jaeger changed the topic of #crux-devel to: CRUX (https://crux.nu/) development channel | Logs: https://libera.irclog.whitequark.org/crux-devel/
farkuhar has left #crux-devel [#crux-devel]
<ivandi> beerman: farkuhar: me thinks gid 1000 is for the group with the same name as username. that is the default (see man page: --no-user-group, USERGROUPS_ENAB)
<ivandi> uid=1000(ivandi) gid=1000(ivandi) groups=1000(ivandi),100(users)
<ivandi> umask 002
dlcusa has quit [Ping timeout: 255 seconds]
farkuhar has joined #crux-devel
<farkuhar> ivandi: i think that's what stenur was saying too. A group with the same name as the user would normally be created, except that we deploy login.defs with "USERGROUPS_ENAB no".
<ivandi> not sure if login.defs is used with PAM
<farkuhar> just checked a Debian system yesterday, and it has "users::100" in /etc/group the same as CRUX does. So it should be fine to leave /etc/group the way it is, but then the gid assigned by useradd (without the -g switch) might not have an associated group name.
<SiFuh> farkuhar: users:*:10: <- OpenBSD
<SiFuh> farkuhar: slackware, voidlinux, debian are users:100
<farkuhar> SiFuh: thanks. Curiously, another OpenBSD system I just logged into has *two* entries for the 'users' group, one with gid 10, the other with gid 100.
<SiFuh> Strange haha
<farkuhar> anyway, it would help if we knew the exact command jaeger entered (on that clean installation of CRUX 3.7), before speculating further about useradd behaviour and the defaults shipped with our ports.
<jaeger> Generally I use this: useradd -G audio,video,disk,dialout,cdrom,pkgmk,input -s /bin/bash -m jaeger
<jaeger> Not specifying the primary group
<jaeger> Could easily change to adding it, just used to default to users
<SiFuh> wheel dialout audio video floppy tape scanner cdrom wireshark users admin vboxusers pulse :-)
<stenur> nah i have some shared directories which are 7775 and belong to according groups, shared, doc, code, vm, media, ports.
<stenur> too bad one cannot enforce "deowning" by definition for some directories
<farkuhar> "just used to default to users" *does* describe the behaviour of useradd prior to the 2-year-old commit that beerman discovered in the git log for shadow. At that time 100 was the default gid (when not overridden on the command line or elsewhere), coinciding with the typical line "users::100" in /etc/group.
<farkuhar> so "defaulting to users" was merely a side effect, unless the developers of shadow looked at what all the distros were putting in their /etc/group and decided that 100 was a sane default gid.
<SiFuh> farkuhar: didn't stenur mention /etc/login.defs ?
<SiFuh> Just in case you are curious you can check out line 15 of core/dcron/Pkgfile
<jaeger> yeah, it's fine, I can just start using a group at 1000 or change the gid
<farkuhar> or we could set "USERGROUPS_ENAB yes" in the login.defs that we deploy with the shadow port. That setting would ensure that useradd never assigns a primary gid that has no corresponding entry in /etc/group.
<SiFuh> Hehe, was wondering when you'd find that.
<jaeger> fine by me, no strong preference
<SiFuh> I am not sure why decided to go this way, but I can only guess they got annoyed with moving home directories between machines and they had different UID/GIDs
<farkuhar> I hesitated to push for changes to login.defs out of concern that they might break some pre-install scripts. Modifying our /etc/group to have "users::1000" seemed safer. But after looking at all the pre-install scripts, I don't think any of them would break by setting "USERGROUPS_ENAB yes".