[Freeipa-users] Service accounts and groups
Steven Jones
Steven.Jones at vuw.ac.nz
Fri Feb 8 00:21:32 UTC 2013
All users are IPA only
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of KodaK [sakodak at gmail.com]
Sent: Friday, 8 February 2013 11:22 a.m.
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] Service accounts and groups
On Thu, Feb 7, 2013 at 1:46 PM, Steven Jones <Steven.Jones at vuw.ac.nz> wrote:
> Hi,
>
> I have had little to do with permissions until now so bear with me if the Qs are obviously stupid, probably not really IPA but a linux blind spot I have....anyway,
>
> So I have a service account with its group this runs a database.
>
> So oracle with uid 2000 and gid 2000. I have some other users that need to be in the oracle user's group but I cant do that in IPA?
>
Is oracle an IPA user and group or a local user and group?
Assuming a Linux host and a local oracle user and group: you can add
the IPA users to a local group and it will work. I have no idea if
that's the "right" way to do it, though.
> I created a user group called oragrp gid 2001 but the user oracle is creating files with a uid of 2000 and gid of 2000 and not a gid of 2001 which I assume would fix it?
Again, if oracle is a local user, you can change his primary group
using "usermod -G 2001 oracle" -- but you might as well just add the
IPA users to the local oracle group.
--Jason
_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list