Charlie Powell <charlie.powell@nokia.com> wrote:
Hi,
We have over 45 QNX nodes running in our facility and each has its own
copy of QNX, including their own passwd and shadow files.
When a user needs to change their password a QNX system administrator
has to be involved to coordinate the user’s password update and the
distribution of the updated passwd and shadow files to all the QNX
nodes. This allows the user to perform the update once yet have all
the QNX nodes get the updated password.
We’d like to releive the system administator from having to be involved
in this process and not have to force the user to log into every QNX
node.
Can you suggest a tool or method to provide this capability?
There is an existing tool that will do this – but there are some
possible strategies for dealing with this. The choices depend on
your system and setup.
Do you have a single machine that will “always” be up and running? That is,
a single primary file server or network server? (By “always”, I mean that
if it is down, it is ok for people to not be able to login on other
machines.)
If so, only keep a really passwd and shadow file on this machine. On all
the other machines, insert a set of prefixes (probably in the sysinit)
that point the passwd and shadow file to the main server. Remember, also,
that you should point /etc/.pwlock (the locking file that passwd uses to
prevent conflicting updates to the passwd or shadow files) to that server
as well. You may, also, want to point /etc/group to the central server too.
Assuming node 1 was your main server, the prefix commands would look like:
prefix -A /etc/passwd=//1/etc/passwd
prefix -A /etc/shadow=//1/etc/shadow
prefix -A /etc/.pwlock=//1/etc/.pwlock
If that is not the case, then you have to do local updates and distribute
them. The problem isn’t really in the distribution of the updates – a
script or program that is setuid root, and replaces the passwd utility
(but invokes it) is fairly easy to write. The problem is handling (or,
more exactly, preventing) simultaneous but conflicting updates. You
need to establish some sort of peer-to-peer locking, but without a central
known to be up server. Also, without a central server, you have to deal
with the issue of delayed updates to a node that might be down, or just
not connected to the network (networking cable failure, or somebody
unplugging or kicking the wrong cable, or other worse problems) while
an update is being done – how do you flag this update for later
propagation? Doing this in a consistent, safe, way, completely peer-to-peer
is a non-trivial exercise. (Actually, it is probably a CS PHD level
non-trivial exercise.)
What is the configuration of your network like – logically I mean, not
physical connectivity? Are there some server nodes, and some client or
leaf nodes? If so, it is easier to come up with schemes that will work
reasonably well.
-David
QNX Training Services
dagibbs@qnx.com