Hi,
On my 2 Gentoo machines, users have a strange problem of group
membership. When using 'id' or 'groups' without arguments, the list of
groups includes those from the root user, and groups common to the
user and root are duplicated, like wheel, video, allowssh.
I observed that the list of groups is incorrect only in a KDE session,
either in Konsole or xterm, but the list of groups is correct in other
kinds of sessions like on a TTY or through SSH.
After a reboot, the problem disappears for a while, but comes again,
and I didn't find what could trigger it.
I can't figure what KDE could have to do with user groups returned by
the kernel !
Does anyone have a hint on the origin of this problem ?
mick@xxx ~ $ groups
root bin daemon sys adm disk wheel wheel floppy uucp cron audio cdrom
dialout tape video video games cdrw apache usb vboxusers portage
allowssh allowssh svn users mick
mick@xxx ~ $ id
uid=1001(mick) gid=1001(mick)
groupes=1001(mick),0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),16(cron),18(audio),19(cdrom),20(dialout),26(tape),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users)
When run with a login, the list is correct
mick@xxx ~ $ groups mick
wheel cron audio cdrom video games cdrw apache usb vboxusers portage
allowssh svn users mick
mick@xxx ~ $ groups root
root bin daemon sys adm disk wheel floppy uucp dialout tape video allowssh
mick@xxx ~ $ id mick
uid=1001(mick) gid=1001(mick)
groupes=1001(mick),10(wheel),16(cron),18(audio),19(cdrom),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users)
mick@xxx ~ $ id root
uid=0(root) gid=0(root)
groupes=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),20(dialout),26(tape),27(video),800(allowssh)
As far as I can tell the contents of '/etc/passwd' and '/etc/group' is
also correct.
mick@xxx ~ $ egrep 'mick|root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/bin/bash
mick:x:1001:1001::/home/mick:/bin/bash
mick@xxx ~ $ egrep 'mick|root' /etc/group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
disk:x:6:root,adm,haldaemon
wheel:x:10:root,mick,jef,apache,anne
floppy:x:11:root,haldaemon
uucp:x:14:root
cron:x:16:cron,mick,apache
audio:x:18:famille,mick,jef,juliette,victor,anne,pulse,sddm
cdrom:x:19:famille,mick,haldaemon,jef,juliette,victor,anne
dialout:x:20:root
tape:x:26:root
video:x:27:root,famille,mick,jef,juliette,victor,anne,oracle,sddm
games:x:35:famille,mick,jef,juliette,victor,anne
cdrw:x:80:famille,mick,haldaemon
apache:x:81:famille,jef,mick
usb:x:85:famille,mick,haldaemon,juliette,victor,anne
vboxusers:x:102:famille,vbox,mick,jef
portage:x:250:portage,famille,mick,jef,apache
allowssh:x:800:mick,jef,root,anne,juliette,victor
svn:x:909:famille,jef,mick,tracd
users:x:1000:mick,jef,apache,juliette,victor,offlineimap,anne
mick:x:1001:mick
The difference in output between 'id' and 'id mick' happens because
'id' calls the syscall 'getgroups' in the first case, but not in the
other, as I could see with 'strace'
mick@xxx $ strace id
[...]
getgroups(0, NULL) = 29
getgroups(29, [0, 1, 2, 3, 4, 6, 10, 10, 11, 14, 16, 18, 19, 20, 26,
27, 27, 33, 35, 80, 81, 85, 102, 250, 800, 800, 909, 1000, 1001]) = 29
[...]
mick@xxx $ strace id mick
[...]
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT
(Aucun fichier ou dossier de ce type)
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978
lseek(3, 0, SEEK_CUR) = 1978
[...repeated]
lseek(3, 0, SEEK_CUR) = 1978
read(3, "", 4096) = 0
close(3) = 0
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT
(Aucun fichier ou dossier de ce type)
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978
lseek(3, 0, SEEK_CUR) = 1978
[...repeated]
lseek(3, 0, SEEK_CUR) = 1978
read(3, "", 4096) = 0
close(3) = 0
[...]
mick@xxx ~ # uname -a
Linux xxx 4.19.27-gentoo-r1 #1 SMP Mon Apr 1 14:38:01 CEST 2019 x86_64
Intel(R) Celeron(R) CPU G1610T @ 2.30GHz GenuineIntel GNU/Linux
Thanks
Best regards
Mickaël Bucas
