[26911] in Athena Bugs
group.local should be treated the same as passwd.local and
daemon@ATHENA.MIT.EDU (Mitchell E Berger)
Mon Jul 31 15:32:45 2006
Message-Id: <200607311932.k6VJWOGs016391@byte-me.mit.edu>
To: bugs@mit.edu
Date: Mon, 31 Jul 2006 15:32:24 -0400
From: Mitchell E Berger <mitchb@mit.edu>
X-Spam-Score: 3.548
X-Spam-Level: *** (3.548)
X-Spam-Flag: NO
Errors-To: bugs-bounces@mit.edu
Hi,
The athena-ws startup script dutifully replaces passwd, shadow, and group with
their .local files at boot time, and on PUBLIC=true machines, reactivate will
clobber a machine's .local files with the defaults out of AFS. However,
the installers on both platforms (phase2.backend on Linux and finish-install
on Solaris) are only initializing the passwd.local and shadow.local files.
I think they should initialize group.local as well (and ideally a patch
would initialize the file on machines missing it).
It's pretty common that when someone needs to add a permanent local group,
which only happens on private machines, we tell them to append a line to
the group.local file with >>. On a machine which was never PUBLIC, that
creates the file, and then lo and behold, next time the machine reboots,
they have their local group, and the rest of the group file has been
obliterated.
(The PWOG does suggest creating the file if it doesn't exist, but if a
package made for Athena wants to add a local group at install time, copying
the current /etc/group is probably wrong because it likely has a lot of
groups in it that shouldn't be permanent. The only "right" way to handle
that currently is to program the $SYSPREFIX and version logic into a
package's spec file to find the default file in AFS, and that seems bad.)
Mitch
