Nicolas> The newgrp man page was modified in unstable. The paragraph you Nicolas> mentioned is now:
Nicolas> newgrp changes the current real group ID to the named group, Nicolas> or to the default group listed in /etc/passwd if no group name Nicolas> is given. newgrp also tries to add the group to the user Nicolas> groupset. If not root, the user will be prompted for a password Nicolas> if she do not have a password and the group does, or if the Nicolas> user is not listed as a member and the group has a password. Nicolas> The user will be denied access if the group password is empty Nicolas> and the user is not listed as a member. If compiled with Nicolas> SHADOW- PWD (respectively SHADOWGRP) defined, the password of Nicolas> the user (respec- tively, the password and the members of the Nicolas> group) will be overwritten by the value defined in /etc/shadow Nicolas> (respectively in /etc/gshadow) if an entry exists for this user Nicolas> (resp. group). Nicolas> Do you think the end of the paragraph is clear enough? (We are Nicolas> in the "compiled with SHADOWGRP" case, so "the password and the Nicolas> members of the group" are "overwritten by the value defined in Nicolas> /etc/gshadow" because "an entry exists for the src group". Thanks for your patient and clear explanation. However: - No, your man page patch is not enough. The most important thing to stress is that the group membership information must be duplicated in gshadow. (or maybe that is the _only_ file that counts and group is ignored?) That's because this situation differs from the passwd/shadow pair; I don't need to duplicate, e.g., users' shell, home directory or even primary group in shadow. So mine was a natural and easy mistake to make. - Even if documented, this situation still looks like a bug. What is the rationale for hiding the membership info in gshadow? After all, the primary group is plain for all to see in passwd. - I wanted to complain that adding a supplementary group via the tools was a pain, and it was with usermod (I had to find out the current list of groups, then list them all again plus the new one on the usermod command line). But now I see "adduser <user> <group>" in man adduser. Well, good to know; I hope I can remember that, adduser program name doesn't really help <frown> Peace, Ian -- Optimist: We're only two weeks behind schedule. Pessimist: The schedule is a whole two weeks ahead of us. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
