bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#53631: coreutils id(1) incorrect behavior

From: Bob Proulx
Subject: bug#53631: coreutils id(1) incorrect behavior
Date: Sat, 29 Jan 2022 18:46:00 -0700 
Vladimir D. Seleznev wrote:
> Expected behavior is:
>       # id user1
>       uid=1027(user1) gid=1027(user1) groups=1027(user1)
>       # id user2
>       uid=1027(user1) gid=1027(user1) groups=1027(user1),1028(somegroup)

I just tried a test on both FreeBSD and NetBSD and both FreeBSD and
NetBSD behave as you expect.  That would give weight for GNU Coreutils
matching that behavior.

> Example:
>       # useradd user1
>       # groupadd somegroup
>       # useradd -o -u "$(id -u user1)" -g "$(id -G user1) -G somegroup user2

I'll just note that there is a missing ending quote character.  It's
also missing the -m option to create a home directory.  For those who
wish to recreate the test case.

    root@turmoil:~# tail -n2 /etc/passwd /etc/group /etc/shadow /etc/gshadow
    ==> /etc/passwd <==
    user1:x:1001:1001::/home/user1:/bin/sh
    user2:x:1001:1001::/home/user2:/bin/sh

    ==> /etc/group <==
    user1:x:1001:
    somegroup:x:1002:user2

    ==> /etc/shadow <==
    user1:!:19022:0:99999:7:::
    user2:!:19022:0:99999:7:::

    ==> /etc/gshadow <==
    user1:!::
    somegroup:!::user2

With the above things are not really a valid configuration.  Therefore
I don't think it is surprising that the utilities don't "figure it
out" completely correctly.  I have never seen user2 used with a
different set of groups than the primary uid specifies.  I think in
practice that will be problematic.  Since the system will use the uid
for such things and the uid would map to a different set of auxilary
groups.  I think in practice this case is a problematic case at the
least.

Note that it is perfectly valid and long standing practice to allow
multiple passwd entries with the same uid number.  That's a technique
to allow multiple different passwords and login shells for the same
account.

[[ I'll further note that use of nscd completely breaks this useful
ability by hashing all duplicate uid entries together.  Like in The
Highlander, with nscd there can be only one.  It's why I never use
nscd anywhere as this makes it not suitable for purpose.  But that's
rather off this topic.  I'll bracket it as an aside. ]]

Bob
reply via email to
[Prev in Thread] Current Thread [Next in Thread]