Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 29 Dec 2002 15:23:40 -0800
From:      richard childers / kg6hac <fscked@pacbell.net>
To:        lewiz <purple@lewiz.info>
Cc:        freebsd-mobile@freebsd.org, FreeBSD-questions <freebsd-questions@freebsd.org>
Subject:   Re: Working remotely.
Message-ID:  <3E0F83FC.327948B8@pacbell.net>
References:  <20021229200153.GA61755@lewiz.org> <3E0F66C7.CF4626F6@pacbell.net> <20021229220336.GA956@lewiz.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Lewiz notes:

"> I would recommend creating a login which we will call your 'off-campus',
> 'roving', or 'disconnected' login. This login has a UID and GID of N, and a
> home directory of, say, /local/home/roving.

"To begin with when I read this I thought you must have been smoking
something.  I was wondering how on earth I would bridge the gap between
two different UID/GIDs, until I figured out what you meant by ``N''.
This is a truly superb idea, that I would not have thought of.  UNIX is
truly about simplicity :)  I shall get this implemented right away.  My
only consideration here is which goes first in the passwd file -- the
roving user or the NIS/YP hash thingy?  I'll play around with this and
figure it out."

I was actually less than clear about this, in my reply; rereading it, I saw that I
had neglected to bridge the gap between the two UIDs, and hoped you would read
between the lines and infer the answer from the clues I had provided. You did a
great job. Sometimes I think this is the best way to teach; to lead someone close
enough so that they can get that 'Aha!' rush, directly for themselves.  (-;

Either of the users can go first; they must have different login names (the key
used to look up the corresponding userid) and can reference different home
directories, but either login should be able to read and write to the local (and
remote) account, as a consequence of their sharing userids and group ids.

Alternatively, another way to approach it might be to create a pseudo-entry, as
described previously, where your NIS data is encapsulated as a line in the local
/etc/passwd file(s), and then put the two userids into a common, locally defined
group; that plus appropriate group read-write-execute-search permissions would
also allow them, again, to seamlessly share data.

When using YP back in 1986, one of my problems was engineers getting tired of YP
server timeouts and map failures, using their root passwords to create local
entries, and then getting frustrated when they changed their YP passwords, a few
weeks later, and were unable to login as a result of local entries having
precedence over remote entries. What was a hassle, then, can be, under certain
circumstances, a valuable feature.

(And a shout out to ~timzim and his gang of elves, at NET, in 1986. :-)

-- richard


lewiz wrote:

> On Sun, Dec 29, 2002 at 01:19:03PM -0800, richard childers / kg6hac wrote:
> > Reading your questions, I am left unclear as to whether the NFS, NIS/YP, and
> > server are at home, or at work.
>
> Sorry, I have the NFS, NIS/YP stuff at home.
>
> > The question then becomes, which is the master and which is the slave, or
> > copy? I recommend thinking of your laptop's current contents as the master,
> > it makes things easier but if your server is providing megastorage for your
> > MP3 collection, you're going to have to evolve your own, more complex
> > algorithm for synchronizing specific elements of your home directories on
> > each system with one another.
>
> While, yes, as everybody I think these days, I have my music/video
> collection, I was planning on leaving that where it was :)  However, I
> already had some rsync stuff going to work around the fact that I don't
> want/need all my mail for the past n years -- I have a current mail (3
> months at the most) that I would be taking with me, I've accounted for
> this, as suggested.
>
> > Perhaps this is a better approach, anyway; what needs to be synchronized? If
> > you're using it as a backup mechanism, maybe tar(1)'ing up your home
> > directory into a timestamped tar(5) file and copying that to the server mkes
> > more sense, along with a complementing script that deletes all tar(5) files
> > over N days old, to keep disk usage to a minimum.
>
> I'm not so keen on this method.  I would much prefer a synchronization
> idea, not a backup.  Firstly, it's much quicker for me to pick up and go
> in the morning, and to get everything in synch when I get back.  Also,
> this could cause problems if I were to log on to my workstation at home
> before connecting the laptop, etc.
>
> > The other problem is the relationship between NIS/YP login information and
> > your local login information. It sort of sounds like this laptop was built
> > with a built-in NFS/NIS/YP dependency that assumed that you'd be using it on
> > campus only. Not very well thought out, or tested, IMHO.
>
> Hehe, my bad.  Yeah, that's how it's all done though -- I've only just
> got a hold of this laptop so until now I've not had need for it ;)
>
> > I would recommend creating a login which we will call your 'off-campus',
> > 'roving', or 'disconnected' login. This login has a UID and GID of N, and a
> > home directory of, say, /local/home/roving.
>
> To begin with when I read this I thought you must have been smoking
> something.  I was wondering how on earth I would bridge the gap between
> two different UID/GIDs, until I figured out what you meant by ``N''.
> This is a truly superb idea, that I would not have thought of.  UNIX is
> truly about simplicity :)  I shall get this implemented right away.  My
> only consideration here is which goes first in the passwd file -- the
> roving user or the NIS/YP hash thingy?  I'll play around with this and
> figure it out.
>
>   Many thanks for your response.  It's already been very useful and I've
> not got around to implementing some of it yet ;)  What I think I'll be
> doing is using the ``Unison'' utily suggested by Eric De Mund to
> synchronize the two logins in conjunction with the secondary username
> you suggested.  Thanks again, I'll follow up with how I got on.
>
> -lewiz.
>
> --
> If you have a procedure with 10 parameters, you probably missed some.
> ------------------------------------------------------------------------
> --|| url: http://lewiz.info/ | http://www.westwood.karoo.net/pgpkey ||--
>
>   -----------------------------------------------------------------
>    Part 1.2Type: application/pgp-signature


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?3E0F83FC.327948B8>