要升级 Linux Server 时, 要连同帐号一同转移, 步骤如下:
1. 复制旧 Server 档案:
/etc/passwd – 内含帐号资讯, 如家目录, shell 等.
/etc/shadow – 内含帐号加密的密码.
/etc/group – 定义用户群组
/etc/gshadow – 内含群组加密资讯.
/home – 用户默认的家目录.
将上面档案及目录备份:
# mkdir /root/move/
# export UGIDLIMIT=500
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > /root/move/passwd.mig
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/group > /root/move/group.mig
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | tee – |egrep -f – /etc/shadow > /root/move/shadow.mig
# cp /etc/gshadow /root/move/gshadow.mig
# tar -zcvpf /root/move/home.tar.gz /home
# export UGIDLIMIT=500
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > /root/move/passwd.mig
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/group > /root/move/group.mig
# awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | tee – |egrep -f – /etc/shadow > /root/move/shadow.mig
# cp /etc/gshadow /root/move/gshadow.mig
# tar -zcvpf /root/move/home.tar.gz /home
上面有几行用了 awk, 只会备份 UID 大过 500 的帐号, Redhat / Centos 500 以下的都是系统帐号, Debian 要改为 1000.
然后将 /root/move 下面的内容以安全途径传送到新 Server, 例如 scp:
# scp -r /root/move/* user@newserver.com:/root/old_server_bak
新 Server 操作
先将原来的档案备份:
# mkdir /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
将旧 Server 备份过来的档案还原
# cd /root/old_server_bak
# cat passwd.mig >> /etc/passwd
# cat group.mig >> /etc/group
# cat shadow.mig >> /etc/shadow
# cp gshadow.mig /etc/gshadow
# cd /
# tar -zxvf /root/old_server_bak/home.tar.gz
# cat passwd.mig >> /etc/passwd
# cat group.mig >> /etc/group
# cat shadow.mig >> /etc/shadow
# cp gshadow.mig /etc/gshadow
# cd /
# tar -zxvf /root/old_server_bak/home.tar.gz
上面必须用双箭头 “>>”, 不能用单箭头 “>”, 如果用单箭头的话会将新 Server 的系统帐号删除。
最后 reboot server, 之后使用者便可以使用原有密码登入了。