'www-data' is a member of the 'client1' group in /etc/group but not in /etc/gshadow

Discussion in 'General' started by Jeramiah Harland, Sep 14, 2021.

  1. Jeramiah Harland

    Jeramiah Harland New Member

    Hello! I've scoured the internet and could not find a satisfying explanation for the following issue:

    'www-data' is a member of the 'client1' group in /etc/group but not in /etc/gshadow

    Threads I could find about this are old or only mention it as part of a larger issue. However, there are no issues that I am aware of. For example, my FTP connections work fine and I'm able to write to the disk, which were common problems in the other threads.

    My server is Ubuntu 20.04 (set up following Perfect Server Ubuntu 20.04, Apache, Php, etc.) and running ISPConfig Version: 3.2.5

    I have been using Lynis to audit my server and it alerted me to an inconsistency of password/group files. After running grpck I received the message above. I assume that creating more clients will create more instances of this.

    Can someone help me understand if it can be ignored, if not, then what could be wrong and where to investigate?

    Thank you,

  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Is that really the case or do you mean that client<number> are members of www-data -group?
    I do not see anything wrong with the setup (if it is client is member of www-data -group, if it really is the other way round then it is a problem).
  3. Jeramiah Harland

    Jeramiah Harland New Member

    Thanks for the response. I believe it is really the case.

    To try and verify, I did:

    sudo getent group client1


    sudo getent group www-data


    Which is saying www-data is a member of client1 group, but not the other way around if I understand it correctly.

    Inside /etc/group:

    Inside /etc/gshadow:

    I have been reading and experimenting with server security, however I tried to avoid anything I thought would interfere with ISPConfig. Basically I am still confused.


    I checked and two other servers running ISPConfig (Ubuntu 16.04) also display this message when running grpck and one of them has been a production server for years without issue. I am ready to just ignore but being such a noob I can't help be wonder why I'm seeing it. Should /etc/groups/ and /etc/gshadow/ be the same?

    Thanks for the help!
    Last edited: Sep 14, 2021
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The message from grpck command can be ignored in my opinion. Not sure why this inconsistency happens though as ISPConfig is using the normal Linux shell commands to add and edit users and groups.

Share This Page