passwdsyncd

NAME

SYNOPSIS

passwdsyncd -s

passwdsyncd -m { on | off }

AVAILABILITY

DESCRIPTION

To run the passwdsyncd it is necessary to have the times synchronized between all participating systems.

The passwdsyncd has the following features implemented:

-

no master server needed, all participating systems are equivalent. Therefore this solution is also preferred to use in a clustered environment where it should be ensured that all nodes are identical.

-

the passwdsyncd can be started at any time, it will not overwrite newer password entries on participating systems.

-

the daemon can be switched centrally into a maintenance mode where all synchronization between the participating systems is on hold.

-

if configured, the synchronization peers can grow dynamically without the need of reconfiguration of the other systems already participating in a synchronization.

-

if configured, user lockouts are not synchronized.

-

the synchronization data is submitted encrypted between the participating systems.

STATES

check

check if there are password database entries newer then the last password synchronization attempt of the local system. After startup this is the first state.

synch

synchronize password database entries to remote system(s).

wait

sleep between checks. This interval can be configured with the SYNC_INTERVAL setting in the passwdsyncd.cfg file.

maintenance_mode_on

promote the maintenance mode to the systems participating in a synchronization.

maintenance_mode_off

clear the maintenance mode on all systems participating in a synchronization.

maintenance

the passwdsyncd is in maintenance mode. During maintenance mode all password synchronization is on hold.

stop

the passwdsynchd has been stopped with the -s option.

abort

the passwdsynchd has been killed with the kill command. This method of stopping the passwdsyncd is not recommended.

OPTIONS

-h

usage message.

-m

maintenance mode control:

on

switch maintenance mode on.

off

switch maintenance mode off.

-s

stop a running passwdsyncd.

SIGNALS

INT

interrupt from keyboard (Ctrl+C). Issuing this signal, the daemon will go to the abort state.

TERM

kill the process without an argument. Issuing this signal, the daemon will go to the abort state.

HUP

stop the passwdsyncd. This signal is issued when passwdsyncd -s is issued and will put the passwdsyncd into the stop state.

USR1

set the passwdsyncd into maintenance mode. The state of passwdsyncd after receiving this signal is maintenance.

USR2

clear maintenance mode of passwdsyncd. The state of passwdsyncd after receiving this signal is check.

EXIT STATUS

0

no error.

1

daemon started as the wrong operating system user.

2

operating system is not supported. See osid(3) if you get this error.

3

cannot write to the lockfile.

4

usage listed.

5

there is already a passwdsyncd instance running on the system.

6

configuration file edrc/etc/passwdsyncd.cfg does not exist.

8

cannot write to the logfile.

9

no permission to stop the daemon.

11

a temporary directory could not be claimed or created in /var/tmp. Check the system temporary directory /var/tmp if you get this error, it is an indicator of system intrusion.

12

no permission to handle daemon maintenance mode.

13

system security type not supported.

FILES

edrc/etc/passwdsyncd.cfg

configuration file for passwdsyncd.

edrc/var/log/

default logfile location of passwdsyncd.

edrc/var/passwdsyncd/

default spool location of passwdsyncd to save password information.

edrc/var/lock/

default lock directory of passwdsyncd.

EXAMPLES

SEE ALSO

NOTES

BUGS

AUTHOR

COPYRIGHT

This is free software; see edrc/doc/COPYING for copying conditions. There is ABSOLUTELY NO WARRANTY; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.