[Pkg-shadow-devel] Bug#282822: Use of USERGROUPS_ENAB?

Christian Perrier bubulle at debian.org
Tue Sep 27 16:33:02 UTC 2005 

tags 282822 patch
thanks

I'm afraid I don't really understand the real purpose of
USERGROUPS_ENAB if there's still one.

It is not documented in login.defs(5) and only a few utilities such as
userdel and a piece of code in limits seem to use it....this piece of
code being used only in non-PAM enviroonments

Is there still a point in providing what we currenly have in the
default login.defs file:

#
# Enable setting of the umask group bits to be the same as owner bits
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
# the same as gid, and username is the same as the primary group name.
#
# This also enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes


I'm inclined to move this to the "obsoleted by PAM" section.

The only thing that prevents me doing so is the variable being used in
userdel.c even in PAM environments. If we keep it we should however
change the comment:

# This enables userdel to remove user groups if no members exist.
#
# Other former uses of this variables such as setting the umask when
# user==primary group are not used in PAM environments, thus in Debian
#
USERGROUPS_ENAB yes

Patch attached, please comment.

PS: the man pages of both login(1) and login.defs(5) do not advertise
this variable anymore.

-- 


-------------- next part --------------
--- login.defs	2005-09-14 14:33:33.727212085 +0200
+++ login.defs.new	2005-09-27 18:31:33.348326051 +0200
@@ -243,11 +243,10 @@
 #GETPASS_ASTERISKS 1
 
 #
-# Enable setting of the umask group bits to be the same as owner bits
-# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
-# the same as gid, and username is the same as the primary group name.
+# This enables userdel to remove user groups if no members exist.
 #
-# This also enables userdel to remove user groups if no members exist.
+# Other former uses of this variables such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
 #
 USERGROUPS_ENAB yes

More information about the Pkg-shadow-devel mailing list