> On Wed, 13 Dec 2023 at 13:59:03 +0100, Harald Dunkel wrote: > > Problem with polkitd.postinst: > > > > "getent passwd polkitd" can fail, even though polkitd can be found > > in /etc/passwd. > > In what situation does this fail?
On Thu, 14 Dec 2023 11:38:16 +0100 Harald Dunkel <harald.dun...@aixigo.com> wrote: > Hi Simon, > > getent queries all databases, as listed in /etc/nsswitch.conf, AFAIU. > I would suggest to use > > getent -s files passwd polkitd > Sorry I do not understand hw this explain in what situatoin `getent passwd polkitd` fails when polkitd user is in /etc/passwd. Could you be more specific? > to query /etc/passwd only and to ignore remote databases based on LDAP > or NIS or similar. polkitd is supposed to be a local system user. > > I stumbled over this during the upgrade Debian 11 --> 12 in a chroot. > Somehow polkitd couldn't be installed because the polkitd user and group > were missing. Actually I am not sure how this happened, but after > manually adding local user and group entries for polkitd installation > succeeded. > If it works in a chroot after adding the polkitd user to /etc/passwd this might be another issue (ie one where polkitd is not in /etc/passwd ). Could you confirm? Could it be that polkitd user was missing from /etc/passwd in the first place and the `getent` code was OK? So the issue would be why polkitd ended up missing in /etc/passwd. I do not see how other NSS databases could relate to this issue. If polkitd was in /etc/passwd, with or without other NSS DBs "getent passwd polkitd" should work>. Does `getent -s files passwd polkitd` really worked while `getent passwd polkitd` did not? Regards, Alban