Date: Tue, 3 Sep 2019 15:08:34 +0200 From: Albert Shih <Albert.Shih@obspm.fr> To: freebsd-questions@freebsd.org Subject: Re: master.passwd out of sync Message-ID: <20190903130834.GD13052@io.chezmoi.fr> In-Reply-To: <c1e03141-aaf0-cafc-0d24-669ee011e314@hedeland.org> References: <20190903085614.GD3644@io.chezmoi.fr> <152896fe-e1fa-6c4d-b1e4-97d13ea13539@gmail.com> <c1e03141-aaf0-cafc-0d24-669ee011e314@hedeland.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Le 03/09/2019 à 13:46:17+0200, Per Hedeland a écrit > > > > Of course, you can still do as you state here and run pwd_mkdb(8) but better to use the right tool for the job. > > Well, the "new" pw(8) that Albert uses is just as much "the right > tool" as the traditional vipw(8), and arguably more "user friendly". > With vipw(8) you obviously update /etc/master.passwd yourself, while > pw(8) does that for you - and both of them update /etc/passwd and the > databases /etc/spwd.db and /etc/pwd.db, from /etc/master.passwd, > ultimately using pwd_mkdb(8). > > The other difference is that vipw(8) completely re-generates > /etc/passwd and the databases, while pw(8) updates only the specific > user entry (the -u option is passed to pwd_mkdb(8)). Apparently it's > this single user entry update that is failing - or at least the > getpwnam() check for the added user that pw(8) does fails - vipw(8) > (or pwdb(8) without -u) doesn't do any such check, since they update > "everything". > > Anyway Albert, you obviously "shouldn't" get that error message from > pw(8), and you "shouldn't" need to run pwd_mkdb(8) yourself after > using pw(8). Are you running NIS? And if so, do you use the -Y option > to pw(8)? Since you say that you only get the problem "sometimes", one > *guess* is that NIS may not be updated (yet) at the point when pw(8) > does the getpwnam() check. *If* that is the case, running pwd_mkdb(8) > surely won't help - but the passing of time may fix it... To be precise. The creation of the account are launch through puppet agent. The agent crash on the error : Error: Could not create user XXXXXX: Execution of '/usr/sbin/pw useradd XXXXXX -d /home/XXXXXX -u 22607 -g YYY -s /usr/local/bin/bash -G network,wheel -m' returned 67: pw: user 'XXXXXX' disappeared during update Error: /Stage[main]/ZZZ::Accounts::XXXXXX_account/User[XXXXXX]/ensure: change from 'absent' to 'present' failed: Could not create user XXXXXX: Execution of '/usr/sbin/pw useradd XXXXXX -d /home/XXXXXX -u 22607 -g YYY -s /usr/local/bin/bash -G nagios,network,wheel -m' returned 67: pw: user 'XXXXXX' disappeared during update So I try the command manually, and end up with the same error (whew....). I check the puppet provider and it indeed do exactly what it say (and just it say) No account are create actually manually on those server, well more than that generaly no connexion on those server. So I run the pwd_mkdb -u and everything work again. When I writing this answer, something occur to me....all server with problem are no so long ago upgrade from 11.2 to 12.0 with freebsd-update. So maybe the problem are from the freebsd-update, they are a old bug report (fix according https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232921 ) about this problem. I will try again with the next upgrade from 11.2 to 12. Regards -- Albert SHIH Observatoire de Paris xmpp: jas@obspm.fr Heure local/Local time: Tue 03 Sep 2019 02:57:01 PM CEST
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190903130834.GD13052>