Public bug reported:
In /usr/share/initramfs-tools/scripts/casper-bottom/25adduser, the UID
of the auto-created live user account is hardcoded to 1000 while the
username and other account details are inherited from /etc/casper.conf.
This occurs when the autogenerated password is set with 'db_set
passwd/user-uid 1000'.
When customising the live environment with a tool such as Cubic, some
installers (e.g. Docker) add new groups that inherit their GID from
/etc/login.defs (i.e. 1000). If this occurs, 25adduser will create a new
user with the next available GID and matching UID, causing the password
reset to fail and preventing login to the automatically created account.
This makes the live environment unusable.
To work around this, you can set GID_MIN in /etc/login.defs to a lower
value, complete the package installations, and reset the GID_MIN to 1000
once done. But it would be better to export the UID value from
/etc/casper.conf like everything else.
Alternatively, one could add functionality to 25adduser which detects
the newly created UID before performing the db_set operation. This may
be overkill and it will probably be easier just to expose the UID to the
administrator in /etc/casper.conf.
This oversight/bug has been present for some time, but for the purposes
of this bug is being reported for Ubuntu 24.04 LTS.
** Affects: casper (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
- In /usr/share/initramfs-tools/scripts/casper-bottom, the UID of the
- auto-created live user account is hardcoded to 1000 while the username
- and other account details are inherited from /etc/casper.conf. This
- occurs when the autogenerated password is set with 'db_set passwd/user-
- uid 1000'.
+ In /usr/share/initramfs-tools/scripts/casper-bottom/25adduser, the UID
+ of the auto-created live user account is hardcoded to 1000 while the
+ username and other account details are inherited from /etc/casper.conf.
+ This occurs when the autogenerated password is set with 'db_set
+ passwd/user-uid 1000'.
When customising the live environment with a tool such as Cubic, some
installers (e.g. Docker) add new groups that inherit their GID from
/etc/login.defs (i.e. 1000). If this occurs, 25adduser will create a new
user with the next available GID and matching UID, causing the password
reset to fail and preventing login to the automatically created account.
This makes the live environment unusable.
To work around this, you can set GID_MIN in /etc/login.defs to a lower
value, complete the package installations, and reset the GID_MIN to 1000
once done. But it would be better to export the UID value from
/etc/casper.conf like everything else.
Alternatively, one could add functionality to 25adduser which detects
the newly created UID before performing the db_set operation. This may
be overkill and it will probably be easier just to expose the UID to the
administrator in /etc/casper.conf.
This oversight/bug has been present for some time, but for the purposes
of this bug is being reported for Ubuntu 24.04 LTS.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2138476
Title:
User creation sometimes fails due to hardcoded UID
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/casper/+bug/2138476/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
