[Pkg-shadow-devel] Bug#251926: newgrp/gpasswd don't work as expected

Nicolas François Nicolas François , 251926@bugs.debian.org
Fri, 1 Apr 2005 00:13:06 +0200


On Mon, May 31, 2004 at 08:31:31PM +0200, martin f krafft wrote:
> I am moderately sure that this is a bug, but I'd love to be proven
> wrong.

I will try;), but I need some precisions.

(anyway, I concur in thinking their man pages should be updated).

> According to gpasswd(1) and newgrp(1), access to a new group can be
> (a) disabled [gpasswd -R], (b) granted only to members (without
> password) [gpasswd -r], (c) granted to everyone, members don't need
> a password [gpasswd to set a password].
> 
> However, none of these work. Only (a) and (c) work. However, (a)
> allows users access to new groups, but only if they enter the
> password. (b) does not work whatsoever. Even members are prompted
> for passwords, but obviously no passwords work.

a) yes, a password is asked (like for disabled login).  This is IMHO
   not a bug.
   I will indicate in the man page that only access with password is
   disabled. members will still be able to switch to this group).

b) Are you sure newgrp didn't work?  No password is asked in this
   situation.  You can check the result with 'id'.  Make sure you didn't
   edited /etc/group by hand (or also modify /etc/gshadow).

c) also works for me

> Nevertheless, (a) and (b) create new shells. Weird, huh?

The newgrp man page indicates that a new login session is created.  So, on
success, a new shell is executed.
Did b) created a new shell on failure?  Again, are you sure it failed, did
you check with 'id' (sorry for being insistent).


Thanks in advance,
-- 
Nekral