On Wed, 14 Jun 2023 at 20:15, Adrian Vovk <adrianvovk@xxxxxxxxx> wrote: > > Hello > > I've got a problem in my systemd --user instance that I can't quite > grok nor can I explain it very well. Essentially I have no idea what > could possibly be going on. Hoping someone here can help. > > Basically, the OS boots and I can log in. Once I do, I experience the > following symptoms: > > - Nothing setuid, like /usr/bin/pkexec, works. They all report that > they must be owned by root > - Upon further investigation it turns out all files owned by root/root > is now owned by nobody/nobody > - Dumping the filesystem (unsquashfs -ll /dev/sdX) reveals that the > files are, in fact, owned by root/root on disk > - When executing from outside of my systemd --user instance (i.e. log > in from tty) > - `id` reports `uid=1000(adrian) gid=100(users) groups=100(users),997(wheel)` > - `id adrian` reports the same > - Files that are supposed to be owned by root/root are owned by root/root > - Files that are supposed to be owned by adrian/users are owned by > adrian/users > - When forked from the systemd --user instance (i.e. in > gnome-terminal, or inside `systemd-run --user -S` on the TTY) > - `id` reports `uid=1000(adrian) gid=100(users) > groups=100(users),65534(nobody)` > - `id adrian` reports correctly `uid=1000(adrian) gid=100(users) > groups=100(users),997(wheel)` > - Files that are supposed to be owned by root/root are owned by nobody/nobody > - Files that are supposed to be owned by adrian/users are owned by > adrian/users > - If I perform the same experiment but logged in as `root` instead of > `adrian`, the situation reverses: files actually owned by root/root > appear owned by root/root, but files actually owned by adrian/users > appear owned by nobody/nobody > > I initially suspected that something is wrong with my PAM > configuration, but it works correctly if I try the commands inside a > shell created with `systemd-run -S --uid=adrian > --property=PAMName=systemd-user`. So, the environment that the systemd > --user instance is executed in is good, but then everything systemd > itself forks off is broken. > > Making user@1000.service run w/ debug logging revealed nothing. The > first mention of anything related to this issue is systemd-tmpfiles > quitting because of an unsafe transition from /run/user (owned by > nobody) to /run/user/1000 (owned by adrian). > > I'm running a git checkout of systemd 254 at commit > 969eb0390f4a94fd95b828ede0588f6c00b293ed. > > Does anyone have any idea what could possibly be going on? If you need > more info I'm happy to provide. https://github.com/systemd/systemd/issues/26744
Re: Children of systemd user instance can't see root user
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Children of systemd user instance can't see root user
- From: Luca Boccassi <luca.boccassi@xxxxxxxxx>
- Date: Wed, 14 Jun 2023 20:24:23 +0100
- Cc: Systemd Devel <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>
- In-reply-to: <CAAdYy_nr2C9jho+Mt2y2xDwBDsTXZx1mQ-Df=ffp3bVQxNYNSg@mail.gmail.com>
- References: <CAAdYy_nr2C9jho+Mt2y2xDwBDsTXZx1mQ-Df=ffp3bVQxNYNSg@mail.gmail.com>
- Follow-Ups:
- Re: Children of systemd user instance can't see root user
- From: Lennart Poettering
- Re: Children of systemd user instance can't see root user
- References:
- Children of systemd user instance can't see root user
- From: Adrian Vovk
- Children of systemd user instance can't see root user
- Prev by Date: Children of systemd user instance can't see root user
- Next by Date: Re: Children of systemd user instance can't see root user
- Previous by thread: Children of systemd user instance can't see root user
- Next by thread: Re: Children of systemd user instance can't see root user
- Index(es):
 |