Background:

I have 2 server the HN on one is Ubuntu the other is RH5.  I have  
created a usable ubuntu template for our environment by modifying a  
ubuntu template from the Openvz webpage.  Within the template I have  
included our developer's accounts, to include ssh keys.  I created  
this template on our ubuntu server and it works great, I can create a  
new VE, and login using my ssh keys as soon as it's started.

I copied this template to our RH5 server and it mostly works as  
expected all I had to change the /etc/ssh/sshd_config to only allow  
ipv4 binding to port 22.  However, my user accounts in the ubuntu VE  
are foobar.

For example, within the ubuntu template  the uids for alice, bob, and  
carol are 1000, 1001 and 1002, respectively.  These same users have  
accounts on the RH5 HN server, but their uid are 500, 501, and 502 .   
When I create the new VE, alice's home directory is owned by uid 501,  
bob's is owned by uid 502, but carol's is correctly owned by uid 1002.

My assumption is when the "vzctl create" command is used somehow tar  
is "correcting" the file ownership in the VE to align with the HN.


So,

1) Is it reasonable to "precreate" these accounts within the custom  
image for our internal use or should I forgo this idea.
2) Is there some step, that I have missed that ensures that user  
directories are created with the right UID/GID?
3) Is this a configuration issue somewhere that I have fubarred?
4) Is this a bug?



Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================

Sean,

> For example, within the ubuntu template  the uids for alice, bob, and  
> carol are 1000, 1001 and 1002, respectively.  These same users have  
> accounts on the RH5 HN server, but their uid are 500, 501, and 502 .   
> When I create the new VE, alice's home directory is owned by uid 501,  
> bob's is owned by uid 502, but carol's is correctly owned by uid 1002.
> 
> My assumption is when the "vzctl create" command is used somehow tar  
> is "correcting" the file ownership in the VE to align with the HN.


You probably want to use --numeric-owner when creating your template
tar.gz. I'm doing something along this:

cd /vz/private/42; tar cfz /vz/template/cache/debian-4.0-test.tar.gz . \ 
 --numeric-owner

Christian

I don't.

When I use vzctl create <VEID> and it untar's the template file, it is  
changing the UID/GID of the home directories in the tar file from the  
original UID/GID, to the UID/GID that the same individuals have on the  
HN.

If I peek inside the template file my UID is 1001.

On the HN my uid is 501.

When I create the VE, my UID inside the VE is now 501, screwing up all  
kinds of permissions.



Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================





On Apr 24, 2008, at 12:13 AM, vaverin wrote:

>
>
> Hi Sean,
>
> Could you please explain why you want to have UID/GID inside VE be  
> equal to ones on host node?
>
> I would note that it is quite normal that the same users have  
> different UID's on the different nodes, however ususally it do not  
> lead to any troubles.
>
> Thank you,
> Vasily Averin

Sean Whitney wrote:
> I don't.
>
> When I use vzctl create <VEID> and it untar's the template file, it is 
> changing the UID/GID of the home directories in the tar file from the 
> original UID/GID, to the UID/GID that the same individuals have on the 
> HN.
>
> If I peek inside the template file my UID is 1001.
>
> On the HN my uid is 501.
>
> When I create the VE, my UID inside the VE is now 501, screwing up all 
> kinds of permissions.

Can you check your tarball is correct? Maybe you have to use 
--numeric-owner option to tar when packing it.

Yes, using the --numeric-owner when creating the tarball, fixe the  
issue.  It would be nice if that was included in the wiki,  
somewhere.......




Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================





On Apr 25, 2008, at 1:03 AM, Kir Kolyshkin wrote:

> Sean Whitney wrote:
>> I don't.
>>
>> When I use vzctl create <VEID> and it untar's the template file, it  
>> is changing the UID/GID of the home directories in the tar file  
>> from the original UID/GID, to the UID/GID that the same individuals  
>> have on the HN.
>>
>> If I peek inside the template file my UID is 1001.
>>
>> On the HN my uid is 501.
>>
>> When I create the VE, my UID inside the VE is now 501, screwing up  
>> all kinds of permissions.
>
> Can you check your tarball is correct? Maybe you have to use -- 
> numeric-owner option to tar when packing it.

Sean Whitney wrote:
> Yes, using the --numeric-owner when creating the tarball, fixe the 
> issue.  It would be nice if that was included in the wiki, 
> somewhere.......
Since it's wiki, you are very welcome to add this info yourself. :)

Not that I am saying that I won't add this myself, but that'd be nice if 
you can contribute a little, too.

On Fri, Apr 25, 2008 at 11:12 AM, Sean Whitney
<sean@visionary-networks.com> wrote:
> Yes, using the --numeric-owner when creating the tarball, fixe the issue.
> It would be nice if that was included in the wiki, somewhere.......

I've seen a similar problem with my debian-exim user's UID getting
screwed up when moving the template to a new server. Good to know I
have to use --numeric-owner for tar.

Thanks,

Roberto

-- 
http://blog.divisiblebyfour.org/