Adduser devel - May 2010 - Bug#583976: alligning UID==GID for user private groups

Package: adduser

(Filing this, to track the TODOs from the discussion that followed
http://lists.debian.org/debian-devel/2010/05/msg00887.html)

Am Wed, 26 May 2010 08:40:26 +0100
schrieb Stephen Gran <sgran at debian.org>:
> This one time, at band camp, Steve Langasek said:
> > On Tue, May 25, 2010 at 11:30:49PM +0100, Stephen Gran wrote:
> > > This one time, at band camp, Michael Banck said:
> > 
> > > > Seems worthwhile to change adduser how you suggest to me, is
> > > > there a bug filed to this end?
> > 
> > > adduser has had bugs filed in the past asking for uid to be equal
> > > to gid by default, and I have so far rejected them as not worth
> > > the complexity for the aesthetic pleasure of having numbers
> > > match.  Is there some problem with username == primary group
name?
> > 
> > pam_umask requires both username == primary group name and uid =>
> gid before it will assume UPG are in place when using its
> > ''usergroups'' option, and I am not willing to diverge
from upstream
> > on this as this would mean admins coming from other systems may get
> > an unpleasant surprise when they find that Debian gives a more
> > relaxed umask than they were expecting in some corner cases.
> > 
> > So either someone should convince Linux-PAM upstream to change the
> > behavior of pam_umask, or adduser should enforce the same rules as
> > other implementations, if pam_umask is to be involved here.  Beyond
> > that, I have no particular opinion on this question.
> 
> That''s the first useful argument I''ve heard for changing
adduser''s
> behavior.  Interoperability with other software is a useful goal, and
> when I was arguing it wasn''t worth the complexity, either
pam_umask
> didn''t exist or I was unaware of it.  I''ll try to get
this change into
> squeeze.

On Mon, May 31, 2010 at 11:49:40PM +0200, C. Gatzemeier
wrote:
> Am Wed, 26 May 2010 08:40:26 +0100
> schrieb Stephen Gran <sgran at debian.org>:
> > This one time, at band camp, Steve Langasek said:
> > > On Tue, May 25, 2010 at 11:30:49PM +0100, Stephen Gran wrote:
> > > > This one time, at band camp, Michael Banck said:
> > > 
> > > > > Seems worthwhile to change adduser how you suggest to
me, is
> > > > > there a bug filed to this end?
> > > 
> > > > adduser has had bugs filed in the past asking for uid to be
equal
> > > > to gid by default, and I have so far rejected them as not
worth
> > > > the complexity for the aesthetic pleasure of having numbers
> > > > match.  Is there some problem with username == primary group
name?
> > > 
> > > pam_umask requires both username == primary group name and uid
=> > > gid before it will assume UPG are in place when using its
> > > ''usergroups'' option, and I am not willing to
diverge from upstream
> > > on this as this would mean admins coming from other systems may
get
> > > an unpleasant surprise when they find that Debian gives a more
> > > relaxed umask than they were expecting in some corner cases.
> > > 
> > > So either someone should convince Linux-PAM upstream to change
the
> > > behavior of pam_umask, or adduser should enforce the same rules
as
> > > other implementations, if pam_umask is to be involved here. 
Beyond
> > > that, I have no particular opinion on this question.
> > 
> > That''s the first useful argument I''ve heard for
changing adduser''s
> > behavior.  Interoperability with other software is a useful goal, and
> > when I was arguing it wasn''t worth the complexity, either
pam_umask
> > didn''t exist or I was unaware of it.  I''ll try to
get this change into
> > squeeze.
So the idea would be to iterate through the number space until a
number is found that is free both as a UID and a GID if it is
requested to create a user and the corresponding, identically named
group?

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062