Bug 172965 - pw(8): pw useradd does not allow -g ""
Summary: pw(8): pw useradd does not allow -g ""
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 9.1-PRERELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-10-22 22:00 UTC by jeff
Modified: 2017-12-31 22:29 UTC (History)
0 users

See Also:


Attachments
pw_user.c.diff (578 bytes, patch)
2012-10-23 21:42 UTC, jeff
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description jeff 2012-10-22 22:00:00 UTC
Man page for "pw" indicates that -g "" is an acceptable option:

     -g group      Set the default group for new users.  If a blank group is
                   specified using -g "", then new users will be allocated
                   their own private primary group with the same name as their
                   login name.  If a group is supplied, either its name or uid
                   may be given as an argument.

However, attempting to do that produces an error:

# pw useradd moo -g ""
pw: group `' is not defined

How-To-Repeat: pw useradd moo -g ""
Comment 1 jb.1234abcd 2012-10-22 22:35:49 UTC
You took it out of context.

$ man pw
...
     The useradd command also has the ability to set new user and group
     defaults by using the -D option.  Instead of adding a new user, pw writes
     a new set of defaults to its configuration file, /etc/pw.conf.  When
     using the -D option, you must not use either -n name or -u uid or an
     error will result.  Use of -D changes the meaning of several command line
     switches in the useradd command.  These are:

     -D            Set default values in /etc/pw.conf configuration file, or a
                   different named configuration file if the -C config option
                   is used.
...

# pw useradd -D -g ""
# cat /etc/pw.conf
...
# Default group (leave blank for new group per user)
defaultgroup = ""
...
# pw useradd moo3
# grep -i moo3 /etc/passwd
moo3:*:1005:1005:User &:/home/moo3:/bin/sh

# pw useradd -D -g "nobody"
# cat /etc/pw.conf
...
# Default group (leave blank for new group per user)
defaultgroup = "nobody"
...
# pw useradd moo4
# grep -i moo4 /etc/passwd
moo4:*:1006:65534:User &:/home/moo4:/bin/sh

jb
Comment 2 jeff 2012-10-22 22:54:58 UTC
Very well, but it seems that it might be useful for the normal -g (without
-D) to also accept "" so that you can perform a one-time override of any
possible default group that had been established.
Comment 3 jb.1234abcd 2012-10-22 23:17:12 UTC
And what that one-time override would be ?
"" ? Impossible, it has to be a valid group (it goes to /etc/passwd).
# pw useradd moo4
# pw useradd moo5 -g nobody
# pw useradd moo6 -g moo6
pw: group `moo6' does not exist
# pw useradd moo7 -g ""
pw: group `' is not defined
# grep -i moo /etc/passwd
moo4:*:1003:1003:User &:/home/moo4:/bin/sh
moo5:*:1004:65534:User &:/home/moo5:/bin/sh
Comment 4 jeff 2012-10-23 21:42:43 UTC
Yes, I agree that "" is currently impossible by the current version of
"pw".  However, attached is a diff to /usr/src/usr.sbin/pw/pw_user.c
that implements the change I am proposing to allow such a one-time
override.  For example:

# pw useradd moo4
# pw useradd -D -g "nobody"
# pw useradd moo5
# pw useradd moo6 -g ""

# grep moo /etc/passwd
moo4:*:8005:8005:User &:/home/moo4:/bin/sh
moo5:*:8006:65534:User &:/home/moo5:/bin/sh
moo6:*:8007:8007:User &:/home/moo6:/bin/sh

In effect, -g "" acts as if there is no default set by -D -g.
Comment 5 jb.1234abcd 2012-10-23 22:38:19 UTC
> # pw useradd moo6 -g ""

Make sure that the new group is added to /etc/group"
# grep -i moo /etc/group
moo6:*:8007:

jb
Comment 6 jb.1234abcd 2012-10-23 23:26:58 UTC
What about 'pw usermod' ?

Wow !
I just tested (btw, without your patch):
# pw usermod moo4 -g "nobody"
# pw usermod moo4 -g ""
Segmentation fault: 11 (core dumped)
#

I opened PR#:
http://www.freebsd.org/cgi/query-pr.cgi?pr=173005

With regard to your changes:
make sure you test 'pw useradd' and 'pw usermod' entries, both old and new
(override with -g "") syntax, with "-N" option.

jb
Comment 7 jb.1234abcd 2012-10-26 19:58:46 UTC
I am presenting a summary that would suggest better solution.

pw(8):
...
USER OPTIONS
     The following options apply to the useradd and usermod commands:
...
     -g group      Set the account's primary group to the given group.  group
                   may be defined by either its name or group number.
...
     The useradd command also has the ability to set new user and group
     defaults by using the -D option.  Instead of adding a new user, pw writes
     a new set of defaults to its configuration file, /etc/pw.conf.  When
     using the -D option, you must not use either -n name or -u uid or an
     error will result.  Use of -D changes the meaning of several command line
     switches in the useradd command.  These are:

     -D            Set default values in /etc/pw.conf configuration file, or a
                   different named configuration file if the -C config option
                   is used.
...
     -g group      Set the default group for new users.  If a blank group is
                   specified using -g "", then new users will be allocated
                   their own private primary group with the same name as their
                   login name.  If a group is supplied, either its name or uid
                   may be given as an argument.
...

Now, let's review it once again.
# pw useradd moo -g moo
pw: group `moo' does not exist
# pw useradd moo -g boo
pw: group `boo' does not exist
# pw useradd moo -g ""
pw: group `' is not defined

You want to make a one-time override of any default group as established in
/etc/pw.conf by "-D -g" options:
# pw useradd moo -g ""
moo:*:8007:8007:User &:/home/moo:/bin/sh

But, the below does the same but by checking if user name/id is equal to
primary group name/id as entered:
# pw useradd moo -g moo
moo:*:8007:8007:User &:/home/moo:/bin/sh
which clearly reflects user's intentions as entered.
By contrast, your solution is less clear about the user's intentions; also,
it introduces blank group specification -g "" to entry whose context is
an immediate and particular account setup, but which is specific to -D -g ""
type of entry whose context is setting up system defaults for any accounts
setup.
Comment 8 Eitan Adler freebsd_committer freebsd_triage 2012-10-27 20:20:09 UTC
---------- Forwarded message ----------
From: J B <jb.1234abcd@gmail.com>
Date: 26 October 2012 15:00
Subject: Re: misc/172965: pw useradd does not allow -g &quot;&quot;
To: freebsd-bugs@freebsd.org


The following reply was made to PR misc/172965; it has been noted by GNATS.

From: J B <jb.1234abcd@gmail.com>
To: bug-followup@FreeBSD.org, jeff@bovine.net
Cc:
Subject: Re: misc/172965: pw useradd does not allow -g &quot;&quot;
Date: Fri, 26 Oct 2012 20:58:46 +0200

 I am presenting a summary that would suggest better solution.

 pw(8):
 ...
 USER OPTIONS
      The following options apply to the useradd and usermod commands:
 ...
      -g group      Set the account's primary group to the given group.  group
                    may be defined by either its name or group number.
 ...
      The useradd command also has the ability to set new user and group
      defaults by using the -D option.  Instead of adding a new user, pw writes
      a new set of defaults to its configuration file, /etc/pw.conf.  When
      using the -D option, you must not use either -n name or -u uid or an
      error will result.  Use of -D changes the meaning of several command line
      switches in the useradd command.  These are:

      -D            Set default values in /etc/pw.conf configuration file, or a
                    different named configuration file if the -C config option
                    is used.
 ...
      -g group      Set the default group for new users.  If a blank group is
                    specified using -g "", then new users will be allocated
                    their own private primary group with the same name as their
                    login name.  If a group is supplied, either its name or uid
                    may be given as an argument.
 ...

 Now, let's review it once again.
 # pw useradd moo -g moo
 pw: group `moo' does not exist
 # pw useradd moo -g boo
 pw: group `boo' does not exist
 # pw useradd moo -g ""
 pw: group `' is not defined

 You want to make a one-time override of any default group as established in
 /etc/pw.conf by "-D -g" options:
 # pw useradd moo -g ""
 moo:*:8007:8007:User &:/home/moo:/bin/sh

 But, the below does the same but by checking if user name/id is equal to
 primary group name/id as entered:
 # pw useradd moo -g moo
 moo:*:8007:8007:User &:/home/moo:/bin/sh
 which clearly reflects user's intentions as entered.
 By contrast, your solution is less clear about the user's intentions; also,
 it introduces blank group specification -g "" to entry whose context is
 an immediate and particular account setup, but which is specific to -D -g ""
 type of entry whose context is setting up system defaults for any accounts
 setup.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"


-- 
Eitan Adler
Comment 9 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:00:46 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped