files, it simply skips these lines. This makes it possible to run
the script using a master UID/GID list for the input file even
on systems that have some user accounts that already have
standardized UIDs and GIDs.
When the script runs, it doesn’t change anything on your
system; it simply gathers the user and group information
from the system and displays on the screen the commands
you would need to standardize the UID and GID numbers.
To run the script, you use a command similar to Listing 11
below.
Listing 11. Running the fix_gid_uid.pl
script
./fix_gid_uid.pl --uidfile uid.txt
--gidfile gid.txt
### Commands to update Groups ###
chgroup id=5000 app_group
chuser pgrp=app_group todd
chuser pgrp=app_group megan
chuser pgrp=app_group app_user
chuser pgrp=app_group app_2
chuser pgrp=app_group app_3
chuser pgrp=app_group app_4
find / -group 14 -exec chgrp -h app_group
{} \;
### Commands to update Users ###
chuser id=3500 megan
find / -user 406 -exec chown -h megan {}
\;
chuser id=3501 todd
find / -user 402 -exec chown -h todd {} \;
chuser id=3502 app_user
find / -user 409 -exec chown -h app_user
{} \;The script displays on the screen all of the commands
you would need to standardize the UIDs and GIDs on this
system to the new UIDs
and GIDs listed in the uid.txt and gid.txt input files.
Note that the output shows that six users need to have
their primary group changed after the GID changes for
the app_group group. This includes users that were not
included in the uid.txt file. The reason for this is that once
the group GID changes all users which had this group as a
primary group need to have their primary group updated,
even if these users are not changing their UID.
Once you have run the script and verified the output is
correct, it is simple to run the commands. To do this, run
the script again and redirect the output to a file. Make the
output file executable, and then run it.
Listing 12. Actually making the changes
on the system
./fix_gid_uid.pl --uidfile uid.txt
--gidfile gid.txt > commands
chmod +x commands
./commands
The run time depends on how many groups and users
are being changed, and how many files are present on
the system. The time range can vary between a minute
to over an hour depending on these factors. If you are
concerned with the run time, you can break the commands
file into smaller sections and run them separately. If your
maintenance window is almost over, you can let the current
section finish. When you have another maintenance
window, simply run the fix_gid_uid.pl script again. It will
generate new commands that you need to run, and the
UIDs and GIDs that were already fixed previously will not be
listed in the output again.
Listing 13. fix_gid_uid.pl script
#!/usr/bin/perl
# This is unsupported code. This script
is provided “as is” without warranty of
# any kind, expressed or implied,
including, but not limited to, the
implied
# warranty of merchantability or fitness
for a particular purpose.
# Use at your own risk.
#
use Getopt::Long;
use User::pwent;
use User::grent;
my ($uid_file, $gid_file);
GetOptions(“uidfile=s” => \$uid_file,
“gidfile=s” => \$gid_file);
if (!((defined $gid_file) || (defined $uid_
file))){
print “Specify at least one arguments:
--uidfile <filename> “;
print “AND/OR --gidfile <filename>\n\n”;
print “Example: $0 --uidfile uid.txt
--gidfile gid.txt\n\n”;
print “Format of UID and GID files
should be: \n”;
print “<Desired GID/UID#> <User/Group
Name>\n\n”;
print “Example:\n”;
print “3000 user1\n”;
print “3001 user2\n\n”;
exit 1;}
