systemd-coredump user is created by something other than its derived systemd packages

Bug #1915936 reported by Eric Desrochers
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Debian)
Fix Released
Unknown
systemd (Ubuntu)
Fix Released
Wishlist
Unassigned
Bionic
Won't Fix
Wishlist
Unassigned
Focal
Won't Fix
Wishlist
Unassigned
Groovy
Won't Fix
Wishlist
Unassigned
Hirsute
Won't Fix
Wishlist
Unassigned
Impish
Won't Fix
Wishlist
Unassigned

Bug Description

systemd-coredump binary package is instructed as follows:

#debian/systemd-coredump.postinst:
adduser --quiet --system --group --no-create-home --home /run/systemd \
--gecos "systemd Core Dumper" systemd-coredump

But one doesn't need this package to be installed to have the systemd-coredump user created. This was taken from a focal 20.04.2 fresh installation (Right after a vanilla installation):

# cat /etc/passwd:
...
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
...

# dpkg -l | grep -i systemd
ii dbus-user-session 1.12.16-2ubuntu2.1 amd64 simple interprocess messaging system (systemd --user integration)
ii libnss-systemd:amd64 245.4-4ubuntu3.4 amd64 nss module providing dynamic user and group name resolution
ii libpam-systemd:amd64 245.4-4ubuntu3.4 amd64 system and service manager - PAM module
ii libsystemd0:amd64 245.4-4ubuntu3.4 amd64 systemd utility library
ii networkd-dispatcher 2.0.1-1 all Dispatcher service for systemd-networkd connection status changes
ii python3-systemd 234-3build2 amd64 Python 3 bindings for systemd
ii systemd 245.4-4ubuntu3.4 amd64 system and service manager
ii systemd-sysv 245.4-4ubuntu3.4 amd64 system and service manager - SysV links
ii systemd-timesyncd 245.4-4ubuntu3.4 amd64 minimalistic service to synchronize local time with NTP servers

# /var/log/syslog
syslog:Feb 17 15:31:56 test systemd-sysusers[402]: Creating group systemd-coredump with gid 999.
syslog:Feb 17 15:31:56 test systemd-sysusers[402]: Creating user systemd-coredump (systemd Core Dumper) with uid 999 and gid 999.

Additionnally, you may notice the home directory during the user creation at installation sets it to "/" as opposed to "/run/systemd" directive in the appropriate postint. It is contradictory.

* Why systemd-coredump user is created at installation time and/or without 'systemd-coredump' package installed ?
* Why this early creation set the home directory to "/" ?

Tags: seg sts
Eric Desrochers (slashd)
description: updated
summary: - systemd-coredump user is create by something other than a derived
+ systemd-coredump user is create by something other than its derived
systemd packages
Revision history for this message
Eric Desrochers (slashd) wrote : Re: systemd-coredump user is create by something other than its derived systemd packages

sudo /bin/systemd-sysusers --cat-config

# /usr/lib/sysusers.d/systemd.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.

g systemd-journal - -
u systemd-network - "systemd Network Management"
u systemd-resolve - "systemd Resolver"
u systemd-timesync - "systemd Time Synchronization"
u systemd-coredump - "systemd Core Dumper"

Revision history for this message
Eric Desrochers (slashd) wrote :

https://www.freedesktop.org/software/systemd/man/sysusers.d.html#

u
Create a system user and group of the specified name should they not exist yet. The user's primary group will be set to the group bearing the same name unless the ID field specifies it. The account will be created disabled, so that logins are not allowed.

Revision history for this message
Eric Desrochers (slashd) wrote :

Home Directory¶
The home directory for a new system user. If omitted, defaults to the root directory.

Only applies to lines of type u and should otherwise be left unset (or "-"). It is recommended to omit this, unless software strictly requires a home directory to be set.

systemd-sysusers only sets the home directory record in the user database. To actually create the directory, consider adding a corresponding tmpfiles.d(5) fragment.

tags: added: seg sts
Eric Desrochers (slashd)
summary: - systemd-coredump user is create by something other than its derived
+ systemd-coredump user is created by something other than its derived
systemd packages
Revision history for this message
Balint Reczey (rbalint) wrote :

Yes, the user is created using /usr/lib/sysusers.d/systemd.conf .

Revision history for this message
Eric Desrochers (slashd) wrote :

Right, but it doesn't seem right to have it set by default to "/".

Changed in systemd (Debian):
status: Unknown → New
Balint Reczey (rbalint)
Changed in systemd (Ubuntu Hirsute):
importance: Undecided → Wishlist
Changed in systemd (Ubuntu Groovy):
importance: Undecided → Wishlist
Changed in systemd (Ubuntu Focal):
importance: Undecided → Wishlist
Changed in systemd (Ubuntu Bionic):
importance: Undecided → Wishlist
Revision history for this message
Dan Streetman (ddstreet) wrote :

@slashd, this seems to be an issue that should be solved in Debian and then pulled into the development release for Ubuntu, but it doesn't seem like something that needs to be SRUed, right? I'm going to mark the SRU releases wontfix, but if that's incorrect please do feel free to open it back up for sru

Changed in systemd (Ubuntu Bionic):
status: New → Won't Fix
Changed in systemd (Ubuntu Focal):
status: New → Won't Fix
Changed in systemd (Ubuntu Groovy):
status: New → Won't Fix
Changed in systemd (Ubuntu Hirsute):
status: New → Won't Fix
Changed in systemd (Debian):
status: New → Confirmed
Changed in systemd (Debian):
status: Confirmed → Fix Released
Nick Rosbrook (enr0n)
Changed in systemd (Ubuntu Impish):
status: New → Won't Fix
Changed in systemd (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.