[Pkg-shadow-devel] Bug#647308: Bug#647308: Bug#647308: Bug#647308: passwd: groupmod modifies users, not just groups

Nicolas François nicolas.francois at centraliens.net
Thu Nov 10 22:54:49 UTC 2011


Here is how I understand your use case:
 * You have a user, and you want to keep its primary group GID
 * You want to reuse the name of the primary group for a different group
   (with a different GID, and unrelated to the user)

For this use case, I would use the following 2 commands:
 * groupmod -n sf-dustfinger.old sf-dustfinger
 * groupadd sf-dustfinger

The default behavior of groupmod should not be changed.
So with an additional switch, you would still have to find out when to
use the switch and when not. I do not think this would be simpler than the
above 2 commands. And this would have the risk to let your system in an
inconsistent state.

On Wed, Nov 09, 2011 at 09:37:28PM +0100, schmorp at schmorp.de wrote:
> You can already change the users group in the password database with usermod
> without affecting the group database.

With usermod, you change a user.

Changing the user's primary group does not impact the group databases
because the key to identify a user in the group databases is the user's
name. The user's primary group is not repeated in the group databases.

But if you change the user's name with usermod -l, then the group
databases may be changed.

For the same reason, groupmod may change /etc/passwd when a GID is changed
because this file references groups by GID.

The behavior of usermod and groupmod with that regard are consistent.

> But you cannot change a group definition without affecting the user
> database.

The current logic is: any place where the group is referenced, the group
is updated according to the requested changes.

If the files group ownership are not changed, this is the bug. It is not
yet fixed because of the complexity, and is documented.

Best Regards,

More information about the Pkg-shadow-devel mailing list