Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
On Wed, 4 Dec 2013 17:10:45 -1000 Gaetan Bisson bis...@archlinux.org wrote: [2013-12-04 12:57:23 -0600] Leonid Isaev: On Wed, 04 Dec 2013 09:16:46 -0600 David C. Rankin drankina...@suddenlinkmail.com wrote: In the past with arch installs, new users have always been added to the 'users' group. Now that is not being done. In short, this is OK; your user doesn't need to be mentioned in /etc/groups after his primary group. If he is mentioned, then the primary group is also his supplementary one (which is anyway automatic). A while back, the default primary group for all new users was users. It's not anymore: an individual group is created for each new user. One can disable USERGROUPS_ENAB in login.defs to get the old behavior. That's right. This is done to save space in /etc/group on systems with large number of users. So each user gets a home directory, generates log info under /var/log upon login/logout, /etc/passwd and /etc/shadow grow linearly in the number of users, but we are going to shave a few bytes off /etc/group? That's hard to believe. I agree that this reasoning is a speculation, but still having 100 users in /etc/group after 'users' would a mess. Also, I remember the question of why 'users' contains no usernames has already been asked on this ML, but somehow I can't find the link... Best, -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature
[arch-general] New users not automatically added to 'users' group if -g default group specified?
All, In the past with arch installs, new users have always been added to the 'users' group. Now that is not being done. If I recall correctly, I have always specified that users are members of a group with the same name as the user by manually creating the group and using the useradd -g group option. This was done to keep UID and GID numbers the same across multiple boxes. On older installs all users were made part of the users group: (July 2011 install) [08:31 nirvana:/etc/httpd/conf] # grep users /etc/group users:x:100:david,anna,blah,blah,blah (New install) [08:45 phoinix:/etc] # grep users /etc/group users:x:100: Is this expected behavior, or has something gone wrong with the install? I ask because https://wiki.archlinux.org/index.php/Cron#Users_and_autostart suggest that all users should already be members of the 'users' group. I don't mind manually adding the users, but if this is a bug, I'll report it. -- David C. Rankin, J.D.,P.E.
Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
[2013-12-04 09:16:46 -0600] David C. Rankin: In the past with arch installs, new users have always been added to the 'users' group. Now that is not being done. Bug reports go to: https://bugs.archlinux.org/ Not this list, not private emails to maintainers, not a combination of the above. -- Gaetan
Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
On Wed, 04 Dec 2013 09:16:46 -0600 David C. Rankin drankina...@suddenlinkmail.com wrote: All, In the past with arch installs, new users have always been added to the 'users' group. Now that is not being done. If I recall correctly, I have always specified that users are members of a group with the same name as the user by manually creating the group and using the useradd -g group option. This was done to keep UID and GID numbers the same across multiple boxes. On older installs all users were made part of the users group: (July 2011 install) [08:31 nirvana:/etc/httpd/conf] # grep users /etc/group users:x:100:david,anna,blah,blah,blah (New install) [08:45 phoinix:/etc] # grep users /etc/group users:x:100: Is this expected behavior, or has something gone wrong with the install? I ask because https://wiki.archlinux.org/index.php/Cron#Users_and_autostart suggest that all users should already be members of the 'users' group. I don't mind manually adding the users, but if this is a bug, I'll report it. In short, this is OK; your user doesn't need to be mentioned in /etc/groups after his primary group. If he is mentioned, then the primary group is also his supplementary one (which is anyway automatic). GID=100 (users) is a primary group, see /etc/defaults/useradd. The primary group info is stored in /etc/passwd (userid:x:UID:primary_GID:...), so the users:x:100:entry in /etc/group is dummy and AFAIU exists only to make useradd happy. This is done to save space in /etc/group on systems with large number of users. My speculation would be that in 2011, you ran useradd -m -g users -G users,audio,... david. The correct call shouldn't contain users after -G. Cheers, -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature
Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
[2013-12-04 12:57:23 -0600] Leonid Isaev: On Wed, 04 Dec 2013 09:16:46 -0600 David C. Rankin drankina...@suddenlinkmail.com wrote: In the past with arch installs, new users have always been added to the 'users' group. Now that is not being done. In short, this is OK; your user doesn't need to be mentioned in /etc/groups after his primary group. If he is mentioned, then the primary group is also his supplementary one (which is anyway automatic). A while back, the default primary group for all new users was users. It's not anymore: an individual group is created for each new user. One can disable USERGROUPS_ENAB in login.defs to get the old behavior. This is done to save space in /etc/group on systems with large number of users. So each user gets a home directory, generates log info under /var/log upon login/logout, /etc/passwd and /etc/shadow grow linearly in the number of users, but we are going to shave a few bytes off /etc/group? That's hard to believe. -- Gaetan pgpW71wwcQvss.pgp Description: PGP signature
Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/04/2013 09:10 PM, Gaetan Bisson wrote: A while back, the default primary group for all new users was users. It's not anymore: an individual group is created for each new user. One can disable USERGROUPS_ENAB in login.defs to get the old behavior. This is done to save space in /etc/group on systems with large number of users. So each user gets a home directory, generates log info under /var/log upon login/logout, /etc/passwd and /etc/shadow grow linearly in the number of users, but we are going to shave a few bytes off /etc/group? That's hard to believe. Gaetan, Thanks, glad to know I wasn't going nuts. I prefer individual groups created for each user and have a set of scripts that did that for Arch to keep my UID/GID for each user the same across multiple boxes. Eg. #!/bin/bash ## normal groups to add to system groupadd -g 1061 deborah groupadd -g 1062 zachry snip ## create users and assign groups useradd -u 1001 -g deborah -c Full Name -m deborah echo -e \n Setting password for user deborah: pwexit=1 while [[ $pwexit != 0 ]]; do passwd deborah pwexit=$? done unset pwexit useradd -u 1002 -g zachry -c Full Name -m zachry echo -e \n Setting password for user zachry: snip One question though, the USERGROUPS_ENAB flag seems self-explanatory, but the comments above the flag say: # # Enable setting of the umask group bits to be the same as owner bits # (examples: 022 - 002, 077 - 007) for non-root users, if the uid is # the same as gid, and username is the same as the primary group name. # # This also enables userdel to remove user groups if no members exist. # So, in addition to insuring umask group bits are the same as owner bits for non-root users, this setting controls whether new users are automatically added to the 'users' group by default with useradd? Because the behavior I saw from useradd prior to this change was that all users were added to the 'users' group even when a primary group was specified with -g. As long as nothing is using the 'users' group as a check like the cronie web-page seemed to suggest, then I guess there is no impact aside from saving a few bits in /etc/group. Thank you for the explanation. - -- David C. Rankin, J.D.,P.E. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKf/TgACgkQZMpuZ8CyrcgIxACeLwHfesXTVpDiXAJJNy5ASl9W jIEAnAtwl9tKw3DvSvymXYwVLeH2t7PP =QJr/ -END PGP SIGNATURE-
Re: [arch-general] New users not automatically added to 'users' group if -g default group specified?
[2013-12-04 22:12:40 -0600] David C. Rankin: One question though, the USERGROUPS_ENAB flag seems self-explanatory, but the comments above the flag say: # # Enable setting of the umask group bits to be the same as owner bits # (examples: 022 - 002, 077 - 007) for non-root users, if the uid is # the same as gid, and username is the same as the primary group name. # # This also enables userdel to remove user groups if no members exist. # So, in addition to insuring umask group bits are the same as owner bits for non-root users, this setting controls whether new users are automatically added to the 'users' group by default with useradd? See the man page to useradd: If not specified, the behavior of useradd will depend on the USERGROUPS_ENAB variable in /etc/login.defs. If this variable is set to yes (or -U/--user-group is specified on the command line), a group will be created for the user, with the same name as her loginname. If the variable is set to no (or -N/--no-user-group is specified on the command line), useradd will set the primary group of the new user to the value specified by the GROUP variable in /etc/default/useradd, or 100 by default. -- Gaetan pgpMb99USETA3.pgp Description: PGP signature
