Bug 214964

Summary: useradd: uid XXX is not unique
Product: [Retired] Fedora Hosted Projects Reporter: Ralf Corsepius <rc040203>
Component: mockAssignee: Clark Williams <williams>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dcantrell, extras-qa
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 0.9.7-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-03-07 22:05:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ralf Corsepius 2006-11-10 10:36:48 UTC 
Description of problem:
After having worked around
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214951
by adding 
config_opts['chroot_setup_cmd'] = 'groupinstall build-base build-minimal build'
to /etc/mock/redhat-73-i386.cfg

mock -r redhat-73-i386 init
aborts with:
Non-zero return value 4 on executing /usr/sbin/mock-helper chroot
/var/lib/mock/redhat-73-i386/root /bin/su - root -c "/usr/sbin/useradd -m -u
1002 -d /builddir mockbuild"

This error is bogus. uid 1002 is not being used on the guest system.


Version-Release number of selected component (if applicable):
mock-0.6.8-4.fc6

How reproducible:
I am able to deterministically reproduce this effect on several fc6 machines
with selinux enabled. On an fc5 machine, with selinux disabled, this does not occur.


Steps to Reproduce:
1. Apply the fix mentioned above to /etc/mock/redhat-73-i386.
2. mock --debug -r redhat-73-i386 init

Actual results:
DEBUG: Executing /usr/sbin/mock-helper yum --installroot
/var/lib/mock/redhat-73-i386/root groupinstall build-base build-minimal build
...
DEBUG: Executing /usr/sbin/mock-helper chroot /var/lib/mock/redhat-73-i386/root
/bin/su - root -c "/usr/sbin/useradd -m -u 1002 -d /builddir mockbuild"
useradd: uid 1002 is not unique
ending
DEBUG: Executing /usr/sbin/mock-helper umount /var/lib/mock/redhat-73-i386/root/proc
DEBUG: Executing /usr/sbin/mock-helper umount
/var/lib/mock/redhat-73-i386/root/dev/pts
done
Non-zero return value 4 on executing /usr/sbin/mock-helper chroot
/var/lib/mock/redhat-73-i386/root /bin/su - root -c "/usr/sbin/useradd -m -u
1002 -d /builddir mockbuild"

Expected results:
Function.

Additional info:
I presume this to be an selinux issue interferring between "host" and "guest"
resulting from using "/bin/su" on rh7 guests and not using "/sbin/runuser" as it
being used for newer "guests".

An "easy hack" to silence useradd and to let mock succeed would be to use
"useradd -o" in /usr/bin/mock. A proper solution probably would be add "some
appropriate selinux magic".
Comment 1 Ralf Corsepius 2006-12-13 20:54:44 UTC 
Ping?
Comment 2 Clark Williams 2006-12-14 22:20:28 UTC 
I'm looking! Sorry I haven't responded sooner, but other issues at work have
been pressing.

It looks like we have a number of issues that seem to be triggered by SELinux
and I'm trying to figure out what's going on (since we really haven't modified
UID/GID handling in a while). 

Possibly we should add 'useradd' as a config value and let the rhl7 config file
override it to use 'useradd -o'?

Clark
Comment 3 Clark Williams 2008-03-07 22:05:28 UTC 
the great mock rewrite has done a number of things to clean up uid/gid handling
inside the build roots. One thing we've done is removed the launcher and now
manage privleges inside mock itself. 

Closing for now...