Hello I've got a problem in my systemd --user instance that I can't quite grok nor can I explain it very well. Essentially I have no idea what could possibly be going on. Hoping someone here can help. Basically, the OS boots and I can log in. Once I do, I experience the following symptoms: - Nothing setuid, like /usr/bin/pkexec, works. They all report that they must be owned by root - Upon further investigation it turns out all files owned by root/root is now owned by nobody/nobody - Dumping the filesystem (unsquashfs -ll /dev/sdX) reveals that the files are, in fact, owned by root/root on disk - When executing from outside of my systemd --user instance (i.e. log in from tty) - `id` reports `uid=1000(adrian) gid=100(users) groups=100(users),997(wheel)` - `id adrian` reports the same - Files that are supposed to be owned by root/root are owned by root/root - Files that are supposed to be owned by adrian/users are owned by adrian/users - When forked from the systemd --user instance (i.e. in gnome-terminal, or inside `systemd-run --user -S` on the TTY) - `id` reports `uid=1000(adrian) gid=100(users) groups=100(users),65534(nobody)` - `id adrian` reports correctly `uid=1000(adrian) gid=100(users) groups=100(users),997(wheel)` - Files that are supposed to be owned by root/root are owned by nobody/nobody - Files that are supposed to be owned by adrian/users are owned by adrian/users - If I perform the same experiment but logged in as `root` instead of `adrian`, the situation reverses: files actually owned by root/root appear owned by root/root, but files actually owned by adrian/users appear owned by nobody/nobody I initially suspected that something is wrong with my PAM configuration, but it works correctly if I try the commands inside a shell created with `systemd-run -S --uid=adrian --property=PAMName=systemd-user`. So, the environment that the systemd --user instance is executed in is good, but then everything systemd itself forks off is broken. Making user@1000.service run w/ debug logging revealed nothing. The first mention of anything related to this issue is systemd-tmpfiles quitting because of an unsafe transition from /run/user (owned by nobody) to /run/user/1000 (owned by adrian). I'm running a git checkout of systemd 254 at commit 969eb0390f4a94fd95b828ede0588f6c00b293ed. Does anyone have any idea what could possibly be going on? If you need more info I'm happy to provide. Thanks, Adrian
Children of systemd user instance can't see root user
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Children of systemd user instance can't see root user
- From: Adrian Vovk <adrianvovk@xxxxxxxxx>
- Date: Wed, 14 Jun 2023 14:07:22 -0400
- Follow-Ups:
- Re: Children of systemd user instance can't see root user
- From: Luca Boccassi
- Re: Children of systemd user instance can't see root user
- Prev by Date: Re: Support for unmerged-usr systems will be REMOVED in the second half of 2023
- Next by Date: Re: Children of systemd user instance can't see root user
- Previous by thread: Image based OS, CopyBlocks, verity and duplicate UUIDs
- Next by thread: Re: Children of systemd user instance can't see root user
- Index(es):
 |