[arch-general] New users not automatically added to 'users' group if -g default group specified?
David C. Rankin
drankinatty at suddenlinkmail.com
Wed Dec 4 23:12:40 EST 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 12/04/2013 09:10 PM, Gaetan Bisson wrote:
> A while back, the default primary group for all new users was "users".
> It's not anymore: an individual group is created for each new user.
> One can disable USERGROUPS_ENAB in login.defs to get the old behavior.
>> > This is done to save space in /etc/group on systems with large
>> > number of users.
> So each user gets a home directory, generates log info under /var/log
> upon login/logout, /etc/passwd and /etc/shadow grow linearly in the
> number of users, but we are going to shave a few bytes off /etc/group?
> That's hard to believe.
Thanks, glad to know I wasn't going nuts. I prefer individual groups created
for each user and have a set of scripts that did that for Arch to keep my
UID/GID for each user the same across multiple boxes. Eg.
## normal groups to add to system
groupadd -g 1061 deborah
groupadd -g 1062 zachry
## create users and assign groups
useradd -u 1001 -g deborah -c "Full Name" -m deborah
echo -e "\n Setting password for user deborah:"
while [[ $pwexit != 0 ]]; do
useradd -u 1002 -g zachry -c "Full Name" -m zachry
echo -e "\n Setting password for user zachry:"
One question though, the USERGROUPS_ENAB flag seems self-explanatory, but the
comments above the flag say:
# Enable setting of the umask group bits to be the same as owner bits
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
# the same as gid, and username is the same as the primary group name.
# This also enables userdel to remove user groups if no members exist.
So, in addition to insuring umask group bits are the same as owner bits for
non-root users, this setting controls whether new users are automatically added
to the 'users' group by default with useradd?
Because the behavior I saw from useradd prior to this change was that all
users were added to the 'users' group even when a primary group was specified
As long as nothing is using the 'users' group as a check like the cronie
web-page seemed to suggest, then I guess there is no impact aside from saving a
few bits in /etc/group. Thank you for the explanation.
David C. Rankin, J.D.,P.E.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the arch-general