简体繁体 English

group”之间的不一致

[英]Inconsistency between “/etc/passwd” and “/etc/group”

原文 2019-02-24 13:14:28 0 1 linux/ redhat

Scenario 1: 方案1：

I have 2 users, each has a different primary group. 我有2个用户，每个用户都有一个不同的主要组。 For user1, the primary group is group1 with GID 501. For user2, the primary group is group2 with GID 502. 对于用户1，主要组是具有GID 501的组1。对于用户2，主要组是具有GID 502的组2。

I edited /etc/passwd so that user1 now has GID 600. However, I forgot to create a new group with GID 600 (and I did not edit /etc/group either). 我编辑了/etc/passwd以便user1现在具有GID600。但是，我忘记了创建一个具有GID 600的新组（我也没有编辑/etc/group ）。

What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group )- everything works as if such a group exists: 令我惊讶的是，即使我从未使用GID 600创建一个组（因此/etc/group也没有这样的/etc/group ）-一切都像存在这样的组一样工作：

Examples: 例子：

1) After user1 creates a new file- test.txt , User2 can't r/w that file. 1）用户1创建新文件test.txt ，用户2无法读/写该文件。

2) When running ls -l I can see that test.txt belongs to GID 600. 2）运行ls -l我可以看到test.txt属于GID 600。

What am I missing? 我想念什么？ Why does it work even though there's inconsistency between /etc/passwd and /etc/group ? 即使/etc/passwd和/etc/group之间存在不一致，为什么它仍然起作用？

Scenario 2: 方案2：

Say I have a group with GID 1000. When running useradd -c "name" test2 -g 1000 , and then groups test2 , I can see that test2 's primary group is 1000. 假设我有一个GID为1000的组。运行useradd -c "name" test2 -g 1000 ，然后对groups test2进行groups test2 ，我可以看到test2的主要组是1000。

However, in /etc/group all I see is test_group:x:1000: , meaning test2 isn't a member of test_group . 但是，在/etc/group我看到的只是test_group:x:1000:这意味着test2不是test_group的成员。

Moreover, after running useradd -c "name" test3 , I do have test3:x:8093: in /etc/group . 而且，在运行useradd -c "name" test3 ，我确实在/etc/group具有test3:x:8093:

Can you explain why it's happening? 你能解释为什么会这样吗？

Thanks. 谢谢。

1 个解决方案

Non programming question, expect downvotes... you should ask on superuser or unix.se 非编程问题，请期待投票...您应该在超级用户或unix.se上提问

That said, there is no mapping of UID numbers to GID numbers that require them to have the same values. 也就是说，没有UID号码到GID号码的映射，这些映射要求它们具有相同的值。 Think about what happens when you add a few users, then create a group or two for them to share, then add a few more users. 想一想，当您添加几个用户，然后创建一个或两个供他们共享的组，然后添加更多用户时，会发生什么。 The "next available" GID/UID pair don't match in value, but that doesn't matter. “下一个可用” GID / UID对的值不匹配，但这并不重要。

When you are looking at a user's primary group, they aren't listed in the groups file as being a member because their primary group info is in the passwd file. 当您查看用户的主要组时，由于它们的主要组信息位于passwd文件中，因此未在groups文件中将其列为成员。

Remember to find files/directories that have no owning user or group if you manually change a UID number or GID number, and fix as appropriate. 如果手动更改UID编号或GID编号并进行适当修复，请记住要查找没有所有者或用户组的文件/目录。

Also, when it comes to UID numbers and GID numbers there is 0 (root) and everything else - no special meaning to them. 同样，当涉及到UID编号和GID编号时，其值为0 （根），而其他所有内容都没有特殊含义。 By consensus, "system user" type accounts are low, and most distributions start creating "normal" users with a UID/GID of 1000 按照共识，“系统用户”类型的帐户数量很少，大多数发行版本开始创建UID / GID为1000的“普通”用户