Public bug reported: The keystone package creates a keystone user who's primary (and only) group membership is 'nogroup'. This results in files/directories created by the keystone user having 'nogroup' group ownership. This is considered a bad thing.
The keystone user should have it's primary group set to 'keystone'. I am currently using Precise and keystone-light, however the current keystone package seems to be affected as well. $ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu precise (development branch)" $ apt-cache madison keystone keystone | 2012.1+git201202210954-0ubuntu1 | http://ppa.launchpad.net/openstack-ubuntu-testing/openstack-ksl-testing/ubuntu/ precise/main amd64 Packages keystone | 2012.1~e4~20120203.1574-0ubuntu3 | http://archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages I have attached a patch for keystone-light which should fix the problem (liberally cribbed from the nova packages). --- Tests --- $ id keystone uid=112(keystone) gid=65534(nogroup) groups=65534(nogroup) $ getent passwd keystone keystone:x:112:65534::/var/lib/keystone:/bin/false $ getent group keystone keystone:x:119: ** Affects: keystone (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/941905 Title: keystone user should not have a primary group of nogroup To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/941905/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs