Re: Why do UID values of system users matter?
On Mon 19 Aug 2019 at 09:17:21 (-0400), Greg Wooledge wrote: > On Fri, Aug 16, 2019 at 11:03:48PM -0400, Kenneth Parker wrote: > > >From looking at an Ubuntu 16.04 System I administer, User "man" (uid 6) is, > > apparently the owner of /var/cache/man, which appears to be an area for > > translating man pages. Who creates this User? > > I don't know about Ubuntu, because this is debian-user. In Debian, > the preinst script for the base-passwd package will create a bunch > of system users if /etc/passwd is not present, and groups if /etc/group > is not present. > > See /var/lib/dpkg/info/base-passwd.preinst for details. > > One might ponder under what conditions, exactly, this script would be > executed while these files are not yet present. I don't know the inner > workings of the debian-installer, so I'm not sure whether this is just > a safety net, or an expected part of a normal system installation. base-passwd is the first package installed at "Install the base system" which follows "Partition disks", so it would normally expect to be installed into an empty partition. I should add, though, that it gets re-unpacked, re-installed and set up a few seconds later, when about a score of other packages have been set up. I would assume a preinst script would run on the first occurrence. What's odd to me is that the base-passwd preinst file has two Here documents which duplicate its /usr/share/base-passwd/*master files. Perhaps ok for files that only change on a time-scale of decades, but I wonder why the /etc versions are not just copied from the masters. Cheers, David.
Re: Why do UID values of system users matter?
On Mon 19 Aug 2019 at 09:24:59 (-0400), Greg Wooledge wrote:
> On Fri, Aug 16, 2019 at 11:42:12PM -0500, David Wright wrote:
> > Difficult to say. My reaction would be to check the ownership of all
> > non-root-owned files. Because of the potential for trouble like the
> > above, I routinely keep a list on each system.
> >
> > # find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s
> > %s %s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files
>
> The use of $11 here assumes the filename doesn't contain any whitespace.
> It'll break if one does. You'd be better off using GNU find's -printf
> features, than parsing the output of -ls with awk.
Yes, I expect the reason I haven't lost anything in my listing is that
whitespace is sensibly avoided in these system files.
> Looks like you want the username, groupname, and filename. So that would
> be:
>
> find / -mount \( ! group 0 -o ! -user 0 \) -printf '%u %g %p\n' |
> sort -k 3 > /root/non-root-owned-files
Much appreciated improvement. (The - in -group got lost in transcription.)
Using \t tidies up the columniation too:
# find / -mount \( ! -group 0 -o ! -user 0 \) -printf '%u\t%g\t%p\n' | …
Cheers,
David.
Re: Why do UID values of system users matter?
On Fri, Aug 16, 2019 at 11:42:12PM -0500, David Wright wrote:
> Difficult to say. My reaction would be to check the ownership of all
> non-root-owned files. Because of the potential for trouble like the
> above, I routinely keep a list on each system.
>
> # find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s %s
> %s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files
The use of $11 here assumes the filename doesn't contain any whitespace.
It'll break if one does. You'd be better off using GNU find's -printf
features, than parsing the output of -ls with awk.
Looks like you want the username, groupname, and filename. So that would
be:
find / -mount \( ! group 0 -o ! -user 0 \) -printf '%u %g %p\n' |
sort -k 3 > /root/non-root-owned-files
Re: Why do UID values of system users matter?
On Fri, Aug 16, 2019 at 11:03:48PM -0400, Kenneth Parker wrote: > >From looking at an Ubuntu 16.04 System I administer, User "man" (uid 6) is, > apparently the owner of /var/cache/man, which appears to be an area for > translating man pages. Who creates this User? I don't know about Ubuntu, because this is debian-user. In Debian, the preinst script for the base-passwd package will create a bunch of system users if /etc/passwd is not present, and groups if /etc/group is not present. See /var/lib/dpkg/info/base-passwd.preinst for details. One might ponder under what conditions, exactly, this script would be executed while these files are not yet present. I don't know the inner workings of the debian-installer, so I'm not sure whether this is just a safety net, or an expected part of a normal system installation.
Re: Why do UID values of system users matter?
On Sat, Aug 17, 2019 at 04:18:00AM +0200, Steffen Dettmer wrote: > Hi, > > thanks for your quick reply. > > I see, multiboot with different /etc but shared /usr or /local could invite > a lot of trouble if using different UIDs, indeed! Thanks for the quick > explanation. Not only that. A system update changing the UID (without changing the ownership of relevant files) would be at least as confusing. Cheers -- t signature.asc Description: Digital signature
Re: Why do UID values of system users matter?
On Sat 17 Aug 2019 at 04:18:00 (+0200), Steffen Dettmer wrote:
>
> I see, multiboot with different /etc but shared /usr or /local could invite
> a lot of trouble if using different UIDs, indeed! Thanks for the quick
> explanation.
Sure. Most system files can be copied between different /etc
partitions on the same host because they're owned by root.root
or by one of the invariant system users.
But there are a few that can catch you out. For example, it's
obvious that you might want to copy your mail submission passwords
between two systems to save typing them all in again, but
/etc/exim4/passwd.client is owned by root.Debian-exim, and that
GID is >100, so potentially different:
$ ls -l /agogs/etc/exim4/passwd.client /etc/exim4/passwd.client
-rw-r- 1 root mlocate 663 May 30 2018 /agogs/etc/exim4/passwd.client
-rw-r- 1 root Debian-exim 663 May 30 2018 /etc/exim4/passwd.client
$ ls -n /agogs/etc/exim4/passwd.client /etc/exim4/passwd.client
-rw-r- 1 0 118 663 May 30 2018 /agogs/etc/exim4/passwd.client
-rw-r- 1 0 120 663 May 30 2018 /etc/exim4/passwd.client
$
> > (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 /
> > > Stretch).
> >
> > AFAICS, user "man" has had UID 6 since at least Debian 6/squeeze
> >
> Ohh, this is interesting, so I wonder why I had a different value then,
> maybe something else was wrong with my system then...
Difficult to say. My reaction would be to check the ownership of all
non-root-owned files. Because of the potential for trouble like the
above, I routinely keep a list on each system.
# find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s%s
%s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files
Cheers,
David.
Re: Why do UID values of system users matter?
On Fri 16 Aug 2019 at 23:27:27 (+0200), Steffen Dettmer wrote: > > just for my curiosity I wonder why the numeric UID values matter at all, > for example: > > update-passwd has found a difference between your system > accounts and the current Debian defaults. It is advisable to > allow update-passwd to change your system; without those > changes some packages might not work correctly. For more > documentation on the Debian account policies, please see > /usr/share/doc/base-passwd/README. > > The proposed change is: > > Change the UID of user "man" from 13 to 6 > > (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 / > Stretch). Very odd. The master lists are in /usr/share/base-passwd/*master and the jessie version (3.5.37) has man as 6 and 12. Going back to woody (Debian 3.0 from 2002), the UID is still 6, though the GID at that time was 100, the "users" group, shared by several system UIDs. > Normally I would assume that the numeric values would not be use > anywhere at all, only the symbolic names. OSes and filesystems use numbers rather than names for efficiency: even a modern 32-bit UID only uses the space of four ASCII characters, whereas some of the UID/GID names are long, eg systemd-bus-proxy and debian-security-support. > If the numeric value matters, why are their values no kept across releases? Because that presents too much administrative effort, which dynamic allocation is designed to avoid. You just have to exercise care if/when you copy files between different systems in "inappropriate" ways, eg using cp when you have two installations in the same PC. Cheers, David.
Re: Why do UID values of system users matter?
On Fri, Aug 16, 2019 at 10:18 PM Steffen Dettmer wrote: > Hi, > > thanks for your quick reply. > > I see, multiboot with different /etc but shared /usr or /local could > invite a lot of trouble if using different UIDs, indeed! Thanks for the > quick explanation. > > > (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 / >> > Stretch). >> >> AFAICS, user "man" has had UID 6 since at least Debian 6/squeeze >> > >From looking at an Ubuntu 16.04 System I administer, User "man" (uid 6) is, apparently the owner of /var/cache/man, which appears to be an area for translating man pages. Who creates this User? > > Ohh, this is interesting, so I wonder why I had a different value then, > maybe something else was wrong with my system then... > Could there be multiple Packages that might attempt to Create that User (man)? Best regards, Kenneth Parker
Re: Why do UID values of system users matter?
Hi, thanks for your quick reply. I see, multiboot with different /etc but shared /usr or /local could invite a lot of trouble if using different UIDs, indeed! Thanks for the quick explanation. > (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 / > > Stretch). > > AFAICS, user "man" has had UID 6 since at least Debian 6/squeeze > Ohh, this is interesting, so I wonder why I had a different value then, maybe something else was wrong with my system then... Steffen
Re: Why do UID values of system users matter?
Le 16/08/2019 à 23:27, Steffen Dettmer a écrit : (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 / Stretch). AFAICS, user "man" has had UID 6 since at least Debian 6/squeeze.
Re: Why do UID values of system users matter?
On Fri, Aug 16, 2019 at 2:28 PM Steffen Dettmer wrote: > Hi, > > just for my curiosity I wonder why the numeric UID values matter at all, > for example: > > > I believe file ownership is tracked by numeric UID rather than user name. So, for example, if you multi-boot, a file owned by user 500 in one system will be owned by user 500 on every other system, even if it does not correspond to the same user name. That's been my experience anyway, and an occasional issue. dan
Why do UID values of system users matter?
Hi, just for my curiosity I wonder why the numeric UID values matter at all, for example: update-passwd has found a difference between your system accounts and the current Debian defaults. It is advisable to allow update-passwd to change your system; without those changes some packages might not work correctly. For more documentation on the Debian account policies, please see /usr/share/doc/base-passwd/README. The proposed change is: Change the UID of user "man" from 13 to 6 (Apparently man used uid 13 in Debian 8 / Jessi but 6 in Debian 9 / Stretch). Normally I would assume that the numeric values would not be use anywhere at all, only the symbolic names. If the numeric value matters, why are their values no kept across releases? Steffen
