Date: Tue, 21 Aug 2007 13:24:42 -0700 From: Chuck Swiger <cswiger@mac.com> To: Ulrich Spoerlein <uspoerlein@gmail.com> Cc: stable@freebsd.org Subject: Re: pam_group vs. multiple group lines Message-ID: <A77859AB-FF17-4FBA-8B2C-462B129D84A3@mac.com> In-Reply-To: <20070821195043.GA1464@roadrunner.spoerlein.net> References: <20070821195043.GA1464@roadrunner.spoerlein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 21, 2007, at 12:50 PM, Ulrich Spoerlein wrote:
> I found this while trying to migrate groups into LDAP, but you don't
> need LDAP to reproduce this, simply place the following in /etc/group
>
> wheel:*:0:root
> wheel:*:0:us
That's a misconfiguration. From "man 5 group":
The group field is the group name used for granting file access to
users
who are members of the group. The gid field is the number associated
with the group name. They should both be unique across the system
(and
^^^^^^^^^^^^^^^^^^^^^
often across a group of systems) since they control file access.
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A77859AB-FF17-4FBA-8B2C-462B129D84A3>