[Pkg-shadow-devel] Support for -n in useradd

Nicolas François nicolas.francois at centraliens.net
Fri Feb 8 14:13:42 UTC 2008 

Hello,


I would like to fix the handling of the -n flag in useradd for the next
release.

One problem with that flag is that it does not have the same meaning in all
distributions. Here are some background information:

 * upstream
   There is an nflg variable, but it is never set, and -n is neither
   documented nor accepted by useradd.
   Moreover, the comment "create a group having the same name as the user"
   differs from how the nflg variable is used.
 * debian
   the 407_adduser_disable_PUG_with-n patch adds support for the -n flag,
   which only set the nflg variable.
   It also documents the -n flag in the useradd manpage.
 * fedora
   The shadow-4.0.17-redhat.patch patch adds support for the -n flag, and
   documents -n in the manpage and usage.
   It also removes one error message, which should not be reported as an
   error in case the -n flag is used.
 * gentoo
   The shadow-4.0.16-fix-useradd-usergroups.patch patch adds support for the
   -n flag.
   It aso takes into account the USERGROUPS_ENAB variable.
   It considers -n means that useradd should not create a group with the same
   name.
   This behavior is documented in the usage.
   The -n flag is associated to the long option --user-group


The ideal implementation would probably be a mix of all this:
 * Use USERGROUPS_ENAB to indicate if creating a per user group should be the
   default behavior or not
 * Use a --user-group to force the creation of a usergroup
 * Use a --no-user-group to force not creating a usergroup
 * map -n to --no-user-group
 * map ?? to --user-group
 * documentation
   + in the source
   + in the usage
   + in the manpage
   + in the comment of the GROUP variable of /etc/default/useradd
 * use USERGROUPS_ENAB in the other tools which create users (e.g. newusers)

Of course we are not in an ideal world, and I would like to propose a variant
of that solution, which is to acknowledge the mess with -n, and map
--no-user-group to another short option, let distributions support -n with
their any meaning for backward compatibility (and mention that -n should be
deprecated), and let distribution choose their own default value for
USERGROUPS_ENAB.

 -U and -N seem to be available for these two options


What are your opinion on this?

Best Regards,
-- 
Nekral

More information about the Pkg-shadow-devel mailing list