Thanks to Nikola Milutinovic for a sanity check: He suggested running
authck,
which I had done, but this time I really looked at the results. Nothing
wrong with the auth.db, because everything still worked. Oh, our
home-grown account management software (inherited) is a mix of BASE and
ENHANCED, so authck dumps many pages of inconsistencies, but the vital
stuff was still OK, by its absence in the authck report.
Before running off and bashing a working database, checked the edauth
command itself. It was a zero-length file. Script error, redirect to
edauth instead of pipe to edauth. Restored edauth from another 4.0E
system, everything is fine.
Moral: Just because you are messing with a vital system database is no
reason to panic. Keep calm, and assess the problem like any other.
Sometimes the tools are broken, but the machine is running fine.
To Do List: add authck to cron, and work at cleaning up the problems it
identifies, so it isn't so hard to troubleshoot, next time. And there
will be a next time.
-------- Original Message --------
Subject: Corrupted auth.db in 4.0E--edauth no longer works
Date: Mon, 10 Jan 2000 17:39:36 -0700
From: "Larye D. Parkins" <larye_at_selway.umt.edu>
Reply-To: larye_at_selway.umt.edu
Organization: Computing & Information Services
To: tru64-unix-managers_at_ornl.gov
Followup-To: poster
While bridging our account management scripts between the old auth files
and then new auth.db, we were using edauth -s to install extended
attributes and passwords for new users. After placing edauth -r in a
script to remove users, we can no longer use edauth to read or edit the
database. Users continue to login, and the database timestamp updates
whenever passwords are changed, it seems only edauth is broken.
But, without edauth, we can't change or view the attributes. After
running with the new system for a couple of weeks, we are reluctant to
reload from the old database files because of changed passwords, etc.
The system has about 10000 users.
Anyone know how to repair edauth/auth.db in place?
--
Larye D. Parkins, Systems Administrator
Computing & Information Services
University of Montana, Missoula, MT 59801
(406) 243-2486 larye_at_selway.umt.edu
Received on Tue Jan 11 2000 - 14:48:56 NZDT