Public bug reported: * Summary
systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 +0000 +++ /dev/fd/63 2020-10-30 13:29:38.396928732 +0000 @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group 2020-10-30 13:07:52.211261089 +0000 +++ /dev/fd/63 2020-10-30 13:29:45.892846747 +0000 @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages ** Affects: systemd (Ubuntu) Importance: Undecided Status: New ** Description changed: * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin - * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 +0000 +++ /dev/fd/63 2020-10-30 13:29:38.396928732 +0000 @@ -24,3 +24,5 @@ - _apt:x:105:65534::/nonexistent:/usr/sbin/nologin - ubuntu:x:1000:1000::/home/ubuntu:/bin/bash - systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin + _apt:x:105:65534::/nonexistent:/usr/sbin/nologin + ubuntu:x:1000:1000::/home/ubuntu:/bin/bash + systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group 2020-10-30 13:07:52.211261089 +0000 +++ /dev/fd/63 2020-10-30 13:29:45.892846747 +0000 @@ -50,3 +50,5 @@ - ubuntu:x:1000: - ssh:x:111: - systemd-coredump:x:999: + ubuntu:x:1000: + ssh:x:111: + systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: + + * Additional information + + This bug seems to occur on Focal alone as Bionic and Groovy are not + affected. + + $ lsb_release -rd + Description: Ubuntu 20.04.1 LTS + Release: 20.04 + + $ apt-cache policy base-passwd systemd + base-passwd: + Installed: 3.5.47 + Candidate: 3.5.47 + Version table: + *** 3.5.47 500 + 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages + 100 /var/lib/dpkg/status + systemd: + Installed: 245.4-4ubuntu3.2 + Candidate: 245.4-4ubuntu3.2 + Version table: + *** 245.4-4ubuntu3.2 500 + 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 245.4-4ubuntu3 500 + 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd package in Ubuntu: New Bug description: * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 +0000 +++ /dev/fd/63 2020-10-30 13:29:38.396928732 +0000 @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group 2020-10-30 13:07:52.211261089 +0000 +++ /dev/fd/63 2020-10-30 13:29:45.892846747 +0000 @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp