Fabrice Lorrain
2008-Nov-11 13:13 UTC
Bug#453086: adduser --system --group should ensure uid==gid
Hello, While "playing" with BTS #493988, I discover the following comportement of adduser : If you got foogroup with gid > 1000 # adduser --system --group foogroup Doesn''t enforce/warn/exit that foogroup isn''t in the system GID range. This doesn''t seems in par with the documentation. The documentation also indicates that GID should be the same as UID, from adduser(1) : "...By default, system users are placed in the nogroup group. To place the new system user in an already existing group, use the --gid or --ingroup options. To place the new system user in a new group with the same ID, use the --group option... --group When combined with --system, a group with the same name and ID as the system user is created. If not combined with --system, a group with the given name is created. This is the default action if the program is invoked as addgroup." And from policy 9.2.2. : "9.2.2. UID and GID classes -------------------------- The UID and GID numbers are divided into classes as follows: ... 100-999: Dynamically allocated system users and groups. Packages which need a user or group, but can have this user or group allocated dynamically and differently on each system, should use `adduser --system'' to create the group and/or user. `adduser'' will check for the existence of the user or group, and if necessary choose an unused id based on the ranges specified in `adduser.conf''." FYI, on my sid box I''ve ~10 package using "adduser --system --group" in /var/lib/dpkg/info. A ping to devel to check what the expected behaviour is might be appropriate. @+, Fab