usermod vs rolemod

Tex-Twil · July 13, 2009, 8:55am

Hello,
I'm a bit confused by the usage of those two commands. I have 2 freshly installed systems and the behaviour is different from one system to another.

root@systemONE rolemod -G mygroup postgres
UX: rolemod: ERROR: Users most be modified with ``usermod''.


root@systemTWO usermod -G mygroup postgres
UX: usermod: ERROR: Roles most be modified with ``rolemod''.

So how can I know which command do I have to use to add a user to a group ?

Thanks,
Tex

kumarmani · July 13, 2009, 9:17am

What it look like that in one box postgres is a role and in other system it a group name. The best option is to check the /etc/group and see if the it postgres. Also, in case if myuser is a user and if you are trying to add user to the group postgres then the command usermod syntax is wrong.

If you know nay user is part of a given role then use the command roles <username> to fine the roles assign to an individuals

Tex-Twil · July 13, 2009, 11:08am

In both system is a group postgres.

I wasn't clear here. I want to add the user postgres to the group "mygroup". (I edited the commands above)

Tex

kumarmani · July 13, 2009, 11:18am

On the system where you are getting error message as �UX: usermod: ERROR: Roles most be modified with ``rolemod''. Please check the file /etc/security/prof_attr and /etc/security/auth_attr and see if you can get any line related to postgres

Tex-Twil · July 14, 2009, 5:22am

I think I get it now. On one system there was (SUN) postgres installed by default and I guess that this package creates a role postgres hence the error message:

~$ usermod -G mygroup postgres
UX: usermod: ERROR: Roles most be modified with ``rolemod''.

So can I rely on those file to decide which of the two commands I have to use the add the user to a group ?

Thanks,
Tex

---------- Post updated 07-14-09 at 04:22 AM ---------- Previous update was 07-13-09 at 10:51 AM ----------

I think I found the command I needed:

# auths postgres
solaris.smf.manage.postgres,solaris.smf.value.postgres,solaris.device.cdrw,solaris.profmgr.read,solaris.jobs.users,solaris.mail.mailq

So if this output contains "postgres" I should use rolemod to add the user postgres to a group, otherwise usermod.

Is that correct ?

kumarmani · July 14, 2009, 5:49am

Yes, I mean you can decide with the help of above that you need usermod or rolemode to modify the postgres !!!

Tex-Twil · July 14, 2009, 5:50am

EDIT3

No the auth command doesn't help. I think I have to grep the /etc/user_attr file to know if there is a role postgres.