Bug 244620 - fedora-groupadd and fedora-useradd seem to ignore -r option
fedora-groupadd and fedora-useradd seem to ignore -r option
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: fedora-usermgmt (Show other bugs)
7
All Linux
low Severity medium
: ---
: ---
Assigned To: Enrico Scholz
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 244611
  Show dependency treegraph
 
Reported: 2007-06-18 00:58 EDT by Bernard Johnson
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-18 19:24:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Bernard Johnson 2007-06-18 00:58:39 EDT
Description of problem:
When I attempt to setup a system account (non-specified uid) by giving the -r
option to fedora-groupadd and fedora-useradd, it seems to ignore it.

$ grep UID_MIN /etc/login.defs 
UID_MIN                   500

From spec file:
%define         registry_uid  %nil
%define         registry_name dbmail

%pre
/usr/sbin/fedora-groupadd %registry_uid -r %registry_name &> /dev/null || :
/usr/sbin/fedora-useradd  %registry_uid -r -s /sbin/nologin -d / -M           \
               -c "DBMail Daemon Account" -g %registry_name %registry_name    \
               &> /dev/null || :


Installing package:
# id dbmail
id: dbmail: No such user
# yum install dbmail
Loading "installonlyn" plugin
Loading "presto" plugin
Setting up Presto
Reading Presto metadata in from local files
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package dbmail.i386 0:2.2.5-2.fc7 set to be updated

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 dbmail                  i386       2.2.5-2.fc7      updates           370 k

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 370 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): dbmail-2.2.5-2.fc7 100% |=========================| 370 kB    00:00     
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: dbmail                       ######################### [1/1] 

Installed: dbmail.i386 0:2.2.5-2.fc7
Complete!
# id dbmail
uid=504(dbmail) gid=504(dbmail) groups=504(dbmail)
context=user_u:system_r:unconfined_t


Version-Release number of selected component (if applicable):
fedora-usermgmt-0.9-2.fc7

How reproducible:
Always
Comment 1 Enrico Scholz 2007-06-18 03:38:46 EDT
| %define         registry_uid  %nil

is probably the problem. You must use a numeric value there. An empty value will
mess the cmdline arguments.
Comment 2 Bernard Johnson 2007-06-18 04:39:52 EDT
That seems a little broken.  Why can't I just specify no uid and get whatever
system uid is available?
Comment 3 Bernard Johnson 2007-06-18 04:42:12 EDT
# cat usermgmt 
Mon Jun 18 02:36:43 MDT 2007 [20926]: 'userdel' dbmail
Mon Jun 18 02:36:43 MDT 2007 [20956]: 'groupdel' dbmail
groupdel: group dbmail does not exist
Mon Jun 18 02:36:43 MDT 2007 [20956]: failed with '6'
Mon Jun 18 02:38:03 MDT 2007 [21104]: '/etc/fedora/usermgmt/scripts/groupadd'
300 dbmail
Mon Jun 18 02:38:03 MDT 2007 [21131]: '/etc/fedora/usermgmt/scripts/useradd' 300
-s /sbin/nologin -d / -M -c DBMail Daemon Account -g dbmail dbmail
Creating mailbox file: File exists
[root@snowflake log]# id dbmail
uid=504(dbmail) gid=504(dbmail) groups=504(dbmail)
context=user_u:system_r:unconfined_t


Looks like it tried 300, but I somehow got 504?
Comment 4 Enrico Scholz 2007-06-18 07:38:00 EDT
You have to register the user at
http://fedoraproject.org/wiki/PackageUserRegistry  (just add a new line with a
subsequent id) and take the number from there.

When fedora-usermgmt is unconfigured, you will get the next free uid. When it is
configured, the user will be created with a predictable uid (which is
some-configured-base + the-number).

The '300' in the logfile output is caused by converting '-r' into an integer and
adding it to the preconfigured base of '300'. This hint will be ignored by
unconfigured fedora-usermgmt installations and a normal user be added.
Comment 5 Bernard Johnson 2007-06-18 14:57:03 EDT
(In reply to comment #4)
> You have to register the user at
> http://fedoraproject.org/wiki/PackageUserRegistry  (just add a new line with a
> subsequent id) and take the number from there.

I understand that, but just haven't gotten around to it yet.  I think you're
missing my point, or perhaps I'm not making it well understood what my complaint is.

> When fedora-usermgmt is unconfigured, you will get the next free uid. When it is
> configured, the user will be created with a predictable uid (which is
> some-configured-base + the-number).
> 
> The '300' in the logfile output is caused by converting '-r' into an integer and
> adding it to the preconfigured base of '300'. This hint will be ignored by
> unconfigured fedora-usermgmt installations and a normal user be added.

My expectation is that fedora-usermgmt doesn't break in areas that
useradd/groupadd work.

# adduser -u 110 -r foo
# id foo
uid=110(foo) gid=110(foo) groups=110(foo) context=user_u:system_r:unconfined_t

(created a system account by specifying uid)

# adduser -r bar
# id bar
uid=499(bar) gid=499(bar) groups=499(bar) context=user_u:system_r:unconfined_t

(created a system account by without specifying uid)

Comment 6 Enrico Scholz 2007-06-18 19:24:19 EDT
You are using 'fedora-usermgmt' in a wrong way. You *have* to give a (numeric)
offset. Else you are breaking the CLI which expects arguments in a certain order.
Comment 7 Bernard Johnson 2007-06-18 19:46:11 EDT
If it's being used in error, then it should generate an error.

If it's a "wrapper" for groupadd/useradd then it should have similar behavior
(not silently break when no uid is used)

It should also not ignore options for which it can't process (-r in this case if
there is an error).

At the very least, it should be documented that there is a difference between
fedora-usermgmt tools and useradd/groupadd in behavior (uid can not be ommitted
with -r for a system account with no static uid).
Comment 8 Enrico Scholz 2007-06-19 03:04:21 EDT
By default, fedora-usermgmt has exactly the same behavior as useradd.

# fedora-useradd 42 -r foo
# id foo
uid=499(foo) gid=499(foo) Gruppen=499(foo)

# fedora-useradd 42 -r bar -u 200
# id bar
uid=200(bar) gid=200(bar) Gruppen=200(bar)


I will see what I can do about detecting wrong arguments. But because it is used
usually as '&>/dev/null || :', there won't be an visible effect.

Note You need to log in before you can comment on or make changes to this bug.