[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
This bug was fixed in the package systemd - 245.4-4ubuntu3.5 --- systemd (245.4-4ubuntu3.5) focal; urgency=medium [ Ioanna Alifieraki ] * d/p/lp1911187-systemctl-do-not-shutdown-immediately-on-scheduled-shutdo.patch: Do not shutdown immediately when scheduled shutdown fails (LP: #1911187) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3899c9d5c171e84fc503c6ab46aea7cc9def7235 [ Dimitri John Ledkov ] * d/p/lp1878969-meson-initialize-time-epoch-to-reproducible-builds-compat.patch: meson: initialize time-epoch to reproducible builds compatible value (LP: #1878969) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=84212797d21ed08031e1d71fe5e118bdd9873c0f [ Dan Streetman ] * d/p/lp1913189-test-accept-that-char-device-0-0-can-now-be-created-.patch: - Fix failing test case under 5.8 kernel (LP: #1913189) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=782a382017ce188dbf9a40adabd265943d7db119 * d/p/lp1913423-hashmap-make-sure-to-initialize-shared-hash-key-atom.patch: Thread-safe init of hashmap shared key (LP: #1913423) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fc8dde7c4b1944d1583866f61c2314174b4dd06a * d/p/lp1902236-nss-systemd-don-t-synthesize-root-nobody-when-iterat.patch: Don't synthesize root/nobody when iterating (LP: #1902236) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4d20e415ecd5b0fd032b4cf45bd9fd344cc434ac * d/p/debian/patches/lp1880258-log-nxdomain-as-debug.patch: Change NXDOMAIN 'errors' to log level debug (LP: #1880258) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=80163a2097aa876fe73b6071495ae4ad8749d04e * d/p/lp1913763-udev-rules-add-rule-to-create-dev-ptp_hyperv.patch: Create symlink for hyperv-provided ptp device (LP: #1913763) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b02053da2ff3fee6221bd8310488af0f52b140f1 -- Ioanna Alifieraki Tue, 23 Feb 2021 00:18:57 + ** Changed in: systemd (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Released Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
Verification procedure on Focal: $ lxc launch focal lp1902236-f Creating lp1902236-f Starting lp1902236-f $ lxc exec lp1902236-f bash root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin # Enable proposed root@lp1902236-f:~# vim /etc/apt/sources.list root@lp1902236-f:~# apt update && apt-get dist-upgrade Calculating upgrade... Done The following packages will be upgraded: libnss-systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libpam-systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libsystemd0 (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libudev1 (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd-sysv (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd-timesyncd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) udev (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) 8 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 5845 kB of archives. After this operation, 15.4 kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libnss-systemd amd64 245.4-4ubuntu3.5 [95.8 kB] Get:2 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 udev amd64 245.4-4ubuntu3.5 [1366 kB] Get:3 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libudev1 amd64 245.4-4ubuntu3.5 [81.2 kB] Get:4 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd-sysv amd64 245.4-4ubuntu3.5 [10.3 kB] Get:5 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd-timesyncd amd64 245.4-4ubuntu3.5 [28.1 kB] Get:6 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libpam-systemd amd64 245.4-4ubuntu3.5 [186 kB] Get:7 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd amd64 245.4-4ubuntu3.5 [3805 kB] Get:8 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libsystemd0 amd64 245.4-4ubuntu3.5 [274 kB] Fetched 5845 kB in 2s (2391 kB/s) ... Setting up libnss-systemd:amd64 (245.4-4ubuntu3.5) ... Setting up libpam-systemd:amd64 (245.4-4ubuntu3.5) ... Processing triggers for libc-bin (2.31-0ubuntu9.2) ... Processing triggers for dbus (1.12.16-2ubuntu2.1) ... root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin ** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Committed Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
Hello Simon, or anyone else affected, Accepted systemd into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/245.4-4ubuntu3.5 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Committed Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 + +++ /dev/fd/632020-10-30 13:29:38.396928732 + @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group2020-10-30 13:07:52.211261089 + +++ /dev/fd/632020-10-30 13:29:45.892846747 + @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information Thi
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
** Changed in: systemd Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: In Progress Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 + +++ /dev/fd/632020-10-30 13:29:38.396928732 + @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group2020-10-30 13:07:52.211261089 + +++ /dev/fd/632020-10-30 13:29:45.892846747 + @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
** Changed in: systemd (Ubuntu Focal) Status: New => In Progress ** Changed in: systemd (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: systemd (Ubuntu Focal) Assignee: (unassigned) => Dan Streetman (ddstreet) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Unknown Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: In Progress Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 + +++ /dev/fd/632020-10-30 13:29:38.396928732 + @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group2020-10-30 13:07:52.211261089 + +++ /dev/fd/632020-10-30 13:29:45.892846747 + @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
** Bug watch added: github.com/systemd/systemd/issues #15160 https://github.com/systemd/systemd/issues/15160 ** Also affects: systemd via https://github.com/systemd/systemd/issues/15160 Importance: Unknown Status: Unknown ** Description changed: + [impact] + + getent password or getent group returns duplicate, false/synthesized, + entries for root and nobody + + [test case] + + root@lp1902236-f:~# getent passwd | grep root + root:x:0:0:root:/root:/bin/bash + root:x:0:0:root:/root:/bin/sh + root@lp1902236-f:~# getent group | grep root + root:x:0: + root:x:0: + + root@lp1902236-f:~# getent passwd | grep nobody + nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin + nobody:x:65534:65534:nobody:/:/usr/sbin/nologin + root@lp1902236-f:~# getent group | grep nogroup + nogroup:x:65534: + nogroup:x:65534: + + [regression potential] + + any regression would likely result in incorrect results to calls to + getent or other programs using libnss-systemd + + [scope] + + this is needed only for f + + this was fixed upstream by commit + 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in + v246, so this is fixed in g and later already. + + b and earlier doesn't show the duplication. + + [original description] + * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 + +++ /dev/fd/632020-10-30 13:29:38.396928732 + @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group2020-10-30 13:07:52.211261089 + +++ /dev/fd/632020-10-30 13:29:45.892846747 + @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: - Installed: 3.5.47 - Candidate: 3.5.47 - Version table: - *** 3.5.47 500 - 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages - 100 /var/lib/dpkg/status + Installed: 3.5.47 + Candidate: 3.5.47 + Version table: + *** 3.5.47 500 + 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages + 100 /var/lib/dpkg/status systemd: - Installed: 245.4-4ubuntu3.2 - Candidate: 245.4-4ubuntu3.2 - Version table: - *** 245.4-4ubuntu3.2 500 - 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 245.4-4ubuntu3 500 - 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages + Installed: 245.4-4ubuntu3.2 + Candidate: 245.4-4ubuntu3.2 + Version table: + *** 245.4-4ubuntu3.2 500 + 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 245.4-4ubuntu3 500 + 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent
[Touch-packages] [Bug 1902236] Re: Duplicated root and nobody returned by getent on Focal
per comment in bug description, marking as affecting only focal ** Also affects: systemd (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: systemd (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: New Bug description: * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 + +++ /dev/fd/632020-10-30 13:29:38.396928732 + @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group2020-10-30 13:07:52.211261089 + +++ /dev/fd/632020-10-30 13:29:45.892846747 + @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp