Bug 1348891

Summary: systemd defines systemd-coredump in sysusers.d/systemd.conf but does not run useradd in scriptlet
Product: [Fedora] Fedora Reporter: Jan Pazdziora (Red Hat) <jpazdziora>
Component: systemdAssignee: systemd-maint
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: johannbg, lnykryn, msekleta, muadda, ssahani, s, systemd-maint, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 00:18:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Pazdziora (Red Hat) 2016-06-22 09:21:39 UTC 
Description of problem:

Since /usr/lib/sysusers.d/systemd.conf contains line

   u systemd-coredump  - "systemd Core Dumper"

but the user is not created by systemd's preinstall scriptlet, files in /etc/get modified in runtime, rather than in install time. That affects auditing and container operations.

Version-Release number of selected component (if applicable):

systemd-229-8.fc24.x86_64

How reproducible:

Deterministic.

Steps to Reproduce:
1. Run docker run --name test-systemd-coredump --rm -ti -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup:ro --tmpfs /run --tmpfs /tmp fedora:24 /usr/sbin/init
2. In second terminal, run docker diff test-systemd-coredump

Actual results:

C /var
C /var/log
C /var/log/journal
A /var/log/journal/a4325dedfa6d465896b20dac2b0b1804
A /var/log/journal/a4325dedfa6d465896b20dac2b0b1804/system.journal
C /var/log/wtmp
A /var/.updated
C /var/lib
C /var/lib/rpm
D /var/lib/rpm/__db.003
D /var/lib/rpm/__db.001
D /var/lib/rpm/__db.002
C /var/lib/systemd
C /var/lib/systemd/catalog
C /var/lib/systemd/catalog/database
C /var/lib/systemd/random-seed
C /var/cache
C /var/cache/ldconfig
C /var/cache/ldconfig/aux-cache
C /etc
C /etc/shadow
C /etc/group
C /etc/mtab
C /etc/passwd-
C /etc/gshadow
A /etc/machine-id
C /etc/group-
A /etc/.updated
C /etc/gshadow-
C /etc/passwd
C /etc/ld.so.cache
C /etc/shadow-

Expected results:

No /etc/passwd*, /etc/*shadow*, or /etc/*group* should be listed.

Additional info:
Comment 1 Zbigniew Jędrzejewski-Szmek 2016-11-04 00:18:01 UTC 

*** This bug has been marked as a duplicate of bug 1309574 ***