adduser ignores NIS
Bug #182721 reported by
Morten Kjeldgaard
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
adduser (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: adduser
It appears adduser ignores NIS. The problem appeared for me when install the sbuild package, which makes the following call in the postinst maintainer script:
if [ -z "`getent group sbuild`" ]; then
adduser --group --quiet sbuild
fi
The result was, that the sbuild group was created in /etc/group with gid 1002. However, that is the gid of a NIS user.
Thus, the gid is un-intentionally shared, which may potentially be a security issue.
Since adduser is typically used in maintainer scripts, it is logical to fix the problem in that package. Perhaps, adduser should consult /etc/nsswitch, and see where password and group information may come from.
To post a comment you must log in.
Perhaps related to the following:
Debian bug 248500 in adduser "adduser: do not re-use uids used once" [Wishlist,Open] http:// bugs.debian. org/248500