> my /etc/default/useradd has a 'GROUP' value of 100, yet useradd assigns a
> per-user group of gid > 500 and assigns that to the user? Or is that
> actually standard practise?
That is because of /etc/login.defs which is used. It specifies more
detail than /etc/defaults/useradd. You will notice that group 100 is
the group users. The lowest group an user should be a member of. I'm
not sure if you're added to that group by default tho.
> Or, of course, have redhat patched useradd.
>
> > [oliver] duality:/usr/sbin$ ls -la adduser
> > lrwxrwxrwx 1 root root 7 Feb 17 19:08 adduser ->
> > useradd*
>
> sure. In that case, you *still* need to provide a wrapper to magically
> determine whether to update the ldap store or the system files, or to
> provide a new useradd to replace the old one.
If you're using ldap to store site wide information that information
should only be about human users. "System" (mysql, bin, root, mail)
users should probably be in /etc/passwd. They rarely have passwords
(except root) anyway. Also if that sort of info wasn't stored in
reliable places (ie, in a file) you could stop your system from booting
or functioning by DoS'ing slapd or having an incorrect configuration.
Even if slapd crashed you could log in as root and restart it. PAM
allows for fall back authentication.
Later
--
Oliver Jones - oliver(a)deeper.co.nz - Mobile: +64-21-41-2238
- Deeper Design Limited - http://www.deeperdesign.com
------------
WLUG - The Waikato Linux Users Group
To unsubscribe, send an email to majordomo(a)list.waikato.ac.nz
with "unsubscribe wlug" in the body of the message.
