Bug 1463902 - Missing home directory for saslauth and qdrouterd
Missing home directory for saslauth and qdrouterd
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Documentation (Show other bugs)
6.2.9
All All
medium Severity medium (vote)
: Unspecified
: --
Assigned To: Julie
Russell Dickenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-22 00:34 EDT by Anand Agrawal
Modified: 2017-10-02 18:57 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-10-02 18:57:42 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 3195122 None None None 2017-09-26 02:27 EDT

  None (edit)
Description Anand Agrawal 2017-06-22 00:34:15 EDT
Document URL: 
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html-single/architecture_guide/#chap-Documentation-Architecture_Guide-Required_Technical_Users

Section Number and Name: 
APPENDIX A. TECHNICAL USERS PROVIDED AND REQUIRED BY SATELLITE

Table A.1. Technical Users Provided and Required by Satellite

Describe the issue: 

In the doc,  it is listed information for saslauth as
saslauth     76      yes     /run/saslauthd    /sbin/nologin

but when checking, the home directory does not exist

user 'saslauth': directory '/run/saslauthd' does not exist
user 'qdrouterd': directory '/var/lib/qdrouterd' does not exist
Suggestions for improvement: 

Additional information:
Comment 1 Pavel Moravec 2017-09-22 03:09:51 EDT
Neither qdrouterd or sasluser requires to have a home directory, both relevant packages (that causes creating of the users) works perfectly without the home directories.

Where that /etc/password comes from?

# rpm -q --scripts cyrus-sasl
preinstall scriptlet (using /bin/sh):
getent group saslauth >/dev/null || groupadd -g 76 -r saslauth
getent passwd saslauth >/dev/null || useradd -r -g saslauth -d /run/saslauthd -s /sbin/nologin -c "Saslauthd user" saslauth
postinstall scriptlet (using /bin/sh):
..

# rpm -q --scripts qpid-dispatch-router
preinstall scriptlet (using /bin/sh):
getent group qdrouterd >/dev/null || groupadd -r qdrouterd
getent passwd qdrouterd >/dev/null || \
  useradd -r -M -g qdrouterd -d /var/lib/qdrouterd -s /sbin/nologin \
    -c "Owner of Qdrouterd Daemons" qdrouterd
exit 0
postinstall scriptlet (using /bin/sh):
..
#


useradd would have to use option -m to create the home dirs, but it isnt used there.

Ted, any reason why qpid-dispatch-router creates the users with home dirs that are not created? Is there a reason for the home dirs at all?
Comment 2 Pavel Moravec 2017-09-22 03:11:05 EDT
Petre,

any reason why cyrus-sasl creates the user with home dir that is not created? Is there a reason for the home dir at all? (see previous comment)
Comment 3 Petr Lautrbach 2017-09-22 07:03:05 EDT
/run/saslauthd directory is created by systemd when saslauthd.service is started - see 'RuntimeDirectory=saslauthd'

^_^ cat /usr/lib/systemd/system/saslauthd.service
[Unit]
Description=SASL authentication daemon.

[Service]
Type=forking
PIDFile=/run/saslauthd/saslauthd.pid
EnvironmentFile=/etc/sysconfig/saslauthd
ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS
RuntimeDirectory=saslauthd

[Install]
WantedBy=multi-user.target


This change was made to make easier running saslauthd as non-root user, see https://bugzilla.redhat.com/show_bug.cgi?id=1188065
Comment 4 Ted Ross 2017-09-22 09:42:56 EDT
(In reply to Pavel Moravec from comment #1)
> Neither qdrouterd or sasluser requires to have a home directory, both
> relevant packages (that causes creating of the users) works perfectly
> without the home directories.
> 
> Where that /etc/password comes from?
> 
> # rpm -q --scripts cyrus-sasl
> preinstall scriptlet (using /bin/sh):
> getent group saslauth >/dev/null || groupadd -g 76 -r saslauth
> getent passwd saslauth >/dev/null || useradd -r -g saslauth -d
> /run/saslauthd -s /sbin/nologin -c "Saslauthd user" saslauth
> postinstall scriptlet (using /bin/sh):
> ..
> 
> # rpm -q --scripts qpid-dispatch-router
> preinstall scriptlet (using /bin/sh):
> getent group qdrouterd >/dev/null || groupadd -r qdrouterd
> getent passwd qdrouterd >/dev/null || \
>   useradd -r -M -g qdrouterd -d /var/lib/qdrouterd -s /sbin/nologin \
>     -c "Owner of Qdrouterd Daemons" qdrouterd
> exit 0
> postinstall scriptlet (using /bin/sh):
> ..
> #
> 
> 
> useradd would have to use option -m to create the home dirs, but it isnt
> used there.
> 
> Ted, any reason why qpid-dispatch-router creates the users with home dirs
> that are not created? Is there a reason for the home dirs at all?

There is no need for home directories for these users.  The users are simply added so there is a user other than root for the running processes.  As far as I know, this is normal configuration for RPMs.

Note You need to log in before you can comment on or make changes to this bug.