No UID checks on rootfs updates
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
live-build (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
livecd-rootfs (Ubuntu) |
Fix Released
|
Critical
|
Stéphane Graber |
Bug Description
Hi,
system-image updates will currently happily deliver an updated /etc/passwd with the list of UIDs reordered. This typically happens when we seed new software that creates a new user upon install.
In a recent update, my /var/crash became owned by autopilot; most likely the UID of whoopsie became the one of autopilot after the update.
In the short-term, we could catch such UID insertions at rootfs creation time, either before or after a rootfs hits the -proposed channel.
In the mid-term, we need a strategy to cope with UID additions/
- for the first image, import /etc/passwd and keep a copy on system-image.u.c
- for updated images, compare /etc/passwd with the server copy; for each new UID, allocate a new system UIDs in the system-image.u.c master database
- remap UIDs from the rootfs tarball to the ones in the system-image.u.c master database
For instance, whoopsie would get a system UID allocated on system-image.u.c the first time it's used in an image, say 120, then it keep that 120 UID for all subsequent images. If a new image comes out of livecd-rootfs with whoopsie as UID 121, we'd remap the UIDs to UID 120 and update /etc/passwd, /var/crash and any other file accordingly.
Perhaps there's a more clever way to deal with this; ideas welcome! I fear that if we allow for UIDs to change in the distributed rootfs, we will have trouble updating all the user owned files, including on removable media, unmounted filesystems, in filesystem snapshots etc.
Cheers,
tags: | added: patch |
Changed in livecd-rootfs (Ubuntu): | |
importance: | High → Critical |
tags: | added: rtm14 |
Keeping a copy on system-image.u.c will not help at all, as the IDs are assigned when building the live filesystem. We'd need the assignments to be actually in a package uploaded to the archive and installed in the image, and for that to be honoured by adduser --system, I think.