0

I have two Red Hat 7 Linux servers that I want to keep user accounts synced. I have a bash script that copies these files between servers:

/etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/subuid /etc/subgid

The script is run from a cron job every 5 minutes on each server, the problem is, how do I make sure only one server runs the script? I was thinking of adding a test into the script running stat on /etc/shadow and if the file modify time is not within the last 5 minutes exit the script. Since the modify time is copied over with the file the second server would also then run the copy script, which I don't want. Is there a better method of doing this?

320f320
  • 1

1 Answers1

1

Hi and welcome to ServerFault.

The "shot from the hip" solution I can come up with is: Manage those files remotely.

Whether you use sssd/NIS, a configuration management solution (puppet/ansible/salt/chef/whatever), it doesn't matter much.

The way it's done now is likely to introduce inconsistencies and cause annoying problems to debug, especially if you introduce more boxes into the mix.

Have an external (to the controlled boxes), single source of truth and let it control this information.

The problem is quite a common one, have a look at the other questions as well.

fuero
  • 9,879