Migrating user accounts from older Linux to RHEL7 / CentOS7
Another pointless change just to break backwards compatibility - RHEL7 and CentOS7 prevent users with uid lower than 1000 from logging in. This is bad when you're migrating accounts from existing Linux server where uids start at 500.
Number of configuration files under /etc/pam.d enforce this limit. Editing them by hand works until next time authconfig is executed and then default setting is back.
Fix this by editing /etc/login.defs and change UID_MIN and GID_MIN from default 1000 to 500.
Then run "authconfig --update"
Before:
/etc/pam.d/password-auth:auth requisite pam_succeed_if.so uid >= 1000 quiet_success
/etc/pam.d/password-auth:account sufficient pam_succeed_if.so uid < 1000 quiet
After:
/etc/pam.d/password-auth:auth requisite pam_succeed_if.so uid >= 500 quiet_success
/etc/pam.d/password-auth:account sufficient pam_succeed_if.so uid < 500 quiet
Number of configuration files under /etc/pam.d enforce this limit. Editing them by hand works until next time authconfig is executed and then default setting is back.
Fix this by editing /etc/login.defs and change UID_MIN and GID_MIN from default 1000 to 500.
Then run "authconfig --update"
Before:
/etc/pam.d/password-auth:auth requisite pam_succeed_if.so uid >= 1000 quiet_success
/etc/pam.d/password-auth:account sufficient pam_succeed_if.so uid < 1000 quiet
After:
/etc/pam.d/password-auth:auth requisite pam_succeed_if.so uid >= 500 quiet_success
/etc/pam.d/password-auth:account sufficient pam_succeed_if.so uid < 500 quiet
I used following commands to migrate user logins with passwords. Rest is easy - just rsync home directories across the network or do NFS mount.
awk -F: '{if ($3 >= 500 && $3 < 1000) { print } }' passwd.gramps >>/etc/passwd
awk -F: '{if ($3 >= 500 && $3 < 1000) { print } }' group.gramps >>/etc/group
awk -F: '{if ($3 >= 500 && $3 < 1000) { print $1 } }' passwd.gramps | egrep -f - shadow.gramps >>/etc/shadow
And grant sudo access by adding to my login to wheel group.
usermod -aG wheel asiantuntijakaveri
Comments
Post a Comment
Got something to say?!