| 1 |
Hi, |
| 2 |
|
| 3 |
On my 2 Gentoo machines, users have a strange problem of group |
| 4 |
membership. When using 'id' or 'groups' without arguments, the list of |
| 5 |
groups includes those from the root user, and groups common to the |
| 6 |
user and root are duplicated, like wheel, video, allowssh. |
| 7 |
I observed that the list of groups is incorrect only in a KDE session, |
| 8 |
either in Konsole or xterm, but the list of groups is correct in other |
| 9 |
kinds of sessions like on a TTY or through SSH. |
| 10 |
After a reboot, the problem disappears for a while, but comes again, |
| 11 |
and I didn't find what could trigger it. |
| 12 |
I can't figure what KDE could have to do with user groups returned by |
| 13 |
the kernel ! |
| 14 |
|
| 15 |
Does anyone have a hint on the origin of this problem ? |
| 16 |
|
| 17 |
mick@xxx ~ $ groups |
| 18 |
root bin daemon sys adm disk wheel wheel floppy uucp cron audio cdrom |
| 19 |
dialout tape video video games cdrw apache usb vboxusers portage |
| 20 |
allowssh allowssh svn users mick |
| 21 |
mick@xxx ~ $ id |
| 22 |
uid=1001(mick) gid=1001(mick) |
| 23 |
groupes=1001(mick),0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),16(cron),18(audio),19(cdrom),20(dialout),26(tape),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users) |
| 24 |
|
| 25 |
When run with a login, the list is correct |
| 26 |
|
| 27 |
mick@xxx ~ $ groups mick |
| 28 |
wheel cron audio cdrom video games cdrw apache usb vboxusers portage |
| 29 |
allowssh svn users mick |
| 30 |
mick@xxx ~ $ groups root |
| 31 |
root bin daemon sys adm disk wheel floppy uucp dialout tape video allowssh |
| 32 |
mick@xxx ~ $ id mick |
| 33 |
uid=1001(mick) gid=1001(mick) |
| 34 |
groupes=1001(mick),10(wheel),16(cron),18(audio),19(cdrom),27(video),35(games),80(cdrw),81(apache),85(usb),102(vboxusers),250(portage),800(allowssh),909(svn),1000(users) |
| 35 |
mick@xxx ~ $ id root |
| 36 |
uid=0(root) gid=0(root) |
| 37 |
groupes=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),14(uucp),20(dialout),26(tape),27(video),800(allowssh) |
| 38 |
|
| 39 |
As far as I can tell the contents of '/etc/passwd' and '/etc/group' is |
| 40 |
also correct. |
| 41 |
|
| 42 |
mick@xxx ~ $ egrep 'mick|root' /etc/passwd |
| 43 |
root:x:0:0:root:/root:/bin/bash |
| 44 |
operator:x:11:0:operator:/root:/bin/bash |
| 45 |
mick:x:1001:1001::/home/mick:/bin/bash |
| 46 |
|
| 47 |
mick@xxx ~ $ egrep 'mick|root' /etc/group |
| 48 |
root:x:0:root |
| 49 |
bin:x:1:root,bin,daemon |
| 50 |
daemon:x:2:root,bin,daemon |
| 51 |
sys:x:3:root,bin,adm |
| 52 |
adm:x:4:root,adm,daemon |
| 53 |
disk:x:6:root,adm,haldaemon |
| 54 |
wheel:x:10:root,mick,jef,apache,anne |
| 55 |
floppy:x:11:root,haldaemon |
| 56 |
uucp:x:14:root |
| 57 |
cron:x:16:cron,mick,apache |
| 58 |
audio:x:18:famille,mick,jef,juliette,victor,anne,pulse,sddm |
| 59 |
cdrom:x:19:famille,mick,haldaemon,jef,juliette,victor,anne |
| 60 |
dialout:x:20:root |
| 61 |
tape:x:26:root |
| 62 |
video:x:27:root,famille,mick,jef,juliette,victor,anne,oracle,sddm |
| 63 |
games:x:35:famille,mick,jef,juliette,victor,anne |
| 64 |
cdrw:x:80:famille,mick,haldaemon |
| 65 |
apache:x:81:famille,jef,mick |
| 66 |
usb:x:85:famille,mick,haldaemon,juliette,victor,anne |
| 67 |
vboxusers:x:102:famille,vbox,mick,jef |
| 68 |
portage:x:250:portage,famille,mick,jef,apache |
| 69 |
allowssh:x:800:mick,jef,root,anne,juliette,victor |
| 70 |
svn:x:909:famille,jef,mick,tracd |
| 71 |
users:x:1000:mick,jef,apache,juliette,victor,offlineimap,anne |
| 72 |
mick:x:1001:mick |
| 73 |
|
| 74 |
The difference in output between 'id' and 'id mick' happens because |
| 75 |
'id' calls the syscall 'getgroups' in the first case, but not in the |
| 76 |
other, as I could see with 'strace' |
| 77 |
|
| 78 |
mick@xxx $ strace id |
| 79 |
[...] |
| 80 |
getgroups(0, NULL) = 29 |
| 81 |
getgroups(29, [0, 1, 2, 3, 4, 6, 10, 10, 11, 14, 16, 18, 19, 20, 26, |
| 82 |
27, 27, 33, 35, 80, 81, 85, 102, 250, 800, 800, 909, 1000, 1001]) = 29 |
| 83 |
[...] |
| 84 |
|
| 85 |
mick@xxx $ strace id mick |
| 86 |
[...] |
| 87 |
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT |
| 88 |
(Aucun fichier ou dossier de ce type) |
| 89 |
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3 |
| 90 |
lseek(3, 0, SEEK_CUR) = 0 |
| 91 |
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0 |
| 92 |
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978 |
| 93 |
lseek(3, 0, SEEK_CUR) = 1978 |
| 94 |
[...repeated] |
| 95 |
lseek(3, 0, SEEK_CUR) = 1978 |
| 96 |
read(3, "", 4096) = 0 |
| 97 |
close(3) = 0 |
| 98 |
openat(AT_FDCWD, "/var/db/group.db", O_RDONLY|O_CLOEXEC) = -1 ENOENT |
| 99 |
(Aucun fichier ou dossier de ce type) |
| 100 |
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3 |
| 101 |
lseek(3, 0, SEEK_CUR) = 0 |
| 102 |
fstat(3, {st_mode=S_IFREG|0644, st_size=1978, ...}) = 0 |
| 103 |
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 1978 |
| 104 |
lseek(3, 0, SEEK_CUR) = 1978 |
| 105 |
[...repeated] |
| 106 |
lseek(3, 0, SEEK_CUR) = 1978 |
| 107 |
read(3, "", 4096) = 0 |
| 108 |
close(3) = 0 |
| 109 |
[...] |
| 110 |
|
| 111 |
mick@xxx ~ # uname -a |
| 112 |
Linux xxx 4.19.27-gentoo-r1 #1 SMP Mon Apr 1 14:38:01 CEST 2019 x86_64 |
| 113 |
Intel(R) Celeron(R) CPU G1610T @ 2.30GHz GenuineIntel GNU/Linux |
| 114 |
|
| 115 |
Thanks |
| 116 |
|
| 117 |
Best regards |
| 118 |
Mickaël Bucas |
Archives