duplicate GID between tagtor and metrics-api
the metrics-api and tagtor groups have the same GID, which raises this error in ud-replicate
, even on unrelated servers:
root@cdn-backend-sunet-02:~# ud-replicate
receiving file list ... done
sent 19 bytes received 837 bytes 1,712.00 bytes/sec
total size is 226,362 speedup is 264.44
makedb:cdn-backend-sunet-02.torproject.org/group.tdb:69: duplicate key
That's because both groups have the same GID (2196
):
571 gid=tagtor,ou=users,dc=torproject,dc=org
gid: tagtor
gidNumber: 2196
objectClass: top
objectClass: debianGroup
[...]
587 gid=metrics-api,ou=users,dc=torproject,dc=org
gid: metrics-api
gidNumber: 2196
objectClass: top
objectClass: debianGroup
it's the same for the metrics-api and tagtor users: they share the same UID.
there are two problems here:
- duplicate UID/GIDs - in general that should be avoided, but this is particularly a problem because both users/groups pairs are deployed on the same server (
metricsdb-01
), it's a miracle any of this worked at all - this shouldn't error everywhere and I worry this is a sign that users are not syncing properly
This could be related to the botched LDAP upgrade I did yesterday (#40693 (closed)), but I suspect the duplication has been there since August 25th. We haven't noticed then possibly because makedb
was less strict or some other thing changed... unclear.
In any case, we need to split those UIDs. @hiro what should those UIDs be? what files should be owned by who?