Ken Moffat wrote: > On Tue, Apr 22, 2014 at 11:28:32AM -0700, bdu...@higgs.linuxfromscratch.org > wrote: >> Author: bdubbs >> Date: Tue Apr 22 11:28:32 2014 >> New Revision: 10546 >> >> Log: >> Update users so all acl tests pass >> > >> >> Modified: trunk/BOOK/chapter06/shadow.xml >> ============================================================================== >> --- trunk/BOOK/chapter06/shadow.xml Tue Apr 22 07:58:15 2014 (r10545) >> +++ trunk/BOOK/chapter06/shadow.xml Tue Apr 22 11:28:32 2014 (r10546) >> @@ -72,6 +72,11 @@ >> <screen role="nodump"><userinput>sed -i >> 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' >> etc/login.defs</userinput></screen> >> </note> >> >> + <para>Make a minor change to make the default useradd consistent with >> the LFS >> + groups file:</para> >> + >> +<screen><userinput remap="pre">sed -i 's/1000/999/' >> etc/useradd</userinput></screen> >> + >> <para>Prepare Shadow for compilation:</para> >> >> <screen><userinput remap="configure">./configure >> --sysconfdir=/etc</userinput></screen> > > Why 999 instead of 1000 ? > > I've had a users group in my own builds for years, probably derived > from fedora, and it has always been 1000. Shadow is now maintained > by debian, no ? So the fact that it too uses 1000 implies many > people will already use 1000 for the group owning their files. > > OK, you can set up a completely new set of groups in the LFS > system, but if you share /home between the original host system and > LFS (e.g. until you feel confident that LFS is the right way for > you) then this justs adds unnecessary change.
I put in 999 because it keeps useradd from giving a warning message the first time useradd is run on a base LFS system. It also makes the first useradd create UIDs and GIDs the same number. Perhaps we should ignore that issue. But is it OK (esthetically, not technically) to have a users group of 1000 and the first user with a UID of 1000 and a GID of 1001? Note that the only reason we do any of this is that the acl tests insist on a group with the name users. One alternative may be to hack the test code to use some other group that already exists. Perhaps: sed -i 's/:users/:dialout/' test/misc.test I haven't tried it, but then a 'users' group wouldn't be needed and we could revert that change in shadow. My personal approach is usually to just copy passwd/group/shadow from the old system to the new, but a new user will probably want to just use useradd. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page