[Adduser-devel] Bug#583976: alligning UID==GID for user private groups

Marc Haber mh+debian-packages at zugschlus.de
Wed Nov 23 10:06:45 UTC 2011 

On Mon, May 31, 2010 at 11:49:40PM +0200, C. Gatzemeier wrote:
> Am Wed, 26 May 2010 08:40:26 +0100
> schrieb Stephen Gran <sgran at debian.org>:
> > This one time, at band camp, Steve Langasek said:
> > > On Tue, May 25, 2010 at 11:30:49PM +0100, Stephen Gran wrote:
> > > > This one time, at band camp, Michael Banck said:
> > > 
> > > > > Seems worthwhile to change adduser how you suggest to me, is
> > > > > there a bug filed to this end?
> > > 
> > > > adduser has had bugs filed in the past asking for uid to be equal
> > > > to gid by default, and I have so far rejected them as not worth
> > > > the complexity for the aesthetic pleasure of having numbers
> > > > match.  Is there some problem with username == primary group name?
> > > 
> > > pam_umask requires both username == primary group name and uid ==
> > > gid before it will assume UPG are in place when using its
> > > 'usergroups' option, and I am not willing to diverge from upstream
> > > on this as this would mean admins coming from other systems may get
> > > an unpleasant surprise when they find that Debian gives a more
> > > relaxed umask than they were expecting in some corner cases.
> > > 
> > > So either someone should convince Linux-PAM upstream to change the
> > > behavior of pam_umask, or adduser should enforce the same rules as
> > > other implementations, if pam_umask is to be involved here.  Beyond
> > > that, I have no particular opinion on this question.
> > 
> > That's the first useful argument I've heard for changing adduser's
> > behavior.  Interoperability with other software is a useful goal, and
> > when I was arguing it wasn't worth the complexity, either pam_umask
> > didn't exist or I was unaware of it.  I'll try to get this change into
> > squeeze.

So the idea would be to iterate through the number space until a
number is found that is free both as a UID and a GID if it is
requested to create a user and the corresponding, identically named
group?

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062

More information about the Adduser-devel mailing list