Classic Shell Scripting - Arnold Robbins [173]
find / '(' -nouser -o -nogroup ')' -ls
This produces a list of files in an output format similar to that of ls -dils. Such a list probably should be examined manually to determine the users and/or groups to which they should be reassigned, or new users (and/or groups) should be created for them.
In the former case, the file can be further processed to generate find ... | xargs chown ... commands to do the work.
In the latter case, it's simple to just add names for the corresponding UID and GIDs to the /etc/passwd and /etc/group files, but you should be careful that these unused UID and GID numbers don't conflict with UID and GID numbers generated for merging. This in turn implies that by creating the new user and group names on each system before merging, you won't have a conflict problem.
Third, the filesystems need to be absolutely quiescent during the operations that change the owner and group of the files. This means that there are no other activities occurring while these operations are running. It is thus best if the systems are run in single-user mode, whereby the super-user root is the only one allowed to log in, and then only on the system's physical console device.
Finally, there may be efficiency issues. Consider the series of commands shown earlier:
find / -user ben -print | xargs chown 301
find / -user jhancock -print | xargs chown 300
...
Each one of these pipelines traverses every file on the computer, for every user whose UID or GID needs to be changed. This is tolerable when the number of such users is small, or if the number of files on the system is reasonable (say, one disk's worth). However, if hundreds or thousands of users must have their files changed, or if the system has a nontrivial number of large drives, then another solution is needed. In such a case, it's probably better to use a pipeline similar to this:
find / -ls | awk -f make-commands.awk old-to-new.txt - > /tmp/commands.sh
... examine /tmp/commands.sh before running it ...
sh /tmp/commands.sh
Here, make-commands.awk would be an awk program that first reads the old-to-new UID changes from old-to-new.txt. (This file would be generated by modifying the scripts earlier in the chapter.) Then, for each file in the output, make-commands.awk looks up the owner to find if it needs to be changed. If so, it would print out a chown command line. Once all the commands are saved, you could then look them over before executing them. (We leave the actual implementation as yet another one of those famed "exercises for the reader.")
Summary
In this chapter, we have re-created and solved a "real-world" problem: merging the password files of two separate computers so that their files can be shared via NFS.
Careful study of the password files of both systems allows us to classify users into different categories: those only on the first system, those only on the second, and those with accounts on both. The problem is to ensure that when we're done, each user has an identical unique UID number on both systems, and that each user's files belong only to that user.
Solving the problem requires finding new unused UID numbers to use when there are UID conflicts, and careful ordering of the commands that change the ownership of the files. Furthermore, the entirety of both systems must be searched to be sure that every file's owner is updated correctly.
Other issues would need to be solved in a similar fashion; most notably, the merging of the group files, and assigning owners to any unowned files. For safety, the systems should be quiet while these operations are in progress, and we also outlined a different solution when efficiency is an issue.
The solution involved careful filtering of the original password files, with awk, sort, uniq, and while read ... loops being used heavily to process the data and prepare the commands to change the ownership of user files. find, xargs, and chown (of course) do the work.
The total solution represents less than