Matthew Burgess wrote: > I observe the same behaviour with `useradd' from shadow-4.0.18.1 with > that patch applied. The patch fixes an error whereby the '-g' option > of useradd(8) and usermod(8) don't accept strings as their arguments. > I can't see how it would affect this behaviour we're observing. None > of this is actually documented to work this way though!
I went looking through useradd.c (without the patch) to find out what causes it to create a group with the same name as the user. I figured the command line arguments might as well be "useradd -u <blah> name", but I don't think it matters whether you pass a specific UID or not. First, useradd checks to see if any group exists with the same name as the user (starting at line 1739), and if it finds one, it complains and dies. Then, if -g is not provided on the command line, it calls find_new_gid (starting at line 921), which basically pays no attention to whatever is set in /etc/default/useradd. It just gets a new GID to use (with a big preference for the user's UID on systems with getgrent). The full test is as follows: there must be no group with the same name as the user, there must be no group with the same GID as the user's UID, and -g must not be provided. If all of those tests pass, it will create a user-group and use it, but if any fail, it will use the specified GID (for -g) or find another unused GID. It will never use the GROUP option's value. In fact GROUP won't be used at all, ever, in any configuration; the only way with vanilla shadow-4.0.18.1 to get all your users in the same GID is to provide that GID to the -g option. > though now I'm left wondering how one would get the old behaviour of > actually using the default group back! One would have to patch useradd.c. ;-) A possible way for them to do this is to record whether GROUP was in the useradd file, and if so, use that value in find_new_gid. But that code doesn't exist (yet).
signature.asc
Description: OpenPGP digital signature
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
