PDA

View Full Version : A close call (usermod -G)



Wim Sturkenboom
October 21st, 2012, 11:41 AM
Nearly borked my system this morning trying to help a user here.

I ran usermod -G www-data wim to add the only adminstrative user to the www-data group. This wiped all additional groups that the user was a member of (including sudo) :( Luckily I checked, and because sudo remembered the password and I did not close the terminal yet, I could correct the situation.

Close, very very close.

The correct command is, by the way, usermod -aG www-data wim

steeldriver
October 21st, 2012, 12:27 PM
yes I've started to use/recommend using gpasswd (which adds the user to the group) instead for that exact reason


gpasswd --add wim www-data

Wim Sturkenboom
October 21st, 2012, 01:00 PM
Thanks, I will try to remember that command ;)

It would, by the way, not have happend if there would have been an obvious way in system settings -> user accounts to simply add / remove users to /from groups. There might be a way but I simply did not see it.

Will make another thread about that.

cariboo
October 21st, 2012, 07:29 PM
You could also install gnome-system-tools, then run users-admin to get the old Users & Groups interface back.

Lars Noodén
October 21st, 2012, 07:57 PM
www-data usually shouldn't contain any regular users. It is reserved by the http server for privilege separation so that parts of it can run unprivileged.

Wim Sturkenboom
October 22nd, 2012, 06:54 AM
gnome-system-tools is now installed; currently researching how to integrate it in gnome-control-center (if at all possible).

And I know it was not the optimal solution to make a user a member of www-data; the final solution for the problem was therefore also different.