4

So I am attempting to create a new user and group, and then change ownership of a directory to that new user/group. However, when I do, chown comes back with an "illegal user name" message.

Here's a simplified shell script that shows what I'm trying to do:

#!/usr/bin/bash

# Create Group
dscl . create /Groups/_jira
dscl . create /Groups/_jira gid 301"

# Create User
dscl . create /Users/_jira
dscl . append /Groups/_jira GroupMembership _jira

# Change Ownership
chown -R _jira:_jira /Some/random/directory

... and the output I get is:

chown: _jira: illegal user name

Am I missing a step? Is it because the username is prefixed with an underscore?

Note: I can list all the existing users and groups and can see the _jira user and _jira group, and also see that the user is assigned to that group.

Improve this question

1 Answer 1

Reset to default
3

You haven't assigned a user ID number (what dscl calls UniqueID) to the _jira user, and since file ownership is recorded by user ID, there's no way to chown files to an account without one. Add something like:

dscl . create /Users/_jira UniqueID 301

You should also set the user's PrimaryGroupID, and I'd use that to assign it to the _jira group rather than adding the user to the group:

dscl . create /Users/_jira PrimaryGroupID 301

If you want to stick with adding a secondary membership in the _jira group, you should assign some other group ID as the primary, and then add the secondary membership with dseditgroup:

sudo dseditgroup -o edit -a _jira -t user _jira

This not only adds "_jira" to the group's GroupMembership list, it also adds the user's UUID to the group's GroupMembers list -- doing both is recommended, and while it's possible to do with dscl it's simpler with dseditgroup.

Improve this answer
1
  • my issue was exactly not assigning a UNIQUE id to the group and user. thanks
    – Amirsalar
    Commented Apr 6, 2023 at 8:24

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .