2186815 – Can't create user and group with the same name and the same UID and GID

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2186815 - Can't create user and group with the same name and the same UID and GID

Summary: Can't create user and group with the same name and the same UID and GID

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	osbuild-composer
Sub Component:
Version:	9.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Image Builder team
QA Contact:	Release Test Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-04-14 14:56 UTC by Jesús Pérez Martínez
Modified:	2023-11-07 08:59 UTC (History)
CC List:	5 users (show)
Fixed In Version:	osbuild-composer-82-1.el9
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-11-07 08:23:36 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:
Flags:	pm-rhel: mirror+

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	osbuild osbuild-composer pull 3390	None	Merged	customizations: create all groups unconditionally	2023-04-19 13:44:02 UTC
Red Hat Issue Tracker	RHELPLAN-154750	None	None	None	2023-04-14 14:57:12 UTC
Red Hat Product Errata	RHEA-2023:6318	None	None	None	2023-11-07 08:23:50 UTC

Description Jesús Pérez Martínez 2023-04-14 14:56:22 UTC

Description of problem:
Currently creating a template with a user and group with the same name, and equal UID and GID is not possible.

Version-Release number of selected component (if applicable):
osbuild-composer-62.1-3.el9_1.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Create a template and define a user with a custom UID and GID. UID and GID must be equal:

[[customizations.user]]
name = "test"
description = "Test Account"
home = "/home/test"
shell = "/usr/bin/bash"
key = ""
uid = 802
gid = 802

2. Use [[customizations.group]] to create the group with the GID we set previously on [[customizations.user]] and the same name as the user:

[[customizations.group]]
name = "test"
gid = 802

3. Try to build the image.

Actual results:
The image build job fails with "useradd: group '802' does not exist"

Expected results:
The image builds correctly, with the user test (UID 802) and the group test (GID 802)

Comment 1 Christophe Besson 2023-06-15 10:56:28 UTC

this bug also existed on RHEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2103933

Comment 4 Alexander Todorov 2023-08-02 09:35:09 UTC

# rpm -q osbuild-composer osbuild
osbuild-composer-86-1.el9.x86_64
osbuild-90-1.el9.noarch
[root@kvm-08-guest38 ~]# cat reproducer.toml 
name = "unexisting-group"
description = "reproducer unexisting group"
version = "0.0.1"
modules = []
groups = []
distro = ""

[[customizations.group]]
name = "foo"
gid = 9045

[[customizations.user]]
name = "foo"
description = "foo user"
password = "$6$R4EexOTlkvDDwsK8$WkL4pU.JGHSO9LmpI/SMKYbunZU.t7BYLsZs1B9m0SeOH4RBICGlbScNRl0jUri3CBwasAd/sdZMkDp4SGoBq."
home = "/home/foo"
shell = "/usr/bin/bash"
groups = ["foo", "wheel"]
uid = 9045
gid = 9045


# composer-cli blueprints push reproducer.toml 
# composer-cli blueprints list
unexisting-group

# composer-cli blueprints show unexisting-group
name = "unexisting-group"
description = "reproducer unexisting group"
version = "0.0.1"
packages = []
modules = []
groups = []
distro = ""

[customizations]

[[customizations.user]]
name = "foo"
description = "foo user"
password = "$6$R4EexOTlkvDDwsK8$WkL4pU.JGHSO9LmpI/SMKYbunZU.t7BYLsZs1B9m0SeOH4RBICGlbScNRl0jUri3CBwasAd/sdZMkDp4SGoBq."
home = "/home/foo"
shell = "/usr/bin/bash"
groups = ["foo", "wheel"]
uid = 9045
gid = 9045

[[customizations.group]]
name = "foo"
gid = 9045


# composer-cli blueprints depsolve unexisting-group
blueprint: unexisting-group v0.0.1
    acl-2.3.1-3.el9.x86_64
    alternatives-1.24-1.el9.x86_64
    audit-libs-3.0.7-104.el9.x86_64
    basesystem-11-13.el9.noarch
    bash-5.1.8-6.el9_1.x86_64
    bzip2-libs-1.0.8-8.el9.x86_64
    ca-certificates-2022.2.54-90.2.el9_0.noarch
    coreutils-8.32-34.el9.x86_64
    coreutils-common-8.32-34.el9.x86_64
    cpio-2.13-16.el9.x86_64
    cracklib-2.9.6-27.el9.x86_64
    cracklib-dicts-2.9.6-27.el9.x86_64
    crypto-policies-20230614-1.git027799d.el9.noarch
    cryptsetup-libs-2.6.0-3.el9.x86_64
    cyrus-sasl-lib-2.1.27-21.el9.x86_64
    1:dbus-1.12.20-8.el9.x86_64
    dbus-broker-28-7.el9.x86_64
    1:dbus-common-1.12.20-8.el9.noarch
    9:device-mapper-1.02.195-3.el9.x86_64
    9:device-mapper-libs-1.02.195-3.el9.x86_64
    dracut-057-38.git20230725.el9.x86_64
    expat-2.5.0-1.el9.x86_64
    filesystem-3.16-2.el9.x86_64
    1:findutils-4.8.0-5.el9.x86_64
    gawk-5.1.0-6.el9.x86_64
    1:gdbm-libs-1.19-4.el9.x86_64
    glibc-2.34-72.el9.x86_64
    glibc-common-2.34-72.el9.x86_64
    glibc-gconv-extra-2.34-72.el9.x86_64
    glibc-minimal-langpack-2.34-72.el9.x86_64
    1:gmp-6.2.0-11.el9.x86_64
    grep-3.6-5.el9.x86_64
    gzip-1.12-1.el9.x86_64
    json-c-0.14-11.el9.x86_64
    kbd-2.4.0-9.el9.x86_64
    kbd-legacy-2.4.0-9.el9.noarch
    kbd-misc-2.4.0-9.el9.noarch
    kernel-5.14.0-347.el9.x86_64
    kernel-core-5.14.0-347.el9.x86_64
    kernel-modules-5.14.0-347.el9.x86_64
    kernel-modules-core-5.14.0-347.el9.x86_64
    keyutils-libs-1.6.3-1.el9.x86_64
    kmod-28-9.el9.x86_64
    kmod-libs-28-9.el9.x86_64
    kpartx-0.8.7-21.el9.x86_64
    krb5-libs-1.20.1-9.el9_2.x86_64
    libacl-2.3.1-3.el9.x86_64
    libattr-2.5.1-3.el9.x86_64
    libblkid-2.37.4-11.el9_2.x86_64
    libbrotli-1.0.9-6.el9.x86_64
    libcap-2.48-9.el9_2.x86_64
    libcap-ng-0.8.2-7.el9.x86_64
    libcom_err-1.46.5-3.el9.x86_64
    libcurl-7.76.1-26.el9.x86_64
    libdb-5.3.28-53.el9.x86_64
    libeconf-0.4.1-3.el9_2.x86_64
    libevent-2.1.12-6.el9.x86_64
    libfdisk-2.37.4-11.el9_2.x86_64
    libffi-3.4.2-8.el9.x86_64
    libgcc-11.4.1-2.1.el9.x86_64
    libgcrypt-1.10.0-10.el9_2.x86_64
    libgpg-error-1.42-5.el9.x86_64
    libidn2-2.3.0-7.el9.x86_64
    libkcapi-1.3.1-3.el9.x86_64
    libkcapi-hmaccalc-1.3.1-3.el9.x86_64
    libmount-2.37.4-11.el9_2.x86_64
    libnghttp2-1.43.0-5.el9.x86_64
    libpsl-0.21.1-5.el9.x86_64
    libpwquality-1.4.4-8.el9.x86_64
    libseccomp-2.5.2-2.el9.x86_64
    libselinux-3.5-1.el9.x86_64
    libsemanage-3.5-2.el9.x86_64
    libsepol-3.5-1.el9.x86_64
    libsigsegv-2.13-4.el9.x86_64
    libsmartcols-2.37.4-11.el9_2.x86_64
    libssh-0.10.4-11.el9.x86_64
    libssh-config-0.10.4-11.el9.noarch
    libtasn1-4.16.0-8.el9_1.x86_64
    libunistring-0.9.10-15.el9.x86_64
    libutempter-1.2.1-6.el9.x86_64
    libuuid-2.37.4-11.el9_2.x86_64
    libverto-0.3.2-3.el9.x86_64
    libxcrypt-4.4.18-3.el9.x86_64
    libzstd-1.5.1-2.el9.x86_64
    linux-firmware-20230726-138.el9.noarch
    linux-firmware-whence-20230726-138.el9.noarch
    lz4-libs-1.9.3-5.el9.x86_64
    mpfr-4.1.0-7.el9.x86_64
    ncurses-base-6.2-8.20210508.el9.noarch
    ncurses-libs-6.2-8.20210508.el9.x86_64
    openldap-2.6.3-1.el9.x86_64
    1:openssl-3.0.7-24.el9.x86_64
    1:openssl-libs-3.0.7-24.el9.x86_64
    p11-kit-0.24.1-2.el9.x86_64
    p11-kit-trust-0.24.1-2.el9.x86_64
    pam-1.5.1-15.el9.x86_64
    pcre-8.44-3.el9.3.x86_64
    pcre2-10.40-2.el9.x86_64
    pcre2-syntax-10.40-2.el9.noarch
    pigz-2.5-4.el9.x86_64
    procps-ng-3.3.17-11.el9.x86_64
    publicsuffix-list-dafsa-20210518-3.el9.noarch
    readline-8.1-4.el9.x86_64
    redhat-release-9.3-0.3.el9.x86_64
    redhat-release-eula-9.3-0.3.el9.x86_64
    sed-4.8-9.el9.x86_64
    setup-2.13.7-9.el9.noarch
    2:shadow-utils-4.9-8.el9.x86_64
    systemd-252-16.el9.x86_64
    systemd-libs-252-16.el9.x86_64
    systemd-pam-252-16.el9.x86_64
    systemd-rpm-macros-252-16.el9.noarch
    systemd-udev-252-16.el9.x86_64
    tpm2-tss-3.2.2-2.el9.x86_64
    tzdata-2023c-1.el9.noarch
    util-linux-2.37.4-11.el9_2.x86_64
    util-linux-core-2.37.4-11.el9_2.x86_64
    xz-5.2.5-8.el9_0.x86_64
    xz-libs-5.2.5-8.el9_0.x86_64
    zlib-1.2.11-40.el9.x86_64
    gawk-all-langpacks-5.1.0-6.el9.x86_64


# composer-cli compose start unexisting-group qcow2
Compose 078fc41c-4d85-4e0e-9b8a-705fa28946a5 added to the queue

# composer-cli compose list
ID                                     Status    Blueprint          Version   Type
078fc41c-4d85-4e0e-9b8a-705fa28946a5   RUNNING   unexisting-group   0.0.1     qcow2


# composer-cli compose list
ID                                     Status     Blueprint          Version   Type
078fc41c-4d85-4e0e-9b8a-705fa28946a5   FINISHED   unexisting-group   0.0.1     qcow2


# composer-cli compose image 078fc41c-4d85-4e0e-9b8a-705fa28946a5
078fc41c-4d85-4e0e-9b8a-705fa28946a5-disk.qcow2


# qemu-nbd --connect=/dev/nbd0 ./078fc41c-4d85-4e0e-9b8a-705fa28946a5-disk.qcow2 

# fdisk -l /dev/nbd0
Disk /dev/nbd0: 10 GiB, 10737418240 bytes, 20971520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: D209C89E-EA5E-4FBD-B161-B461CCE297E0

Device        Start      End  Sectors  Size Type
/dev/nbd0p1    2048     4095     2048    1M BIOS boot
/dev/nbd0p2    4096   413695   409600  200M EFI System
/dev/nbd0p3  413696  1437695  1024000  500M Linux extended boot
/dev/nbd0p4 1437696 20971486 19533791  9.3G Linux filesystem


# mount /dev/nbd0p4 /mnt/image/

# ls -l /mnt/image/etc/passwd
-rw-r--r--. 1 root root 1389 Aug  2 05:03 /mnt/image/etc/passwd

# grep foo /mnt/image/etc/passwd
foo:x:9045:9045:foo user:/home/foo:/usr/bin/bash

# grep foo /mnt/image/etc/shadow
foo:$6$R4EexOTlkvDDwsK8$WkL4pU.JGHSO9LmpI/SMKYbunZU.t7BYLsZs1B9m0SeOH4RBICGlbScNRl0jUri3CBwasAd/sdZMkDp4SGoBq.:19571:0:99999:7:::

# grep foo /mnt/image/etc/group
wheel:x:10:foo
foo:x:9045:foo


Image was created successfully and user "foo" and group "foo" were created inside the image. Both with ID of 9045!

Moving to VERIFIED.

Comment 6 errata-xmlrpc 2023-11-07 08:23:36 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (osbuild, osbuild-composer, and cockpit-composer bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:6318

Note You need to log in before you can comment on or make changes to this bug.