2421340 – [EPEL 10] exim package installation fails to set correct ownership/permissions for /var/spool/exim due to systemd-sysusers timing

Bug 2421340 - [EPEL 10] exim package installation fails to set correct ownership/permissions for /var/spool/exim due to systemd-sysusers timing

Summary: [EPEL 10] exim package installation fails to set correct ownership/permission...

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	exim
Sub Component:
Version:	epel10
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Jaroslav Škarvada
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-12-11 06:31 UTC by iab
Modified:	2026-01-03 19:44 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description iab 2025-12-11 06:31:11 UTC

Description of problem:

When installing the exim package from EPEL 10 repository on AlmaLinux 10 (or similar RHEL 10 derivative), the RPM installation process displays warnings related to missing user/group, and consequently, the critical /var/spool/exim directories are created with incorrect ownership (root:root) instead of the required exim:exim.

This is a regression introduced by the change in the package's user/group creation method from the traditional %pre scriptlet (useradd/groupadd) in EPEL 9 to using the systemd-sysusers configuration file in EPEL 10.

Version-Release number of selected component (if applicable):

exim-4.98.2-2.el10_1.x86_64

How reproducible:


Steps to Reproduce:

1. Ensure EPEL 10 repository is enabled on a clean AlmaLinux 10 system

2. Install the package:

```bash
sudo dnf -d 9 install exim
```

Actual results:
1. During the package installation phase, the RPM utility prints multiple warnings:

```bash
...
Installing       : exim-4.98.2-2.el10_1.x86_64  
warning: user exim does not exist - using root
warning: group exim does not exist - using root
[... repeated warnings ...]
...
Running scriptlet: exim-4.98.2-2.el10_1.x86_64
Creating group 'exim' with GID 93.
Creating user 'exim' (n/a) with UID 93 and GID 93.
```

2. The resulting ownership of the spool directories is incorrect (root:root):

```bash
ls -la /var/spool/exim/
# Expected: drwxr-x--- 5 exim exim
# Actual:   drwxr-x--- 5 root root 43 Dec 11 05:05 .
```

3. The MTA fails to function correctly (e.g., cannot write queue files) due to incorrect permissions.


Expected results:

The spool directory /var/spool/exim/ and its subdirectories (db, input, msglog) should be owned by exim:exim, as defined by the %defattr directive in the spec file:

```bash
%defattr(-,exim,exim)
%dir %{_var}/spool/exim
%dir %{_var}/spool/exim/db
# ...
```

Additional info:
The issue is a timing problem inherent to the systemd-sysusers method: the file ownership application (via %defattr) occurs before the exim user and group are fully created and recognized by the system at the time of file extraction.

To resolve this, the package maintainer should reintroduce an explicit ownership change in a post-installation scriptlet (%post), after the exim user and group have been ensured to exist:

Comment 1 Jaroslav Škarvada 2026-01-03 19:44:03 UTC

I guess this is AlmaLinux bug. The feature has to be enabled in RPM. Although I am not a fan of systemd-sysusers, the declarative approach is definitely a step forward in comparison to the hackish %pre scripts. IMHO all packages will be sooner or later converted to it:
https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers

Note You need to log in before you can comment on or make changes to this bug.