David_Gibbs1 · January 8, 2001, 9:02pm

David Gibbs <dagibbs@qnx.com> wrote:

There is an existing tool that will do this – but there are some

That should say “There is NO existing tool that will do this…”

-David

David_Gibbs1 · January 8, 2001, 9:12pm

Stephen Thomas <slthomas@corpdotolin.com> wrote:

You could use cron to periodically copy the newest password files to all
nodes. Make sure all your network clocks are synced before doing this
though.

There are real synchronisation problems with this. First off, where
do you run the cron? On all the nodes, or only a central one? What
if there have been changes to 3 different passwd files since the last
time you distributed them? You can’t just copy the newest one around,
as it will overwrite valid changes made to the other two – effectively
restoring the old password for those people.

-David

–
QNX Training Services
dagibbs@qnx.com

Martin_Zimmerman · January 12, 2001, 12:45am

Previously, Charlie Powell wrote in qdn.public.qnx4:

We have over 45 QNX nodes running in our facility and each has its own
copy of QNX, including their own passwd and shadow files.

Can you suggest a tool or method to provide this capability?

I agree with David that the easiest solution is to have one machine that
contains the “master” password file. I don’t exactly agree with the rest
of his solution [sorry David]. I’ve found that prefix are not the ideal
method of creating a persistant reference to another node, they fail miserably
when that node is not present (this now affects the boot-up/power-up sequence
in the network, not something you want to deal with after a power failure).

I would reccomend that you keep a master file on one node and that you replace
the passwd (after you’ve renamed it) with a script. The script would look
something like this (assuming node 1 is the master):

#!/bin/sh
on -f 1 passwd.orig $1
update.passwd 45 &

Where update.passwd would be:

#include <stdio.h>
#include <stdlib.h>

main( int argc, char *argv[] )
{
int i;
char cmd[80];

for( i = 1 ; i <= atoi(argv[1]) ; i++ ) {
sprintf( cmd, “cp //1/etc/passwd //1/etc/shadow //%d/etc”, i );
system( cmd );
}
exit( EXIT_SUCCESS );
}

The utility would need to be make setuid and owned by root so that it
had permission to copy the passwd and shadow file to all the nodes.

Cheers,
Camz.

–
Martin Zimmerman camz@passageway.com
Camz Software Enterprises www.passageway.com/camz/qnx/
QNX Programming & Consulting