Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#40800 - [filesystem] pwck fails
Attached to Project:
Arch Linux
Opened by Sven Karsten Greiner (SammysHP) - Wednesday, 11 June 2014, 17:33 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 21 June 2014, 16:01 GMT
Opened by Sven Karsten Greiner (SammysHP) - Wednesday, 11 June 2014, 17:33 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 21 June 2014, 16:01 GMT
|
DetailsDescription:
The service "shadow.service" fails with the following error: Jun 11 18:53:53 thinkwolf systemd[1]: Starting Verify integrity of password and group files... Jun 11 18:53:53 thinkwolf pwck[849]: Kein passender Passwortdatei-Eintrag in /etc/shadow Jun 11 18:53:53 thinkwolf pwck[849]: Benutzer »systemd-journal-gateway« zu /etc/shadow hinzufügen? Nein Jun 11 18:53:53 thinkwolf pwck[849]: Kein passender Passwortdatei-Eintrag in /etc/shadow Jun 11 18:53:53 thinkwolf pwck[849]: Benutzer »systemd-timesync« zu /etc/shadow hinzufügen? Nein Jun 11 18:53:53 thinkwolf pwck[849]: pwck: Keine Änderungen Jun 11 18:53:53 thinkwolf systemd[1]: shadow.service: main process exited, code=exited, status=2/INVALIDARGUMENT Jun 11 18:53:53 thinkwolf systemd[1]: Failed to start Verify integrity of password and group files. Jun 11 18:53:53 thinkwolf systemd[1]: Unit shadow.service entered failed state. (Sorry for German, my locale is de_DE. It basically says that /etc/shadow doesn't contain entries for systemd-journal-gateway and systemd-timesync.) Additional info: /etc/shadow contains only the entries from the package (plus the one for my user and some other packages): root:************:16227:::::: bin:x:14871:::::: daemon:x:14871:::::: mail:x:14871:::::: ftp:x:14871:::::: http:x:14871:::::: uuidd:x:14871:::::: dbus:x:14871:::::: nobody:x:14871:::::: sammyshp:************:16227:0:99999:7::: avahi:!:16227:::::: ntp:!:16227:0:99999:7::: git:!:16227:::::: polkitd:!:16228:0:99999:7::: mysql:!:16228:0:99999:7::: kdm:!:16228:::::: systemd-network:!:16229:0:99999:7::: I assume that is related to the post_upgrade() function in the .install file that hasn't updated the settings for these users. [2014-06-06 14:19] [PACMAN] installed filesystem (2014.05-2) [2014-06-08 20:54] [PACMAN] upgraded filesystem (2014.05-2 -> 2014.06-1) As you can see, I installed Arch on 2014-06-06 and filesystem was upgraded two days later (that's why /etc/shadow contains an entry for systemd-network). Another issue that might be related to this: My /etc/passwd still contains /bin/false instead of /usr/bin/nologin as the login shell. |
This task depends upon
Here's an update for pwck and grpck:
# pwck -r
no matching password file entry in /etc/shadow
add user 'systemd-journal-gateway' in /etc/shadow? No
no matching password file entry in /etc/shadow
add user 'systemd-timesync' in /etc/shadow? No
pwck: no changes
# grpck -r
no matching group file entry in /etc/gshadow
add group 'systemd-journal-gateway' in /etc/gshadow? No
no matching group file entry in /etc/gshadow
add group 'systemd-timesync' in /etc/gshadow? No
grpck: no changes
post_upgrade() failed because of the getent check in _addgroup() and _adduser(): /etc/passwd and /etc/group already contained the user because it was included in the files from the package (2014.05-2). Thus groupadd and useradd were never called.
edit: No, that's not completely correct. In the packages passwd already contains the user, but shadow does not. getent returns the user, so nothing is changed. The grpconv-hack in post_upgrade() is not called because all other groups are in sync (especially lock). Also there is no pwconv call, so users can never be in sync between /etc/passwd and /etc/shadow.
edit: Meanwhile I merged the pacnew file for /etc/passwd and ran pwck and grpck to add missing entries in the shadow files.
To make it clear: This issue can only happen for a newly installed Arch as the shadow files from the package don't include all users/groups.
I'd go one step further and would remove
# update shadow files if needed
if (( need_group_update )); then
grpconv >/dev/null
fi
if (( need_passwd_update )); then
pwconv >/dev/null
fi
completely as this situation should never happen (only if other packages modify /etc/passwd manually without useradd).