From 7f13657de1ca21bcd94830df21a5b48efbd89e97 Mon Sep 17 00:00:00 2001 From: Pierre Labastie Date: Tue, 4 Jan 2022 12:34:59 +0100 Subject: [PATCH 1/5] shadow: move /etc/default/useradd creation to "Configuration" This is needed so that /etc/default/useradd is not removed by package managers when rebuilding shadow in BLFS. Change the explanations in the text accordingly. --- chapter08/shadow.xml | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index b7b77d16b..b6587e0b1 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -143,9 +143,7 @@ find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;Install the package: make exec_prefix=/usr install -make -C man install-man -mkdir -p /etc/default -useradd -D --gid 999 +make -C man install-man @@ -174,23 +172,30 @@ useradd -D --gid 999 grpconv - Shadow's stock configuration for the useradd + Shadow's default configuration for the useradd utility has a few caveats that need some explanation. First, the default action for the useradd utility is to create the user and a group of the same name as the user. By default the user ID (UID) and group ID (GID) numbers will begin with 1000. This means if you don't pass parameters to useradd, each user will be a member of a unique group on the system. If this behavior is undesirable, you'll need - to pass the -g parameter to - useradd. The default parameters are stored in the - /etc/default/useradd file. You may need to modify two - parameters in this file to suit your particular needs. + to pass one of the -g or -N + parameter to useradd or to change the setting of + USERGROUPS_ENAB in + /etc/login.defs. See useradd(8) + for more information. + + Second, to change the default parameters, the file + /etc/default/useradd needs to be created and taylored + to suit your particular needs. Create it with: +mkdir -p /etc/default +useradd -D --gid 999 <filename>/etc/default/useradd</filename> Parameter Explanations - GROUP=1000 + GROUP=999 This parameter sets the beginning of the group numbers used in the /etc/group file. You can modify it to anything you desire. Note @@ -215,13 +220,12 @@ useradd -D --gid 999 created by useradd, issue the following command: -sed -i 's/yes/no/' /etc/default/useradd +sed -i '/MAIL/s/yes/no/' /etc/default/useradd - From 2b3f5219bc51250337c78571efe69abdc0ffc9e0 Mon Sep 17 00:00:00 2001 From: Pierre Labastie Date: Tue, 4 Jan 2022 17:53:09 +0100 Subject: [PATCH 2/5] Reword explanation of GROUP parameter in /etc/default/useradd Tell that 999 comes from the --gid parameter, and that we already have a group "users" with this gid to prevent messages when first using useradd. --- chapter08/shadow.xml | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index b6587e0b1..810e77969 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -188,6 +188,7 @@ make -C man install-man Second, to change the default parameters, the file /etc/default/useradd needs to be created and taylored to suit your particular needs. Create it with: + mkdir -p /etc/default useradd -D --gid 999 @@ -198,15 +199,20 @@ useradd -D --gid 999 GROUP=999 This parameter sets the beginning of the group numbers used in - the /etc/group file. You can modify it to anything you desire. Note - that useradd will never reuse a UID or GID. If the + the /etc/group file. The particular value 999 + comes from the --gid parameter above. + You can modify it to anything you desire. Note that + useradd will never reuse a UID or GID. If the number identified in this parameter is used, it will use the next - available number after this. Note also that if you don't have a group - 1000 on your system the first time you use useradd + available number after this. Note also that if you don't have a + group with an ID equal to this number on your system the first + time you use useradd without the -g parameter, you'll get a message displayed on the terminal that says: - useradd: unknown GID 1000. You may - disregard this message and group number 1000 will be used. + useradd: unknown GID 999, although + the account is correctly created. That is + why we have earlier created the group users + with this group ID. From e7f0fa1fa6403e7b2c89857649e40b40f545a2dd Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Wed, 5 Jan 2022 01:12:58 +0800 Subject: [PATCH 3/5] shadow: "users" is a groupname, not a parameter --- chapter08/shadow.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index 810e77969..2cc670ea1 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -211,7 +211,8 @@ useradd -D --gid 999 displayed on the terminal that says: useradd: unknown GID 999, although the account is correctly created. That is - why we have earlier created the group users + why we have earlier created the group + users with this group ID. From da7949dfb641c2d47264712add6d4090cc20a2f8 Mon Sep 17 00:00:00 2001 From: Bruce Dubbs Date: Tue, 4 Jan 2022 11:43:19 -0600 Subject: [PATCH 4/5] Minor reworing of reason for GID 999 --- chapter08/shadow.xml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index 2cc670ea1..ffc2a7ce9 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -200,20 +200,20 @@ useradd -D --gid 999 This parameter sets the beginning of the group numbers used in the /etc/group file. The particular value 999 - comes from the --gid parameter above. - You can modify it to anything you desire. Note that - useradd will never reuse a UID or GID. If the - number identified in this parameter is used, it will use the next - available number after this. Note also that if you don't have a - group with an ID equal to this number on your system the first - time you use useradd - without the -g parameter, you'll get a message - displayed on the terminal that says: - useradd: unknown GID 999, although - the account is correctly created. That is - why we have earlier created the group - users - with this group ID. + comes from the --gid parameter above. You can + modify it to anything you desire. + + Note that useradd will never reuse a UID or GID. + If the number identified in this parameter is used, it will use the + next available number. Note also that if you don't have a group with + an ID equal to this number on your system the first time you use + useradd without the -g + parameter, you will get a message displayed on the terminal that + says: useradd: unknown GID 999, + although the account is correctly created. That is why we have + created the group users + with this group ID in . + From b029aa8bfb36e24d92ed2a048564f1e8ac773eb6 Mon Sep 17 00:00:00 2001 From: Pierre Labastie Date: Tue, 4 Jan 2022 19:23:38 +0100 Subject: [PATCH 5/5] Remove ending space in shadow --- chapter08/shadow.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index ffc2a7ce9..ea540d1cf 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -201,7 +201,7 @@ useradd -D --gid 999 This parameter sets the beginning of the group numbers used in the /etc/group file. The particular value 999 comes from the --gid parameter above. You can - modify it to anything you desire. + modify it to anything you desire. Note that useradd will never reuse a UID or GID. If the number identified in this parameter is used, it will use the @@ -211,9 +211,9 @@ useradd -D --gid 999 parameter, you will get a message displayed on the terminal that says: useradd: unknown GID 999, although the account is correctly created. That is why we have - created the group users + created the group users with this group ID in . - +