How best to backup and restore users and groups?

Doug Hutcheson · #1 3rd July 2012, 06:28 AM

I have just moved up to FC17, from 15, on my laptop that only I use. Enough cruft came across with the upgrade and enough problems are appearing, that I want to start again and do a clean install instead of an upgrade.

I use deja-dup as my backup tool and have good backups. However, deja-dup stores files with the user id and group id, not the respective names. That means that, when I restore from my backup after a fresh installation of FC17, I need to recreate the users and groups with the same ids that they currently own. I don't want to have the nightmare of trying to change old user and group ids with to their new equivalent on all the files that I restore.

The question is: what is the best way to ensure my existing user and group ids and passwords are restored after repaving the machine? Do I need to write them all down and recreate them by hand in the fresh installation? Is there an automatic way of doing this? What are the pitfalls? Am I trying the hard way to do something simple?

***Gareth Jones*** · #2 3rd July 2012, 12:18 PM

The user and group names corresponding to UIDs and GIDs, along with their (encrypted) passwords, home directories and a few other basic user settings are stored in in /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow. You could backup and restore these files too, but unless you install exactly the same software in the same order (difficult when talking upgrade vs. fresh install), you'd better just copy and paste the lines for UIDs and GIDs over 999.

Doug Hutcheson · #3 5th July 2012, 02:45 AM

Thanks for that advice, Gareth. The only important user/group details I can think of are postgres and apache and I expect it will be safer to create them from scratch than to restore my existing /etc/passwd etc.

Is it fairly random as to which UID and GID postgres and apache will be assigned, or is it standard for postgres to have UID and GID both numbered 26 and apache to have UID and GID numbered 48? If the system will automatically assign the same UIDs and GIDs that I have now when it creates these users, I have nothing to worry about.

flyingfsck · #4 5th July 2012, 04:45 AM

Here is what I do on all my systems:
# tar -zcvf etc.tgz /etc

That way , if some obscure setting gets forgotten or messed up, I can go and troll through it.

***Gareth Jones*** · #5 5th July 2012, 01:19 PM

Quote:

Originally Posted by Doug Hutcheson

Is it fairly random as to which UID and GID postgres and apache will be assigned, or is it standard for postgres to have UID and GID both numbered 26 and apache to have UID and GID numbered 48? If the system will automatically assign the same UIDs and GIDs that I have now when it creates these users, I have nothing to worry about.

I don't know about specific packages, or how they're allocated, but all system/daemon users should be with UIDs and GIDs less than 1000 (or 500 on pre-F16 installs). Since the user database files are plain text, and the UID/GID entries are fairly obvious, just copy and restore the lines for >= 1000 for real users. If you are keeping data for daemons (e.g. Postgres or Apache), it's probably best to "chown -R ..." their directories manually after reinstalling, as I don't know if a fresh install will use the same IDs as an upgrade.