[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Modifying /etc/group and /etc/passwd [RANT]

On Tue, Apr 25, 2000 at 10:49:48AM -0400, Camm Maguire wrote:
> Greetings!  Is it still debian policy to prohibit any package from
> touching /etc/group except base-files?  I installed amanda the other
> day and noticed it made the sensible updates for the disk and tape
> groups.  The only reason I ask is that I've contributed a package
> for which I would like to do similar updates, but have refrained from
> doing so due to the policy.  

iirc the policy is not to touch /etc/group etc. directly but you are 
allowed to use addgroup in the install scripts for example. Of course
the package needs a pre-dep on adduser then.

BTW: This changes to /etc/group always break when using NIS. Funny stuff.
Reason: People rely on having the user/group in the appropriate files 
/etc/passwd or /etc/group respectively. So they grep for the group to add
in /etc/group and if it is not there they call addgroup -> boom, group
exists (via NIS).

Alternatively they check using id or sg and if the group is there they
try to delete it. So Debian is not very usable for machine pools anymore.
Of course I can change the NIS config from the default (this could be done
in the package) but then I have to manage all the groups locally if they
have any sense. E.g. it is okay not to share the telnetd group per NFS 
but lpadmin would be nice to have central.


Torsten Landschoff           Bluehorn@IRC               <torsten@debian.org>
           Debian Developer and Quality Assurance Committee Member

Reply to: