The issue was introduced with https://github.com/shadow- maint/shadow/pull/237
Basically, the previous group validation was done using glibc's getgrid directly, which was presumably coping well with the RO status of /etc/group, but that poses consistency problems because you could add a local user to a network group. That PR changed this to only check the local /etc/group file contents manually instead. Sadly, it doesn't cope well with our extrausers feature on multiple levels: * The manual code fails hard if it can't lock the files * We presumably have local groups defined in multiple places, which the code doesn't allow for. A quickfix would be: * Move the validation to until *after* parsing all of the options * Revert back to the previous approach to validate groups if in extrausers mode A more involved fix would be to replace that with an approach that would check both /etc/group and the extrausers equivalent when validating groups, while silently ignoring locking failures. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063200 Title: useradd --extrausers --groups tries to lock /etc/group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/2063200/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
