[Dirvish] Question about UIDs and GIDs

Joe Aquilina joe_linux at westnet.com.au
Thu Aug 16 06:34:19 UTC 2012


At 05:48 PM 15/08/2012, you wrote:
>Joe Aquilina wrote:
> >> firstly, welcome Joe.
>
>+1
>
> >> as you've noticed, the numerical UID and GID is preserved during
> >> backup. If the restore is done in the same fashion as the backup,
> >> the numerical UID and GID will also be preserved during restore.
>
>The important take-home message is that the numerical IDs are what
>count. The names are just 'sugar' for humans and don't really mean anything.

I am becoming increasingly aware that the numeric-ids are most 
important, just another part of my ongoing Linux education. My 
"mis-understanding" prior to this exercise was that it was the other 
way around so I very glad to have discovered the truth without having 
had to recover from some sort of disaster.

>So when you copy anything, by pretty much any means, the numeric ids are
>  preserved. If you copy something and the numeric id isn't preserved,
>then start reading man pages until you find the option to make that
>happen. If you do that, things will stay pretty organized, although they
>may look weird in terms of user & group names as you copy things between
>machines.
>
>Because of the weirdness and the inreased likelihood of making mistakes
>that follows from it, most people try to keep the same list of name <->
>id mappings on all machines. You might want to see whether that is
>possible at your site. You can copy the passwd (and shadow) files or use
>some distributed service to manage them (NIS, LDAP etc).

There doesn't appear to have been any thought given to consistent 
name <-> id mappings when these machines were originally setup, and 
sadly not when I rebuilt a couple of replacement machines recently. 
There are not too many accounts so it may not be all that difficult 
to remap all the name to the same IDs across all the machines. 
Haven't convinced the boss of this yet; he seems to think "something 
is going to go wrong"


> > Hmmm ... I'm not sure that we are backing up the passwd file. I am
> > almost certain we don't, on any of the machines. The dirvish backups
> > just backup the /home directory tree as far as I can see, and there
> > are no other backups done that I am aware of. Sounds like a no there
> > for passwd which I will fix asap (and I guess group as well).
> >
> > It seems to me that a backup of the whole of the /etc tree is
> > probably a good idea? If so, I can just create another vault for 
> that can't I?
>
>Yes, backing up /etc is a good idea, and several other places as well.
>Probably best to google for linux backup to find some ideas for what
>backup strategy to use. And yes, you can just set up another vault. You
>will come across a few gnarly details that you can fix up as you go along.

Other areas I am guessing probably include /usr and /var - which 
others I should include?

> >> people doing restores often have to go through the process of
> >> chown/chmod after restoring.
>
>As long as you're restoring to the same machine that the data originally
>came from, you shouldn't need to chown anything. It should all
>'magically' acquire the correct user name when it is restored, because
>it is the numerical id that matters.

In almost all cases, restores would be back to the original machine 
that the data came from.


> > I have been doing a test restore of a backup run yesterday, back onto
> > the original machine (into a temp directory as I thought this would
> > be best to not endanger any of the existing user files; it is my main
> > working machine - good or bad idea?)
>
>Yes, test directories are a very good idea. Whether using your own
>machine is a good idea is really down to your own self-confidence and
>self-knowledge. If you KNOW that you're not going to accidentally type
>rm -rf * or somesuch then it's fine. If you know that you sometimes do
>do silly things, you might want to choose a test machine that you can
>afford to trash.
>
> > and the owners and groups appear
> > to have been changed for the restored files. For example, the whole
> > /home/central directory tree which used to be owned by user central,
> > group central is now showing on the restored files to be owned by
> > user joe, group joe. Has my doing the restore to a different location
> > affected the ownership?
>
>If the passwd mapping on the machine you restored to (#3) is different
>from that of the original source machine (#1), then the names will be
>different. The important thing is to check that the numerical ids
>haven't changed.

So far, all is well with my test restores onto my own machine. The 
numerical ids have been preserved in all cases even though the names 
look strange because of the different name - id mappings.


> > I guess that means that I would have to run the loop to change them back?
>
>If you want to use them on machine #3 then yes. And you would have to do
>that with each restore. That's part of why it is usually a lot simpler
>to have a single list of mappings from numerical ids to names for the
>whole site.
>
> > I also just realised that I haven't used the exact same command to
> > restore as was used to do the original backup. Should I have done
> > this with effectively the source and destination swapped around? Is
> > that what you meant earlier when you said "if the restore is done in
> > the same fashion as the backup"?
>
>You can restore that way, but one of the beauties of dirvish is that you
>can just restore files from the backup using cp (use the -p or -a
>options to preserve ownership and file times).
>
>HTH, Dave

Yes it definitely helps. Thanks Dave.

>_______________________________________________
>Dirvish mailing list
>Dirvish at dirvish.org
>http://www.dirvish.org/mailman/listinfo/dirvish



More information about the Dirvish mailing list