Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 830725 - >sys-apps/shadow-4.8.1-r4 breaks subuid/subgid automatic IDs generation
Summary: >sys-apps/shadow-4.8.1-r4 breaks subuid/subgid automatic IDs generation
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-01-07 10:32 UTC by Nikolay Kichukov
Modified: 2022-01-10 13:48 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Nikolay Kichukov 2022-01-07 10:32:44 UTC
After installing a version newer than =sys-apps/shadow-4.8.1-r4 and adding a new local account, the ID ranges in the /etc/sub{u,g}id files are not generated by the incremental logic for next available ID, but are left at 0.

Reproducible: Always

Steps to Reproduce:
1. Install shadow newer than: sys-apps/shadow-4.8.1-r4, ie =sys-apps/shadow-4.9-r3
2. Make sure /etc/sub{u,g}id exist on your system
3. useradd testuser
4. check in /etc/sub{u,g}id and observe how the user is added as: testuser:0:0
Actual Results:  
in /etc/sub{u,g}id and the new user is added as: testuser:0:0

Expected Results:  
in /etc/sub{u,g}id and the new user is added as: 

testuser:NEXT_AVAILABLE_FREE_ID:SUB_UID_COUNT(from /etc/login.defs)

This is a regression. Installing =sys-apps/shadow-4.8.1-r4 fixes the problem.

A workaround can be used while creating the user, ie:

usermod --add-subuids 165536-231072 testuser
usermod --add-subgids 165536-231072 testuser

or modifying the files manually, but that is not ideal.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-01-07 12:00:01 UTC
Thanks. Would you mind reporting this upstream?
Comment 2 Nikolay Kichukov 2022-01-07 15:32:07 UTC
I looked at upstream, this may have been fixed already in version 4.10, see changelog:
"Avoid useradd generating empty subid range (Iker Pedrosa)"

I also see there is a stable version for 4.11 released a few days ago, can we perhaps get a version bump?
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-01-07 15:39:51 UTC
(In reply to Nikolay Kichukov from comment #2)
> I looked at upstream, this may have been fixed already in version 4.10, see
> changelog:
> "Avoid useradd generating empty subid range (Iker Pedrosa)"
> 
> I also see there is a stable version for 4.11 released a few days ago, can
> we perhaps get a version bump?

4.11.1 is already in tree? We don't stable new versions immediately although we can backport fixes if necessary.
Comment 4 Nikolay Kichukov 2022-01-07 17:21:12 UTC
Thanks for the hint ;-)
4.11.1 does solve this problem.
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-01-08 04:56:08 UTC
(In reply to Nikolay Kichukov from comment #4)
> Thanks for the hint ;-)
> 4.11.1 does solve this problem.

Thanks!

I wonder if you could verify for me that https://github.com/shadow-maint/shadow/commit/c4539fc4f9e23874ce1cdd7265fb28d5a44e49eb.patch in /etc/portage/patches with 4.9 works?
Comment 6 Nikolay Kichukov 2022-01-10 10:22:08 UTC
yeah, this patch fixes the problem on 4.9 too.
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-01-10 13:48:54 UTC
(In reply to Nikolay Kichukov from comment #6)
> yeah, this patch fixes the problem on 4.9 too.

Thanks!