[526] in athena10
Re: Suggested amendments to the Athena10 docs.
daemon@ATHENA.MIT.EDU (Tim Abbott)
Sun Sep 21 23:49:18 2008
Date: Sun, 21 Sep 2008 23:48:24 -0400 (EDT)
From: Tim Abbott <tabbott@MIT.EDU>
To: Jonathan Reed <jdreed@mit.edu>
cc: William Cattey <wdc@mit.edu>, athena10@mit.edu
In-Reply-To: <7E94729F-15F1-43E8-B67A-1F74622A0826@mit.edu>
Message-ID: <alpine.DEB.1.10.0809212331180.7613@vinegar-pot.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
On Tue, 16 Sep 2008, Jonathan Reed wrote:
>
> On Sep 16, 2008, at 5:31 PM, Tim Abbott wrote:
>>
>> I think you used usermod, not adduser when you wrote the documentation;
>> usermod I believe is incorrectly not affected by this.
>>
>> There are ways -- it's just that the adduser command isn't one of them.
>>
>> adduser.debathena-orig wdc admin
>>
>> would work (you can read /usr/sbin/adduser.debathena to get a hint of
>> what's going on here). Ther'es a prettier ways too.
>>
>> -Tim Abbott
>
> The method I used, documented on athena10.mit.edu, is with userdel and
> useradd, not deluser and adduser.
As it turns out, "useradd USER GROUP" is not valid syntax for the useradd
command. I think that the website intended to recommend
adduser USER GROUP
which does work.
> I will try a complete wipe and re-install of my machine tomorrow, to
> ensure that the instructions are correct. Still, if they're wrong, I'm
> sad that no one noticed until now.
I think that this should work if you replace "useradd" with "adduser" in
the instructions.
> Or are they both NSS aware?
useradd and adduser are both NSS aware. Both of them are diverted to set
the environment variable NSS_NONLOCAL_IGNORE=ignore. This is necessary to
support adding a user with the same name as a nonlocal user (e.g. to when
installing postfix, the postinst script tries to create a user called
postfix, and we want this to override the Athena user postfix (Mail T
Agent), rather than failing to install).
Setting NSS_NONLOCAL_IGNORE causes NSS to pretend that nonlocal users and
groups don't exist.
However, our useradd wrapper is smart enough to parse arguments and check
if useradd is being called in the 2-argument "useradd USER GROUP", and in
that case, it does not set NSS_NONLOCAL_IGNORE.
So, the supported way to do this is indeed to just run
adduser wdc admin
(sorry for the confusion earlier; I should remember my own code better).
-Tim Abbott
