buildd system user lacks homedir leading to issues with snaps[and more]

Bug #2083240 reported by John Chittum
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
livecd-rootfs (Ubuntu)
Status tracked in Oracular
Noble
Confirmed
Undecided
Unassigned
Oracular
Confirmed
Undecided
Unassigned

Bug Description

when running a Noble buildd image as a CI runner, the following error occurs

```
Running job phase...
Running test:0
cmd_run.go:1129: WARNING: cannot create user data directory: cannot create snap home dir: mkdir /nonexistent: permission denied
Sorry, home directories outside of /home needs configuration.
See https://forum.snapcraft.io/t/11209 for details.
```

the buildd user is created with the following code in livecd-rootfs/live-build/buildd/02-user.chroot

```
# Create the buildd user and group.
addgroup --gid 2501 buildd
adduser --system --disabled-password --gecos 'Build Daemon user' \
    --ingroup buildd --uid 2001 --shell /bin/bash buildd
mkdir -p /build/buildd
chown buildd:buildd /build/buildd
```

as of 24.04 (maybe earlier), adduser does not create a homedir for system users:

> If no home directory is specified, the default home directory for a new system user is /nonexistent. This directory should never exist on any Debian system, and adduser will never create it automatically.

on jammy and earlier images, the following ends up the user conf

```
buildd:x:2001:2501:Build Daemon user,,,:/home/buildd:/bin/bash
```

and on 24.04

```
buildd:x:2001:2501:Build Daemon user,,,:/nonexistent:/bin/bash
```

this is fixed by adding an explicit `--home /home/buildd` to the user creation call

[ Impact ]

* Current buildd images are unable to use snaps (and likely other issues, since it has assumed an existing $HOME)

* fix has no impact outside buildd, as the fix is only in a buildd hook

[ Test Plan ]

* basic testing:
    * build image locally
    * check the created buildd user does have a homedir
    * attempt to install and run a snap
* expanded testing:
    * NOTE: this may not be possible, depending on how launchpad is able to consume images. if not possible, do not consider blocking, and instead get sign off from the Launchpad team that the basic testing is acceptable
    * build image in launchpad using a PPA of livecd-rootfs
    * point launchpad team to build
    * consume buildd image from the launchpad build
    * execute a build in the qa environment that requires a snap

[ Where problems could occur ]

* if the call is incorrect, no homedir will be made and the fix will fail.
* it's livecd-rootfs, so layers and layers of bash. that can always go wrong.

[ Other Info ]

* we'll need to expedite as this is causing issues in launchpad production now.

John Chittum (jchittum)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in livecd-rootfs (Ubuntu Noble):
status: New → Confirmed
Changed in livecd-rootfs (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.