-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/04/2013 09:10 PM, Gaetan Bisson wrote: > A while back, the default primary group for all new users was "users". > It's not anymore: an individual group is created for each new user. > > One can disable USERGROUPS_ENAB in login.defs to get the old behavior. > >> > This is done to save space in /etc/group on systems with large >> > number of users. > So each user gets a home directory, generates log info under /var/log > upon login/logout, /etc/passwd and /etc/shadow grow linearly in the > number of users, but we are going to shave a few bytes off /etc/group? > That's hard to believe. Gaetan, Thanks, glad to know I wasn't going nuts. I prefer individual groups created for each user and have a set of scripts that did that for Arch to keep my UID/GID for each user the same across multiple boxes. Eg. #!/bin/bash ## normal groups to add to system groupadd -g 1061 deborah groupadd -g 1062 zachry <snip> ## create users and assign groups useradd -u 1001 -g deborah -c "Full Name" -m deborah echo -e "\n Setting password for user deborah:" pwexit=1 while [[ $pwexit != 0 ]]; do passwd deborah pwexit=$? done unset pwexit useradd -u 1002 -g zachry -c "Full Name" -m zachry echo -e "\n Setting password for user zachry:" <snip> One question though, the USERGROUPS_ENAB flag seems self-explanatory, but the comments above the flag say: # # Enable setting of the umask group bits to be the same as owner bits # (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is # the same as gid, and username is the same as the primary group name. # # This also enables userdel to remove user groups if no members exist. # So, in addition to insuring umask group bits are the same as owner bits for non-root users, this setting controls whether new users are automatically added to the 'users' group by default with useradd? Because the behavior I saw from useradd prior to this change was that all users were added to the 'users' group even when a primary group was specified with -g. As long as nothing is using the 'users' group as a check like the cronie web-page seemed to suggest, then I guess there is no impact aside from saving a few bits in /etc/group. Thank you for the explanation. - -- David C. Rankin, J.D.,P.E. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKf/TgACgkQZMpuZ8CyrcgIxACeLwHfesXTVpDiXAJJNy5ASl9W jIEAnAtwl9tKw3DvSvymXYwVLeH2t7PP =QJr/ -----END PGP SIGNATURE-----
