[Adduser-devel] Bug#583976: alligning UID==GID for user private groups
C. Gatzemeier
c.gatzemeier at tu-bs.de
Mon May 31 21:49:40 UTC 2010
Package: adduser
(Filing this, to track the TODOs from the discussion that followed
http://lists.debian.org/debian-devel/2010/05/msg00887.html)
Am Wed, 26 May 2010 08:40:26 +0100
schrieb Stephen Gran <sgran at debian.org>:
> This one time, at band camp, Steve Langasek said:
> > On Tue, May 25, 2010 at 11:30:49PM +0100, Stephen Gran wrote:
> > > This one time, at band camp, Michael Banck said:
> >
> > > > Seems worthwhile to change adduser how you suggest to me, is
> > > > there a bug filed to this end?
> >
> > > adduser has had bugs filed in the past asking for uid to be equal
> > > to gid by default, and I have so far rejected them as not worth
> > > the complexity for the aesthetic pleasure of having numbers
> > > match. Is there some problem with username == primary group name?
> >
> > pam_umask requires both username == primary group name and uid ==
> > gid before it will assume UPG are in place when using its
> > 'usergroups' option, and I am not willing to diverge from upstream
> > on this as this would mean admins coming from other systems may get
> > an unpleasant surprise when they find that Debian gives a more
> > relaxed umask than they were expecting in some corner cases.
> >
> > So either someone should convince Linux-PAM upstream to change the
> > behavior of pam_umask, or adduser should enforce the same rules as
> > other implementations, if pam_umask is to be involved here. Beyond
> > that, I have no particular opinion on this question.
>
> That's the first useful argument I've heard for changing adduser's
> behavior. Interoperability with other software is a useful goal, and
> when I was arguing it wasn't worth the complexity, either pam_umask
> didn't exist or I was unaware of it. I'll try to get this change into
> squeeze.
More information about the Adduser-devel
mailing list