[Freeipa-users] Converting a user group to a non-posix group
Sigbjorn Lie
sigbjorn at nixtra.com
Mon Jun 11 11:05:04 UTC 2012
On Mon, June 11, 2012 12:53, Sigbjorn Lie wrote:
>
> On Mon, June 11, 2012 12:21, Martin Kosek wrote:
>
>> On Sat, 2012-06-09 at 14:12 +0200, Sigbjorn Lie wrote:
>>
>>
>>> Hi,
>>>
>>>
>>>
>>> Is there a supported method for converting a posix user group to a
>>> non-posix user group?
>>>
>>>
>>> Regards,
>>> Siggi
>>>
>>>
>>
>> I am not aware of any supported method. This step is more tricky than
>> making a non-posix group a posix one, because you could break for example some existing file
>> ownerships for such group.
>>
>> But if you really want to make a posix group non-posix you could run
>> this group-mod command:
>>
>> # ipa group-show posix
>> Group name: posix
>> Description: foo
>> GID: 1994800003
>>
>>
>>
>> # ipa group-mod posix --delattr=objectclass=posixgroup
>> --setattr=gidnumber=
>> ----------------------
>> Modified group "posix"
>> ----------------------
>> Group name: posix
>> Description: foo
>>
>>
>
> Ah, excellent. Yes I'm aware that it might break ownerships if the POSIX attrs is in use. However
> we have some groups that are POSIX that does not need to be POSIX groups.
>
> I've done the change with an LDAP editor earlier, but that was the "supported" solution I was
> looking for.
>
> Thanks.
Is the "--delattr=" option new for 2.2? It does not exist in my 2.1 installation.
Rgds,
Siggi
More information about the Freeipa-users
mailing list