Date: Mon, 21 Oct 2002 18:18:26 -0500 (CDT) From: Jeff Lynch <jeff@mercury.jorsm.com> To: Dexter McNeil <dexter@backtech.com> Cc: freebsd-isp@freebsd.org Subject: Re: user account/password sync between machines? Message-ID: <20021021181446.K67091-100000@mercury.jorsm.com> In-Reply-To: <20021021204543.GA14674@backtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 21 Oct 2002, Dexter McNeil wrote:
> I've got a project that involves two identically configured machines that
> are providing DNS and remote user SSH login. The systems are configured
> such that the users log into 'host', with each machine's DNS server
> returning it's IP address in response to a lookup of 'host'. The idea being
> that if one machine goes down, the other machine will still respond to DNS
> lookups and users will still be able to log in. All of this seems to work
> nicely in testing.
>
> The remaining piece of my puzzle for this is a method of keeping the user
> accounts sync'd between the two machines. I've looked into hacking up the
> adduser.perl script to allow for remote operations on the master.passwd
> file on the two machines (use a third machine to contain the master
> database & publish it to the two remote machines), however I'm wondering
> if anyone has found an easier solution to this type of problem. I'm not in
> a position to implement RADIUS or LDAP at this point, the two machines
> need to be self contained, except for an optional administration machine
> who's availability (or not) won't impact the operation of the two login
> servers.
>
> Any suggestions??
We run this script from cron every 5 minutes to sync passwd dbs on
two machines. Note, there may be some cut/paste errors.
HTH,
--jeff
#!/bin/sh
DATE=`date`
SERVERS="\
machine.domain.com \
"
for server in ${SERVERS}
do
/usr/local/bin/rsync -ptog -e /usr//bin/ssh /etc/group $server:/etc/group
if [ $? -ne 0 ]; then
echo "$DATE: rsync of /etc/group to $server failed" | mail root
fi
/usr/local/bin/rsync -ptog -e /usr/bin/ssh /etc/master.passwd $server:/etc/master.passwd
if [ $? -ne 0 ]; then
echo "$DATE: rsync of /etc/master.passwd to $server failed" | mail root
break # No need to continue
fi
/usr/bin/ssh $server /usr/sbin/pwd_mkdb -p /etc/master.passwd
if [ $? -ne 0 ]; then
echo "$DATE: pwd_mkdb failed on $server" | mail root
fi
done
>
> Many thanks,
> Dexter McNeil
> dexter@backtech.com
>
>
> --
> The ultimate destination on the journey of life is a hole 6 feet deep.
> Enjoy the journey - the destination is nothing to write home about.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
============================================================================
Jeffrey A. Lynch | JORSM Internet, Regional Internet Services
email: jeff@jorsm.com | 7 Area Codes in Chicagoland and NW Indiana
Voice: (219)322-2180 | 100Mbps+ Connectivity, 56K-DS3, V.90, ISDN
Autoresponse: info@jorsm.com | Quality Service, Affordable Prices
http://www.jorsm.com | Serving Gov, Biz, Residential Since 1995
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021021181446.K67091-100000>