root
2008-Sep-16 07:52 UTC
Bug#499105: after adduser <foo> <group>, the user root has no groups
Package: adduser Version: 3.102 Severity: grave Justification: causes non-serious data loss i use SSH on my hosts with the feature to limit login to a special group. So to login as root to a host, root has to be member of a group e.g. sshers adduser has the "feature" to lose all groups of root, after adding some other user to a random group. this is really grave. - it makes backup scripts not working anymore - it may deny access to the machine if this _is_ a feature, a warning of "dropping" groups would be nice. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, ''stable'') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.26-bpo.1-vserver-amd64 Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages adduser depends on: ii debconf [debconf-2.0] 1.5.11etch2 Debian configuration management sy ii passwd 1:4.0.18.1-7 change and administer password and ii perl-base 5.8.8-7etch3 The Pathologically Eclectic Rubbis adduser recommends no packages. -- debconf information: * adduser/homedir-permission: true
Stephen Gran
2008-Sep-16 13:20 UTC
[Adduser-devel] Bug#499105: Bug#499105: after adduser <foo> <group>, the user root has no groups
This one time, at band camp, root said:> i use SSH on my hosts with the feature to limit login to a special group. > So to login as root to a host, root has to be member of a group e.g. sshers > > adduser has the "feature" to lose all groups of root, after adding some other user > to a random group. > > this is really grave. > - it makes backup scripts not working anymore > - it may deny access to the machine > > if this _is_ a feature, a warning of "dropping" groups would be nice.The code has changed in later versions - can you pull the version in Lenny and test again? Thanks, -- ----------------------------------------------------------------- | ,''''`. Stephen Gran | | : :'' : sgran at debian.org | | `. `'' Debian user, admin, and developer | | `- http://www.debian.org | ----------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20080916/e4f618e3/attachment.pgp