tags 282822 patch thanks I'm afraid I don't really understand the real purpose of USERGROUPS_ENAB if there's still one.
It is not documented in login.defs(5) and only a few utilities such as userdel and a piece of code in limits seem to use it....this piece of code being used only in non-PAM enviroonments Is there still a point in providing what we currenly have in the default login.defs file: # # Enable setting of the umask group bits to be the same as owner bits # (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is # the same as gid, and username is the same as the primary group name. # # This also enables userdel to remove user groups if no members exist. # USERGROUPS_ENAB yes I'm inclined to move this to the "obsoleted by PAM" section. The only thing that prevents me doing so is the variable being used in userdel.c even in PAM environments. If we keep it we should however change the comment: # This enables userdel to remove user groups if no members exist. # # Other former uses of this variables such as setting the umask when # user==primary group are not used in PAM environments, thus in Debian # USERGROUPS_ENAB yes Patch attached, please comment. PS: the man pages of both login(1) and login.defs(5) do not advertise this variable anymore. --
--- login.defs 2005-09-14 14:33:33.727212085 +0200 +++ login.defs.new 2005-09-27 18:31:33.348326051 +0200 @@ -243,11 +243,10 @@ #GETPASS_ASTERISKS 1 # -# Enable setting of the umask group bits to be the same as owner bits -# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is -# the same as gid, and username is the same as the primary group name. +# This enables userdel to remove user groups if no members exist. # -# This also enables userdel to remove user groups if no members exist. +# Other former uses of this variables such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian # USERGROUPS_ENAB yes
