12:28 <ivandi> beerman: farkuhar: me thinks gid 1000 is for the group with the same name as username. that is the default (see man page: --no-user-group, USERGROUPS_ENAB)

12:30 <ivandi> uid=1000(ivandi) gid=1000(ivandi) groups=1000(ivandi),100(users)

12:31 <ivandi> umask 002

12:37 <farkuhar> ivandi: i think that's what stenur was saying too. A group with the same name as the user would normally be created, except that we deploy login.defs with "USERGROUPS_ENAB no".

12:39 <ivandi> not sure if login.defs is used with PAM

12:43 <farkuhar> just checked a Debian system yesterday, and it has "users::100" in /etc/group the same as CRUX does. So it should be fine to leave /etc/group the way it is, but then the gid assigned by useradd (without the -g switch) might not have an associated group name.

13:21 <SiFuh> farkuhar: users:*:10: <- OpenBSD

13:40 <SiFuh> farkuhar: slackware, voidlinux, debian are users:100

14:21 <farkuhar> SiFuh: thanks. Curiously, another OpenBSD system I just logged into has *two* entries for the 'users' group, one with gid 10, the other with gid 100.

14:24 <SiFuh> Strange haha

14:45 <farkuhar> anyway, it would help if we knew the exact command jaeger entered (on that clean installation of CRUX 3.7), before speculating further about useradd behaviour and the defaults shipped with our ports.

15:33 <jaeger> Generally I use this: useradd -G audio,video,disk,dialout,cdrom,pkgmk,input -s /bin/bash -m jaeger

15:33 <jaeger> Not specifying the primary group

15:34 <jaeger> Could easily change to adding it, just used to default to users

15:38 <SiFuh> wheel dialout audio video floppy tape scanner cdrom wireshark users admin vboxusers pulse :-)

17:04 <stenur> nah i have some shared directories which are 7775 and belong to according groups, shared, doc, code, vm, media, ports.

17:05 <stenur> too bad one cannot enforce "deowning" by definition for some directories

18:22 <farkuhar> "just used to default to users" *does* describe the behaviour of useradd prior to the 2-year-old commit that beerman discovered in the git log for shadow. At that time 100 was the default gid (when not overridden on the command line or elsewhere), coinciding with the typical line "users::100" in /etc/group.

18:24 <farkuhar> so "defaulting to users" was merely a side effect, unless the developers of shadow looked at what all the distros were putting in their /etc/group and decided that 100 was a sane default gid.

18:33 <SiFuh> farkuhar: didn't stenur mention /etc/login.defs ?

18:39 <SiFuh> Just in case you are curious you can check out line 15 of core/dcron/Pkgfile

18:52 <jaeger> yeah, it's fine, I can just start using a group at 1000 or change the gid

19:00 <farkuhar> or we could set "USERGROUPS_ENAB yes" in the login.defs that we deploy with the shadow port. That setting would ensure that useradd never assigns a primary gid that has no corresponding entry in /etc/group.

19:02 <SiFuh> Hehe, was wondering when you'd find that.

19:03 <jaeger> fine by me, no strong preference

19:04 <SiFuh> I am not sure why decided to go this way, but I can only guess they got annoyed with moving home directories between machines and they had different UID/GIDs

22:12 <farkuhar> I hesitated to push for changes to login.defs out of concern that they might break some pre-install scripts. Modifying our /etc/group to have "users::1000" seemed safer. But after looking at all the pre-install scripts, I don't think any of them would break by setting "USERGROUPS_ENAB yes".