Brian Epstein on Sun, 02 Feb 2003 23:10:35 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Moving a lot of user accounts


> on useradd before and created a group for every user (had fun
> figuring out why SSH keys wouldn't work, didn't you?), then you need
> the /etc/group file too.
> 
> I forget that particular default because it's so far out in left
> field when it comes to any production environment that a -g users
> doesn't even require thought for me any more on useradd.

I have to disagree with you on this point (being in left field).  
Although User Private Groups are not helpful in all production
environments, it works extremely well when users need to share a common
directory (like if you have a web team instead of a web admin).  Most 
production boxes I've worked on that require user accounts also require
file sharing between those user accounts.

In fact, I've implemented this scheme on both Linux and Solaris boxes.  
It relieves SA headaches in my opinion when it comes to users who don't 
totally understand the intricacies of *nix file and directory 
permissions.

Here's a good writeup on why RH does this.

http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/ref-guide/s1-users-groups-private-groups.html

enjoy!
ep

-- 
Brian Epstein <ep@epiary.org>
Key fingerprint = F9C8 A715 933E 6A64 C220  482B 02CF B6C8 DB7F 41B4

_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug