Gid modification options

mervincm · May 14, 2024, 6:36pm

Is there a way to change gid for groups?

I like to keep everything simple when possible and thus keep id and gid aligned. If user “frank” has a uid of 3030 I want group “frank” to also have a gid of 3030. this was working fine till I created a user of a manually assigned uid (2950) and the auto-created group was in the 3000 range. I need to fix that and reach the subsequently created groups.
normally I would do this with groupmod … but it is missing in my freshly installed Dragonfish build. I thought it was there in my previous build … or at least some other equivalent tool.

awalkerix · May 14, 2024, 7:04pm

You can create the group / gid first and then select that as the primary group when creating the user.

mervincm · May 14, 2024, 7:19pm

I had considered that … delete everything and re-create … but I hoped for something a bit more … elegant…

I “assumed” that when I specified the UID it would do the same for the GID … just like it had been doing beforehand … keeping everything aligned.

a combo of an assumption and forgetting to check after the fact left me with a minor mess to clean up

I appreciate the prompt suggestion.

awalkerix · May 14, 2024, 7:22pm

but I hoped for something a bit more … elegant…

This is a kind of unusual request since generally IDs aren’t really user-facing in a conventional sense and people who need to coordinate between multiple systems use something like LDAP, AD, or NIS for this purpose.

mervincm · May 14, 2024, 10:33pm

I wasn’t worried about a universal consistent standard for all my accounts and groups till recently. I ended up reinstalling my TrueNAS from scratch in an attempt (successful) to solve an issue with permissions via NFS from my app hosting system. That exposed me to how weirdly complicated it can be to use Linux permission to control access to remote files system over NFS from dockerized applications and Linux containers. After that, it made things simpler to troubleshoot if all systems had the same uid/guid for users and groups. I only have 5-6 Linux systems to sync, so AD LDAP seemed overkill … but perhaps I should reconsider. I use Ansible to manage it elsewhere, so it was only this storage appliance that was an outlier.

awalkerix · May 15, 2024, 11:51am

If you’re only using NFS and want to keep things simple you can just use an OpenLDAP server. Things get more complicated if you need SMB or security for your NFS.