Linux – Simple One-Way Synchronization of User Password List Between Servers

linuxsynchronizationuser-management

Using a RedHat-derivative distro (CentOS), I'd like to keep the list of regular users (UID over 500), and group (and shadow files) pushed to a backup server.
The sync is only one-way, from the main server to the backup server.

I don't really want to have to deal with LDAP or NIS.
All I need is a simple script that can be run nightly to keep the backup server updated.
The main server can SSH into the backup system.

Any suggestion?

Edit:
Thanks for the suggestions so far but I think I didn't make myself clear enough.
I'm only looking at synchronising normal users whose UID is on or above 500.
System/service users (with UID below 500) may be different on both system.
So you can't just sync the whole files I'm afraid.

Best Answer

You can use awk to extract users/groups with IDs of 500 or greater. I have also taken the liberty of excluding user id 65534, which is often reserved for the "nobody" user (depending on distro; no clue if CentOS does so):

awk -F: '($3>=500) && ($3!=65534)' /etc/passwd > passwd.new
awk -F: '($3>=500) && ($3!=65534)' /etc/group > group.new
awk -F: '($3>=500) && ($3!=65534) {print $1}' /etc/passwd | grep -f - /etc/shadow > shadow.new

Then use rsync, scp, or your file transmission method of choice to copy the files to your backup system. These files can then be appended to the end of a 'clean' passwd, group or shadow file when you need to restore them (ie: default system users/groups only, to prevent unintentional duplications of ID/username).

cat passwd.new >> /etc/passwd
cat group.new >> /etc/group
cat shadow.new >> /etc/shadow

Best Answer

Related Solutions

Linux File Sharing – Allowing Access to Company Files Across the Internet

DFS – File Replication to Branch Offices

Related Topic