Re: Debian devices and NIS user accounts

[Douglas Allan Tutty <dtutty@porchlight.ca>]

On Fri, Apr 27, 2007 at 09:17:51AM -0400, Michael S. Peek wrote:
> 
> I'm in the process of remaping UIDs/GIDs from our old Solaris-based 
> system (where [UG]IDs started at 100) to Linux (where [UG]IDs start at 
> 1000), and a thought occurred to me.  I have to add each user to the 
> cdrom, video, audio, etc. group in order for them to be able to be able 
> to use these devices.  But these groups all have GIDs below 1000.  I 
> really don't want to have to go to each machine and physically edit the 
> /etc/group file every time I add/remove an account, so it seems to me 
> that the thing to do is to modify NIS so that it exports device GIDs 
> (100 and up) -- but will that screw things up or open me up to a 
> security risk?  I don't see how that would, but you never know.  So 
> before I go and muck about with the system, I thought I would ask: What 
> the Debian way of doing this?

You should probably read the debian policy manual.  You may end up with
a conflict if you assign a regular user to a UID below 1000.  It may be
better to write a short script that reads the solaris password database
(or a file you create from it) and passes that information to useradd to
create the new users.

Doug.