[Freeipa-users] Converting a user group to a non-posix group
Sigbjorn Lie
sigbjorn at nixtra.com
Mon Jun 11 10:53:02 UTC 2012
On Mon, June 11, 2012 12:21, Martin Kosek wrote:
> On Sat, 2012-06-09 at 14:12 +0200, Sigbjorn Lie wrote:
>
>> Hi,
>>
>>
>> Is there a supported method for converting a posix user group to a
>> non-posix user group?
>>
>>
>> Regards,
>> Siggi
>>
>
> I am not aware of any supported method. This step is more tricky than
> making a non-posix group a posix one, because you could break for example some existing file
> ownerships for such group.
>
> But if you really want to make a posix group non-posix you could run
> this group-mod command:
>
> # ipa group-show posix
> Group name: posix
> Description: foo
> GID: 1994800003
>
>
> # ipa group-mod posix --delattr=objectclass=posixgroup
> --setattr=gidnumber=
> ----------------------
> Modified group "posix"
> ----------------------
> Group name: posix
> Description: foo
>
Ah, excellent. Yes I'm aware that it might break ownerships if the POSIX attrs is in use. However
we have some groups that are POSIX that does not need to be POSIX groups.
I've done the change with an LDAP editor earlier, but that was the "supported" solution I was
looking for.
Thanks.
Regards,
Siggi
More information about the Freeipa-users
mailing list