Re: create new user with same UID and GID

[Ivan Nejgebauer <ian@uns.ac.rs>]

On 21.02.2015. 19:45, Bernd May wrote:
> You could also create a dummy user account that stores the next usable
> gid/uid pair (which you acquired once with the previous algorithm) and
> then query that account each time you create a new user, increase its
> gid and uid values and create your new user. This assumes some kind of
> conflict free numbering scheme of your users by which you can infer the
> next free number pair automatically.

If one has a special entry to track the highest uid, reuse of the uid value
by multiple processes can be avoided by a ldapmodify operation which combines
deleting the existing value with adding a new value. E.g., if the highest
uid is in the uidNumber attribute of cn=maxUid,dc=example,dc=org, one would
perform (in a pseudo-shell syntax):

maxuid=$(ldapsearch cn=maxUid uidNumber...)
nextuid=$((maxuid+1))

ldapmodify <<!
cn=maxUid,dc=example,dc=org
changetype: modify
delete: uidNumber
uidNumber: $maxuid
-
add: uidNumber
uidNumber: $nextuid
!

If another process manages to update the entry between ldapsearch and
ldapmodify, the delete operation will fail and the entry will be unchanged.
The operation can then be retried with updated values.

(Not tested with multimaster replication and heavy write load/split-brain
situations.)
--
Ivan Nejgebauer                                         +381 21 485 2025
Glavni sistem inženjer                                     ian@uns.ac.rs
CIT-UNS/ARMUNS                                      http://www.uns.ac.rs
Univerzitet u Novom Sadu $ Dr Zorana Đinđića 1 $ 21000 Novi Sad $ Srbija