Friday, August 12, 2011

Migrate users from one Linux machine to another

Have you ever had a need to migrate current running Linux users from installation to another? That would be a simple task if the user count was low. But what happens when the user count is in the hundreds? What do you do then? If you’re not using LDAP, you know you will have to migrate the users’ data, passwords, etc from the old machine to the new. Believe it or not, this is just a matter of a few commands – not necessarily simple commands, but it’s not as complex as you would think.

In this article I am going to show you how to make this migration so your Linux users do not loose their data and their passwords are all retained.

What we migrating

The list is fairly simple:

  • /etc/passwd - Contains information about the user.
  • /etc/shadow - Contains the encrypted passwords.
  • /etc/group - Contains group information.
  • /etc/gshadow - Contains group encrypted passwords.
  • /var/spool/mail - Contains users email (the location will depend upon the mail server you use).
  • /home/ - Contains users data.

Unfortunately these files can not simply be copied from one machine to another – that would be too easy. Just make sure you enter the following commands correctly.

Source machine

These are the commands you will need to run on the machine you are migrating users FROM. I will assume you are doing this on a system that uses a root user (such as Fedora), so all commands will be done as root:

mkdir ~/MOVE

The above command creates a directory to house all of the files to be moved.

export UGIDLIMIT=500

The above command sets the UID filter limit to 500. NOTE: This value will be dictated by your distribution. If you use Red Hat Enterprise Linux, CentOS, or Fedora this value is shown in the command above. If you use Debian or Ubuntu that limit is 1000 (not 500).

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > ~/MOVE/passwd.mig

The above command copies only user accounts from /etc/passwd (using awk allows us to ignore system accounts.)

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/group > ~/MOVE/group.mig

The above command copies the /etc/group file.

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | tee – |egrep -f – /etc/shadow > ~/MOVE/shadow.mig

The above command copies the /etc/shadow file.

cp /etc/gshadow ~/MOVE/gshadow.mig

The above command copies the /etc/gshadow file.

tar -zcvpf ~/MOVE/home.tar.gz /home

The above command archives /home.

tar -zcvpf ~/MOVE/mail.tar.gz /var/spool/mail

The above command archives the mail directory. NOTE: If you are using Sendmail this is the correct directory. If you are using Postfix that directory most likely will be /etc/postfix.

Now it’s time to move everything in ~/MOVE over to the new server. You can do this using the scpcommand like so:

scp -r ~/MOVE/* USER@IP_OF_NEW_SERVER:/home/USER/

Where USER is the username you will use to send the file and IP_OF_NEW_SERVER is the address of thenew server. NOTE: If this server is not on line yet you can always copy these files onto a thumb driveand move them that way.

Target machine

Now we’re working on the new server. Follow these commands (run as the root user):

mkdir ~/newsusers.bak

The above command will create a new directory that will house the backup of the current users.

cp /etc/passwd /etc/shadow /etc/group /etc/gshadow ~/newsusers.bak

The above command will copy the necessary files to the new backup directory.

cd /PATH/TO/DIRECTORY
cat passwd.mig >> /etc/passwd
cat group.mig >> /etc/group
cat shadow.mig >> /etc/shadow
/bin/cp gshadow.mig /etc/gshadow

The above commands will restore all password files onto the new system. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

cd /
tar -zxvf /PATH/TO/DIRECTORY/home.tar.gz

The above commands will first change you to the / directory and then unpack the archived /homedirectory. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

cd /
tar -zxvf /PATH/TO/DIRECTORY/mail.tar.gz

The above commands will first change you to the / directory and then unpack the archived/var/spool/mail directory. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

You can now reboot your system with the users in place.

No comments: