1 |
Hi, |
2 |
|
3 |
On my 2 Gentoo machines, users have a strange problem of group |
4 |
membership. When using 'id' or 'groups' without arguments, the list of |
5 |
groups includes those from the root user, and groups common to the |
6 |
user and root are duplicated, like wheel, video, allowssh. |
7 |
I observed that the list of groups is incorrect only in a KDE session, |
8 |
either in Konsole or xterm, but the list of groups is correct in other |
9 |
kinds of sessions like on a TTY or through SSH. |
10 |
After a reboot, the problem disappears for a while, but comes again, |
11 |
and I didn't find what could trigger it. |
12 |
I can't figure what KDE could have to do with user groups returned by |
13 |
the kernel ! |
14 |
|
15 |
Does anyone have a hint on the origin of this problem ? |
16 |
|
17 |
mick@xxx ~ $ groups |
18 |
root bin daemon sys adm disk wheel wheel floppy uucp cron audio cdrom |
19 |
dialout tape video video games cdrw apache usb vboxusers portage |
20 |
allowssh allowssh svn users mick |
21 |
mick@xxx ~ $ id |
22 |
uid=1001(mick) gid=1001(mick) |
23 |
groupes=1001(mick),0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),16(cron),18(audio),19(cdrom),20(dialout),26(tape),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users) |
24 |
|
25 |
When run with a login, the list is correct |
26 |
|
27 |
mick@xxx ~ $ groups mick |
28 |
wheel cron audio cdrom video games cdrw apache usb vboxusers portage |
29 |
allowssh svn users mick |
30 |
mick@xxx ~ $ groups root |
31 |
root bin daemon sys adm disk wheel floppy uucp dialout tape video allowssh |
32 |
mick@xxx ~ $ id mick |
33 |
uid=1001(mick) gid=1001(mick) |
34 |
groupes=1001(mick),10(wheel),16(cron),18(audio),19(cdrom),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users) |
35 |
mick@xxx ~ $ id root |
36 |
uid=0(root) gid=0(root) |
37 |
groupes=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),20(dialout),26(tape),27(video),800(allowssh) |
38 |
|
39 |
As far as I can tell the contents of '/etc/passwd' and '/etc/group' is |
40 |
also correct. |
41 |
|
42 |
mick@xxx ~ $ egrep 'mick|root' /etc/passwd |
43 |
root:x:0:0:root:/root:/bin/bash |
44 |
operator:x:11:0:operator:/root:/bin/bash |
45 |
mick:x:1001:1001::/home/mick:/bin/bash |
46 |
|
47 |
mick@xxx ~ $ egrep 'mick|root' /etc/group |
48 |
root:x:0:root |
49 |
bin:x:1:root,bin,daemon |
50 |
daemon:x:2:root,bin,daemon |
51 |
sys:x:3:root,bin,adm |
52 |
adm:x:4:root,adm,daemon |
53 |
disk:x:6:root,adm,haldaemon |
54 |
wheel:x:10:root,mick,jef,apache,anne |
55 |
floppy:x:11:root,haldaemon |
56 |
uucp:x:14:root |
57 |
cron:x:16:cron,mick,apache |
58 |
audio:x:18:famille,mick,jef,juliette,victor,anne,pulse,sddm |
59 |
cdrom:x:19:famille,mick,haldaemon,jef,juliette,victor,anne |
60 |
dialout:x:20:root |
61 |
tape:x:26:root |
62 |
video:x:27:root,famille,mick,jef,juliette,victor,anne,oracle,sddm |
63 |
games:x:35:famille,mick,jef,juliette,victor,anne |
64 |
cdrw:x:80:famille,mick,haldaemon |
65 |
apache:x:81:famille,jef,mick |
66 |
usb:x:85:famille,mick,haldaemon,juliette,victor,anne |
67 |
vboxusers:x:102:famille,vbox,mick,jef |
68 |
portage:x:250:portage,famille,mick,jef,apache |
69 |
allowssh:x:800:mick,jef,root,anne,juliette,victor |
70 |
svn:x:909:famille,jef,mick,tracd |
71 |
users:x:1000:mick,jef,apache,juliette,victor,offlineimap,anne |
72 |
mick:x:1001:mick |
73 |
|
74 |
The difference in output between 'id' and 'id mick' happens because |
75 |
'id' calls the syscall 'getgroups' in the first case, but not in the |
76 |
other, as I could see with 'strace' |
77 |
|
78 |
mick@xxx $ strace id |
79 |
[...] |
80 |
getgroups(0, NULL) = 29 |
81 |
getgroups(29, [0, 1, 2, 3, 4, 6, 10, 10, 11, 14, 16, 18, 19, 20, 26, |
82 |
27, 27, 33, 35, 80, 81, 85, 102, 250, 800, 800, 909, 1000, 1001]) = 29 |
83 |
[...] |
84 |
|
85 |
mick@xxx $ strace id mick |
86 |
[...] |
87 |
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT |
88 |
(Aucun fichier ou dossier de ce type) |
89 |
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3 |
90 |
lseek(3, 0, SEEK_CUR) = 0 |
91 |
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0 |
92 |
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978 |
93 |
lseek(3, 0, SEEK_CUR) = 1978 |
94 |
[...repeated] |
95 |
lseek(3, 0, SEEK_CUR) = 1978 |
96 |
read(3, "", 4096) = 0 |
97 |
close(3) = 0 |
98 |
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT |
99 |
(Aucun fichier ou dossier de ce type) |
100 |
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3 |
101 |
lseek(3, 0, SEEK_CUR) = 0 |
102 |
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0 |
103 |
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978 |
104 |
lseek(3, 0, SEEK_CUR) = 1978 |
105 |
[...repeated] |
106 |
lseek(3, 0, SEEK_CUR) = 1978 |
107 |
read(3, "", 4096) = 0 |
108 |
close(3) = 0 |
109 |
[...] |
110 |
|
111 |
mick@xxx ~ # uname -a |
112 |
Linux xxx 4.19.27-gentoo-r1 #1 SMP Mon Apr 1 14:38:01 CEST 2019 x86_64 |
113 |
Intel(R) Celeron(R) CPU G1610T @ 2.30GHz GenuineIntel GNU/Linux |
114 |
|
115 |
Thanks |
116 |
|
117 |
Best regards |
118 |
Mickaël Bucas |