[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Orphan files
From: |
Tim Nelson |
Subject: |
Re: Orphan files |
Date: |
Mon, 13 Dec 2004 09:36:27 +1100 (EST) |
On Sun, 11 Dec 2004 wbmccarty@gmail.com wrote:
Hi all,
I'm hardening a Linux configuration by deleting unnecessary users and
groups. Deleting a user or group orphans any files owned by the deleted
user or group. I'd like to change the ownership of any such files to
nobody.nobody. However, it's not clear to me how to accomplish this
using cfengine, other than by running a find command such as "find /
/boot -xdev -nogroup -exec /bin/chgrp nobody {} \;" before deleting the
users and groups. Can anyone suggest a way that's more in line with
cfengine's approach?
Try combining filter (see link below) with the "files" section.
http://www.iu.hio.no/cfengine/docs/cfengine-Reference.html#filters
Incidentally, I recall being told by someone that the "nobody"
user/group has special meaning to NFS, and shouldn't be used for this kind
of thing (I think the suggested solution was another user with a different
name, maybe "orphans" would be appropriate in your case).
Here's something relevant I found:
-----------------------------------------
root_squash - Requests from root clients are mapped to the nobody user and
group ID so they will only have file privileges associated with other.
-----------------------------------------
Maybe someone who actually uses NFS will have some more info, and
be able to chip in :).
--
Tim Nelson
Server Administrator
WebAlive Technologies Global
Level 1 Innovation Building, Digital Harbour
1010 LaTrobe Street
Docklands, Melbourne,
Vic, 3008
Phone: +61 3 9934 0812
Fax: +61 3 9934 0899
E-mail: tim.nelson@webalive.biz
http://www.webalive.biz/
- Orphan files, wbmccarty, 2004/12/12
- Re: Orphan files,
Tim Nelson <=
- Message not available