Verification procedure on Focal: $ lxc launch focal lp1902236-f Creating lp1902236-f Starting lp1902236-f $ lxc exec lp1902236-f bash root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin
# Enable proposed root@lp1902236-f:~# vim /etc/apt/sources.list root@lp1902236-f:~# apt update && apt-get dist-upgrade Calculating upgrade... Done The following packages will be upgraded: libnss-systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libpam-systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libsystemd0 (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) libudev1 (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd-sysv (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) systemd-timesyncd (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) udev (245.4-4ubuntu3.4 => 245.4-4ubuntu3.5) 8 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 5845 kB of archives. After this operation, 15.4 kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libnss-systemd amd64 245.4-4ubuntu3.5 [95.8 kB] Get:2 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 udev amd64 245.4-4ubuntu3.5 [1366 kB] Get:3 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libudev1 amd64 245.4-4ubuntu3.5 [81.2 kB] Get:4 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd-sysv amd64 245.4-4ubuntu3.5 [10.3 kB] Get:5 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd-timesyncd amd64 245.4-4ubuntu3.5 [28.1 kB] Get:6 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libpam-systemd amd64 245.4-4ubuntu3.5 [186 kB] Get:7 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 systemd amd64 245.4-4ubuntu3.5 [3805 kB] Get:8 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 libsystemd0 amd64 245.4-4ubuntu3.5 [274 kB] Fetched 5845 kB in 2s (2391 kB/s) ... Setting up libnss-systemd:amd64 (245.4-4ubuntu3.5) ... Setting up libpam-systemd:amd64 (245.4-4ubuntu3.5) ... Processing triggers for libc-bin (2.31-0ubuntu9.2) ... Processing triggers for dbus (1.12.16-2ubuntu2.1) ... root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin ** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1902236 Title: Duplicated root and nobody returned by getent on Focal Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Committed Bug description: [impact] getent password or getent group returns duplicate, false/synthesized, entries for root and nobody [test case] root@lp1902236-f:~# getent passwd | grep root root:x:0:0:root:/root:/bin/bash root:x:0:0:root:/root:/bin/sh root@lp1902236-f:~# getent group | grep root root:x:0: root:x:0: root@lp1902236-f:~# getent passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/:/usr/sbin/nologin root@lp1902236-f:~# getent group | grep nogroup nogroup:x:65534: nogroup:x:65534: [regression potential] any regression would likely result in incorrect results to calls to getent or other programs using libnss-systemd [scope] this is needed only for f this was fixed upstream by commit 9494da41c271bb9519d3484b6016526a72cc6be5 which was included first in v246, so this is fixed in g and later already. b and earlier doesn't show the duplication. [original description] * Summary systemd's NSS integration causes getent passwd/group to return duplicated entries for root/root and nobody/nogroup. The root account also gets a different shell (/bin/sh instead of /bin/bash). * Steps to reproduce: 1) create a container $ lxc launch images:ubuntu/focal test-nobody 2) check the root and nobody accounts $ lxc exec test-nobody -- getent passwd | grep -E '^(root|nobody):' 3) check the root and nogroup groups $ lxc exec test-nobody -- getent group | grep -E '^(root|nogroup):' 2 and 3 should report a single entry for each account/group but they return dups like this: root:x:0:0:root:/root:/bin/bash nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root:x:0:0:root:/root:/bin/sh nobody:x:65534:65534:nobody:/:/usr/sbin/nologin * Description The problem seems to come from the NSS integration: $ lxc exec test-nobody -- grep -wF systemd /etc/nsswitch.conf passwd: files systemd group: files systemd as the /etc/passwd and /etc/group file contain no dups: $ lxc exec test-nobody -- grep ^nobody: /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin $ lxc exec test-nobody -- grep ^nogroup: /etc/group nogroup:x:65534: Removing systemd from /etc/nsswitch.conf indeed removes the dup. An alternative way of seeing what systemd adds on top of the flat files: $ lxc exec test-nobody -- bash -c 'diff -u /etc/passwd <(getent passwd)' --- /etc/passwd 2020-10-30 13:07:52.219261001 +0000 +++ /dev/fd/63 2020-10-30 13:29:38.396928732 +0000 @@ -24,3 +24,5 @@ _apt:x:105:65534::/nonexistent:/usr/sbin/nologin ubuntu:x:1000:1000::/home/ubuntu:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +root:x:0:0:root:/root:/bin/sh +nobody:x:65534:65534:nobody:/:/usr/sbin/nologin $ lxc exec test-nobody -- bash -c 'diff -u /etc/group <(getent group)' --- /etc/group 2020-10-30 13:07:52.211261089 +0000 +++ /dev/fd/63 2020-10-30 13:29:45.892846747 +0000 @@ -50,3 +50,5 @@ ubuntu:x:1000: ssh:x:111: systemd-coredump:x:999: +root:x:0: +nogroup:x:65534: * Additional information This bug seems to occur on Focal alone as Bionic and Groovy are not affected. $ lsb_release -rd Description: Ubuntu 20.04.1 LTS Release: 20.04 $ apt-cache policy base-passwd systemd base-passwd: Installed: 3.5.47 Candidate: 3.5.47 Version table: *** 3.5.47 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status systemd: Installed: 245.4-4ubuntu3.2 Candidate: 245.4-4ubuntu3.2 Version table: *** 245.4-4ubuntu3.2 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 245.4-4ubuntu3 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1902236/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp