Bug 175219 - jabberd complains about missing user/group
Summary: jabberd complains about missing user/group
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: jabberd
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Adrian Reber
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 209303 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-12-07 20:56 UTC by Stephen John Smoogen
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-08-30 08:44:47 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
Fixes the problem with user creation (774 bytes, patch)
2007-08-19 14:51 UTC, Sergio Pascual
no flags Details | Diff

Description Stephen John Smoogen 2005-12-07 20:56:17 UTC
Description of problem:

Installing the jabberd rpm from extras-development gives errors 

warning: group jabber does not exist - using root

Version-Release number of selected component (if applicable):

jabberd-2.0.0.s10.8.fc5

How reproducible:

100%


Steps to Reproduce:
1. yum install jabberd
2. lots of errors
3.

Comment 1 Adrian Reber 2005-12-13 07:11:27 UTC
I cannot reproduce this.

Did you have another version of jabberd installed from somewhere else?

What happens if you do:

"useradd -r -d /var/lib/jabberd -m -c "Jabber Server" -s /bin/bash jabber" on
the command line?

Comment 2 Stephen John Smoogen 2005-12-13 15:14:52 UTC
Ack! I am sorry, I forgot to put in the important information:

Using FC5T1 updated to rawhide. Then do a 'yum install jabberd'. Problem shows
up. If I do the useradd command before I run yum, the problem goes away.. I do
not see any error in the installation of the RPM that says a useradd inside of
the rpm failed though.


Comment 3 Adrian Reber 2006-04-02 18:13:37 UTC
I am closing this bug for now, because I could never reproduce it. If someone
sees this behaviour again please reopen this bug or make a new one.

Comment 4 Mike McLean 2007-08-02 19:36:39 UTC
This is happening to me on FC-6 for ppc. I will attach some details.

It repeats for me every time if I uninstall/reinstall. With yum or with rpm
directly.
[root@kallisti ~]# rpm -iv jabberd-2.0-0.s11.11.fc6.ppc.rpm 
Preparing packages for installation...
jabberd-2.0-0.s11.11.fc6
warning: user jabber does not exist - using root
warning: group jabber does not exist - using root
-snip-

More detailed data forthcoming.

Comment 5 Mike McLean 2007-08-02 19:43:09 UTC
fwiw, after installation, there is no jabber user.

I've installed it with rpm -ivv.  The log shows that rpm is running the
scriptlet before the errors happen. I'm not sure what is going wrong, but after
the install there is no jabber user in the system.

If I run the useradd command myself (useradd -r -d /var/lib/jabberd -m -c
'Jabber Server' -s /bin/bash jabber), it does create the user (and of course
jabberd will then install without errors).

Comment 6 Mike McLean 2007-08-02 20:04:12 UTC
While trying to debug this further, I run userdel jabber and tried installing
again. The problem went away. Further investigation revealed that this was
because /var/lib/jabberd was still present. If I remove that directory and
retry, the error recurs.

For a second I thought is was just that, but outside of rpm, if I run the
useradd it succeeds even if the directory is not present.

So I edited the scriptlet with a hex editor to remove the output redirection and
ran the install again.  useradd is indeed failing.

# rpm -iv --nosignature --nodigest foo.ppc.rpm 
Preparing packages for installation...
useradd: cannot create directory /var/lib/jabberd
jabberd-2.0-0.s11.11.fc6
warning: user jabber does not exist - using root

This hinted of selinux fun, so I tried with it disabled (and no preexisting
jabber user or homedir).
[root@kallisti ~]# setenforce 0
[root@kallisti ~]# rpm -iv jabberd-2.0-0.s11.11.fc6.ppc.rpm 
Preparing packages for installation...
jabberd-2.0-0.s11.11.fc6

So it seems selinux doesn't think the directory creation is allowed.  Here are
the denial messages:
Aug  2 16:01:52 localhost kernel: audit(1186084912.125:27): avc:  denied  {
write } for  pid=7108 comm="useradd" name="lib" dev=dm-0 ino=40665090
scontext=user_u:system_r:useradd_t:s0 tcont
ext=system_u:object_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.125:28): avc:  denied  {
add_name } for  pid=7108 comm="useradd" name="jabberd"
scontext=user_u:system_r:useradd_t:s0 tcontext=system_u:ob
ject_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.125:29): avc:  denied  {
create } for  pid=7108 comm="useradd" name="jabberd"
scontext=user_u:system_r:useradd_t:s0 tcontext=user_u:object
_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.125:30): avc:  denied  {
setattr } for  pid=7108 comm="useradd" name="jabberd" dev=dm-0 ino=40730638
scontext=user_u:system_r:useradd_t:s0
 tcontext=user_u:object_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.510:31): avc:  denied  {
write } for  pid=7108 comm="useradd" name="jabberd" dev=dm-0 ino=40730638
scontext=user_u:system_r:useradd_t:s0 t
context=user_u:object_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.510:32): avc:  denied  {
add_name } for  pid=7108 comm="useradd" name=".bash_logout"
scontext=user_u:system_r:useradd_t:s0 tcontext=user_u
:object_r:var_lib_t:s0 tclass=dir
Aug  2 16:01:52 localhost kernel: audit(1186084912.510:33): avc:  denied  {
create } for  pid=7108 comm="useradd" name=".bash_logout"
scontext=user_u:system_r:useradd_t:s0 tcontext=system_u
:object_r:var_lib_t:s0 tclass=file
Aug  2 16:01:52 localhost kernel: audit(1186084912.511:34): avc:  denied  {
setattr } for  pid=7108 comm="useradd" name=".bash_logout" dev=dm-0 ino=40730643
scontext=user_u:system_r:useradd
_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=file
Aug  2 16:01:52 localhost kernel: audit(1186084912.511:35): avc:  denied  {
write } for  pid=7108 comm="useradd" name=".bash_logout" dev=dm-0 ino=40730643
scontext=user_u:system_r:useradd_t
:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=file





Comment 7 Sergio Pascual 2007-08-19 13:04:36 UTC
*** Bug 209303 has been marked as a duplicate of this bug. ***

Comment 8 Sergio Pascual 2007-08-19 14:51:19 UTC
Created attachment 161821 [details]
Fixes the problem with user creation

Comment 9 Sergio Pascual 2007-08-19 14:54:20 UTC
Would you test this patch? It seems to fix the problem, at least in the machines
where I have tested it (f7, i386 and x86_64)

Comment 10 Mike McLean 2007-08-20 19:36:20 UTC
This patch seems inconsistent in that it refers to the directory two different ways:
%{_var}/lib/%{name}
%{_localstatedir}/lib/jabberd

Honestly I'm not sure which one is preferable, but it would seem best to keep it
consistent.

Comment 11 Adrian Reber 2007-08-22 14:25:56 UTC
I will look at the patch in a few days. I just came back from holidays.

Comment 12 Adrian Reber 2007-08-27 10:27:01 UTC
I just did a clean installation of Fedora 7 on ppc64 with selinux enabled and I
cannot reproduce this. I will include your patch but cannot verify it as I
cannot see the problem.

Comment 13 Adrian Reber 2007-08-30 08:44:47 UTC
I have updated the development branch with your patch and have requested a build.


Note You need to log in before you can comment on or make changes to this bug.