FS#55589 - [filesystem] user and group nobody missing
Attached to Project:
Arch Linux
Opened by Andreas Radke (AndyRTR) - Monday, 11 September 2017, 16:31 GMT
Last edited by Sébastien Luttringer (seblu) - Sunday, 10 December 2017, 16:03 GMT
Opened by Andreas Radke (AndyRTR) - Monday, 11 September 2017, 16:31 GMT
Last edited by Sébastien Luttringer (seblu) - Sunday, 10 December 2017, 16:03 GMT
|
Details
You missed to readd "nobody" user/group to the new
sysusers.d arch.conf file. This leads to nobody user and
group missing in new clean setups and chroots. You will
notice openssh segfaulting due to missing nobody user.
I've tried to add "u nobody 99 - -" but user and group were not created successfully here. Not sure why. "useradd" and "groupadd" show the group and user existant though not found in group/gshadow/passwd/shadow. |
This task depends upon
Closed by Sébastien Luttringer (seblu)
Sunday, 10 December 2017, 16:03 GMT
Reason for closing: Fixed
Additional comments about closing: filesystem 2017.10-2
Sunday, 10 December 2017, 16:03 GMT
Reason for closing: Fixed
Additional comments about closing: filesystem 2017.10-2
FS#55570FS#55492.sshd fails because it attempts to write to read only memory see https://bugs.archlinux.org/task/55570#comment160996
FS#55492finally. It happens even when systemd is pulled (or arch.conf has nobody inside it).Looking at the following output, I guess nss_systemd is always provding answer for nobody user/group which mislead systemd-sysusers.
# grep nobody /etc/passwd; echo $?
1
# getent passwd nobody
nobody:*:65534:65534:User Nobody:/:/sbin/nologin
# SYSTEMD_LOG_LEVEL=debug systemd-sysusers /usr/lib/sysusers.d/basic.conf
Group nobody already exists.
User nobody already exists.
Is this not a duplicate of
FS#55492and probablyFS#52129for the sshd segfault?I guess you mean not a duplicate of
FS#55570.This BR is about the lack of creation of nobody user/group by systemd-sysusers.
FS#55570, is about a segfault in sshd because nss_systemd return a crafted nobody when the nobody is missing in passwd.It looks like there is a relation between the two, but they are about two different issues.
FS#55570. If the nobody user was present in /etc/passwd then libnss_systemd.so.2 would not supply the result of getpwnam()and openssh would not segfault when it tries to modify one of the buffers pointed to by that result.
Then systemd-sysusers could create nobody and root.