Hello Simon, or anyone else affected, Accepted systemd into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/245.4-4ubuntu3.5 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Committed Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 +0000 +++ /dev/fd/63 2020-10-30 13:29:38.396928732 +0000 @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group 2020-10-30 13:07:52.211261089 +0000 +++ /dev/fd/63 2020-10-30 13:29:45.892846747 +0000 @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp