IdTools for LDI Conversion
These are the tools we used in Physics to update the uid/gid of files on our systems when we converted over to using LDIName Last modified Size Description
Parent Directory - IdChange 2017-08-09 16:09 6.5K IdChange.map 2017-08-09 14:51 429 IdDiff 2017-08-09 16:09 6.0K IdDump 2017-08-09 16:09 3.6K
IdDump
Given a starting directory, this script produces a (recursive) dump of the permission, owner, and group of all files contained beneath it, printing the (possibly compressed) results to standard out.
This may be used to produce "before" and "after" snapshots of the filesystem permission/owner status to check for errors or anomalies, and to facilitate reversion in the unlikely case it is required.
Usage:
IdDump [-s] [-z] base-dir
base-dir The base directory which to dump
-s Process the contents of each directory in asciibetical
order. (By default, uses unsorted, directory order.)
-z Compress the output w/ gzip. (Dumps can be quite large,
and are highly compressible.)
IdChange
This script recursivly crawls a directory tree, changing uid/gid's according to a supplied id-map-file. Any uid/gid's not mentioned in the map file are left unchanged.
NOTE: Under RHEL6 and RHEL7 based distributions, changing the uid/gid of files also clears any SUID/SGID bits under the following conditions:
- directories:
- The SUID/SGID bits are left alone during uid/gid changes
- non-directories:
- The SUID bit is cleared if the owner changes
- The SGID bit is cleared if the owner or group changes AND the file is group executable
The net effect is that SUID/SGID directories for file sharing will work as expected after the id change, but any SUID/SGID executables will # have to have their SUID/SGID bits reset. Since user-owned SUID/SGID executables should be rare and should only be used with caution, we do not try to override this behavior.
Usage:
IdChange [-nvq] [-s] [-z] base-dir [id-map-file]
base-dir The base directory which to crawl. The script
will not cross filesystem boundaries.
id-map-file File defining the old-to-new uid/gid mappings.
Will be found automatically if named 'IdChange.map'
in the same directory as the IdChange script.
-s, --sort Process the contents of each directory in asciibetical
order. (By default, uses unsorted directory order.)
-z, --gzip Compress the output w/ gzip. (Output can be quite
large and is highly compressible.)
-n, --dryrun Dry-run. Go thru the motions, but don't change files.
-v, --verbose Report each change made.
-q, --quiet Turn off verbose.
IdChange.map
This file defines the mapping from the old uid/gid numbers to the new uid/gid numbers. If placed in the same directory as the IdChange script itself, the script will find it automatically.
Syntax:
U<old-uid> <new-uid> -- defines a uid mapping G<old-gid> <new-gid> -- defines a gid mapping # Blank lines and lines beginning w/ '#' are ignored
Example:
U1043 9050 G1043 2120009050 # ... G1436 416543 # ...
IdDiff
This script compares a "before" and "after" IdDump looking for any errors/anomalies from the expected IdChange results.
NOTE: This script may take a *lot* of memory and CPU cycles for large id dumps.
Usage:
IdDiff old-iddump new-iddump [id-map-file]
old-iddump Old, pre IdChange id-dumpfile
new-iddump New, post IdChange id-dumpfile
id-map-file File defining the old-to-new uid/gid mappings.
Will be found automatically if named 'IdDiff.map'
in the same directory as the IdChange script.
May be a symlink to IdChange.map