From unknown Fri Mar 29 05:30:57 2024 X-Loop: owner@bugs.devuan.org Subject: bug#548: [EXTERNAL] Re: bug#548: eudev: postinst fails when kvm group present Reply-To: Meeuwissen Olaf , 548@bugs.devuan.org Resent-From: Meeuwissen Olaf Resent-To: devuan-bugs@lists.dyne.org Resent-CC: Devuan Dev Team X-Loop: owner@bugs.devuan.org Resent-Date: Wed, 17 Feb 2021 23:33:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.devuan.org X-Devuan-PR-Message: followup 548 X-Devuan-PR-Package: eudev X-Devuan-PR-Keywords: References: <161335070595.15755.13300177891033620677.reportbug@vostro> <20210217145406339565590@bob.proulx.com> <161335070595.15755.13300177891033620677.reportbug@vostro> Received: via spool by 548-submit@bugs.devuan.org id=B548.161360400225755 (code B ref 548); Wed, 17 Feb 2021 23:33:01 +0000 Received: (at 548) by bugs.devuan.org; 17 Feb 2021 23:20:02 +0000 Delivered-To: devuanbugs@dyne.org Received: from tupac3.dyne.org [195.169.149.119] by doc.devuan.org with IMAP (fetchmail-6.4.0.beta4) for (single-drop); Wed, 17 Feb 2021 23:20:02 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw1514.securemx.jp [210.130.202.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by vm6.ganeti.dyne.org (Postfix) with ESMTPS id 7788DF60D22 for <548@bugs.devuan.org>; Thu, 18 Feb 2021 00:16:01 +0100 (CET) Authentication-Results: vm6.ganeti.dyne.org; dkim=pass (1024-bit key; unprotected) header.d=epsongroup.onmicrosoft.com header.i=@epsongroup.onmicrosoft.com header.b="U3O1RnJo"; dkim-atps=neutral Received: by mo-csw.securemx.jp (mx-mo-csw1514) id 11HNFvsq016250; Thu, 18 Feb 2021 08:15:57 +0900 X-Iguazu-Qid: 34tKUV8MirdrOVeNgF X-Iguazu-QSIG: v=2; s=0; t=1613603756; q=34tKUV8MirdrOVeNgF; m=J4fjNvYNg2jrxRi8F+ampZs1lOHa94iug/hUn1yKBHQ= Received: from jpeag002.apo.epson.net (mx4.epson.co.jp [202.247.30.106]) by relay.securemx.jp (mx-mr1512) id 11HNFsX7002539 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Thu, 18 Feb 2021 08:15:56 +0900 Authentication-Results: jpeag002.apo.epson.net; dkim=pass header.d=epsongroup.onmicrosoft.com Received: from JPEFP002.apo.epson.net (gateway [10.0.201.237]) (envelope sender: ) (not using TLS) by jpeag002.apo.epson.net (Active!gate) with ESMTP id SIPx30563A; Thu, 18 Feb 2021 08:15:49 +0900 Received: from jpecl060.epson.co.jp (unknown [10.0.201.237]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by Forcepoint Email with ESMTPS id CD5D3ED7D35F071344B7; Thu, 18 Feb 2021 08:15:48 +0900 (JST) Received: from jpeawse022.apo.epson.net (unknown [10.0.115.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by jpecl060.epson.co.jp (Postfix) with ESMTPS id C1E9412111C; Thu, 18 Feb 2021 08:15:48 +0900 (JST) Received: from JPEAWSE021.apo.epson.net (10.0.115.21) by jpeawse022.apo.epson.net (10.0.115.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2044.4; Thu, 18 Feb 2021 08:15:48 +0900 Received: from APC01-PU1-obe.outbound.protection.outlook.com (104.47.126.50) by JPEAWSE021.apo.epson.net (10.0.115.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2044.4 via Frontend Transport; Thu, 18 Feb 2021 08:15:48 +0900 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Rt9ASzZr7denBGbA0jSWfQdtCe5miACftI4KxRX4b4zdyfh3ySEQ9RjVF1eQ0XOFkgubDLFA2X0W19gdgttUmMNyGFjr3TjdwqJZPUV65sZ+f/ol2QhJrGVzWByGN5Unq/tZllspheocU/wt4X4RGvg4XrlEJPQTSaaxpwLzfqG3QVsFBYSYNNX4T0m2udxuJF2woVKL3j+laPCnqhwtTOTRHCOSUCWyta+J9M46rm68/sqjxti+GlWur4prP6q0qmUt5xfklH5xeI2DYXo7ZflixkPDFHWw5rD7Mr07TxkaJtokShRQ3TgJG/20G65RNcvZrCI7W2oT2xmlcL4+yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O6rEjB9Hc8Ng89EdE/VZ0FgzJowzIRpwurYmguYPffM=; b=O5K2PxAzGbK/b2/s+F8N/97ycvBwkX4s5EuObdoYVD6gxrfW82vAnPyJ341JUgFFgJPJ7H7ViPRhjjISeKZ9HeD3BexuxLNAoxIB8KxUbmqL+lqpNBs4aZDwj680/ktwiwfjicPevHKaxn7EIaL39LZF+SS7yRijoFQX6Xn8Be2dcnlZPrBH6VipdhTmqlHICJCq6GvCG0VNfxb9NZwsQUgXLnjUcvkn4sXsNCe44sMHqMG3DHWdxaGbxFmKlShOSoE73KIc0bNPS0Z1+Xi617HC5srvMxRq8iZxX3iUw9Yy9i2k5H/CDYHlAen1/BkfWOprWh+Q6WRuUc8sPOq0Iw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=exc.epson.co.jp; dmarc=pass action=none header.from=exc.epson.co.jp; dkim=pass header.d=exc.epson.co.jp; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epsongroup.onmicrosoft.com; s=selector2-epsongroup-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O6rEjB9Hc8Ng89EdE/VZ0FgzJowzIRpwurYmguYPffM=; b=U3O1RnJoQ0xu/OyKC8n4TLX1jkePtXgpkcut8Dty11w9C5vM4Hqlpy6kkiGNXawTLTX+zoYQqNek0u/us5x92fXsFuttz4MlxaQS38k0n0PkrR3PUVxLwLJRRvuD7AFLIW/hPQrJNBGKfgyTs7Bo69zmiFaUmW2pOogQz+HBxho= Received: from TY2PR01MB2652.jpnprd01.prod.outlook.com (2603:1096:404:6b::9) by TY2PR01MB1929.jpnprd01.prod.outlook.com (2603:1096:404:d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3846.27; Wed, 17 Feb 2021 23:15:46 +0000 Received: from TY2PR01MB2652.jpnprd01.prod.outlook.com ([fe80::ec98:97f6:1862:ffbe]) by TY2PR01MB2652.jpnprd01.prod.outlook.com ([fe80::ec98:97f6:1862:ffbe%5]) with mapi id 15.20.3846.031; Wed, 17 Feb 2021 23:15:46 +0000 From: Meeuwissen Olaf To: Bob Proulx CC: "548@bugs.devuan.org" <548@bugs.devuan.org> Thread-Topic: [EXTERNAL] Re: bug#548: eudev: postinst fails when kvm group present Thread-Index: AQHXAzWrHDP506ZlZEShIuIE1Jlinapc66aAgAATkYA= Date: Wed, 17 Feb 2021 23:15:46 +0000 Message-ID: <87r1lenv4u.fsf@vostro> In-Reply-To: <20210217145406339565590@bob.proulx.com> Accept-Language: en-GB, ja-JP, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: proulx.com; dkim=none (message not signed) header.d=none;proulx.com; dmarc=none action=none header.from=exc.epson.co.jp; x-originating-ip: [61.123.118.13] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 8a2e7d6b-3779-4188-26ea-08d8d399f511 x-ms-traffictypediagnostic: TY2PR01MB1929: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RjX+uTdf+zcwy7y8WanzUJ1rxX9jbq6bDjjEGTrCGXgJtOVhL2c8gN6jW9M0KYp6a8VZ14jBWV+07rsawWITSPXUoNb/D/kV40jU8Xb7iWFFpehf7jxBDTOwWzyy3sprtTMHdxrKBP2gp3UuynoiT17pSg3GM7oFsBg/dBHbmWd+WETQRl9hE3f3QTWcc11oQPFhYQp8uK8fkMrI9Wh3xGuuH/SQ8BWMGzSu2+eNNFB6e0bAEk7WjKbMD2U3e/xHc6Beoag1j+Uz/9MetxiUq3CTtuYrW2v+DMd5a9VOd55wUCWbjVJD4jucxgmqPzPiTwwrmwnuXJ5Z1JOo1sf5SY+YBiF0AbNTiOzxAzLtL5ozxLElEhGYh1DdNCWY1FCUxrN1VCkd7MyILR5q6lpJfseXryRFyOF9K3j68dvn9DyBpHac/B60mg7Iu1Wt2mqw2fpI+RMqs/vEe9I17MjB98huy/C5NCA3U0+wuO/eCa0VvRzkUTIEeopRqW+enZKYl7LCM6jwe3FxVKREIOcGasyXDNP0QjEmFLm831Rt4qjzn/ueSwDIwRwZcuYPIFoJa9M0W5ghgPqVXzDNZWRZwL75t0CcNmE/boVk+5gP61p2BPRfUNFwDg76CjZsFITsVo28zVChos/0KPDe3boF2Q== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:TY2PR01MB2652.jpnprd01.prod.outlook.com;PTR:;CAT:NONE;SFS:(7916004)(39860400002)(346002)(396003)(136003)(376002)(366004)(316002)(9686003)(8676002)(71200400001)(6506007)(966005)(6512007)(2906002)(186003)(5660300002)(76116006)(26005)(8936002)(83380400001)(33716001)(4326008)(478600001)(66446008)(64756008)(66476007)(66556008)(6916009)(6486002)(66946007)(86362001)(2004002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: 6LetbuzD5WuCmWNnyGrKV/IxuoGWZRXsHodgPg47dYCwDdH5LJvjkYKzt0OcJrmM4oD4MdjlXXy1MSeHHqkQ38TkKggVlZaIvURp/9+AeuphZMRdB+9e95UXfEOgagH/cExH7HnxbYluSAb21txlrwl98tvN0bCQvmrQgErGQ1OnJciIXmRj4pPVpG/Mxx4Jdj4iPP6C5JktwUkZwGt+tHkjkAOlQ0A02crTK74ePCAdM/QXOwWL1FmML/KZyiBlWK2KTLn8CrklG5aTL+NssLT7KHzjeSHh1oK9rTKh9VTbYqMG5A4fE+V6nLq4k2eqyq7er1pnpGtetaILrWd8sAhwXO2Gtkz6Z+yPgQ9VKXqV6usJmx98fWouJ2oZllBJ5rcprslmhiS8irYWwWgfXoNm9PW3CL2eCeiWF3vtRo51inbWTTiJpdBCzRPS4uuFNMkT5E/o+Vu8w9DmLP+v9+IrGczpWnBXWGdiJONgjJ1F2HMsJm7FhHNJaYDr3ezSEqqoeffLUchscngTe64nyGuJive5awtxuR1A59veownyN09dPQOGBxTPvVQcEv33At8gqgfzq32yejiNl1CUbQTdYRyQunGfBZopWH2ym2WYMFEposiA13sNwd4dINaoLlc1827wQRh66S5mLl6An0VsFFyWGoPa3xMcCv+RoX96ctAFZIOgirg9AbIdSCIgsUygsWDqYfPhm1tGYORDjaN9B9Y80Zp8sBM+rYeXey2ei9TXharX7+TNQxuSHuM0bnU/4Z8e6HlbLvfnkfWkVq9lRWWt5YdJ2nXcVF0A5Um+H82I/VtnQIo9lyQRxmmm2gsxjVGc5kCq+NpaQIowcYk7/TP/uF93R7ct6akiDqZB6d2etpOFjFuSg0g/MKYIfZ0mlvqxB3oa2Exau3YulE2d/Hanh4ko0BWayUmbPrVE0l+JC2k2r43xtoEueKKkWFoDPFwCQRvcytE/UE5c/OyD7oTjPI9mNo1g8Xw5YYLPMNngVDMOwj0ejqVMc01GJaEU2H9FsxtpUi+Jsu9TL0P7zHh5muUfUzKxdxIEi0eSay4X4aN7S/SizwOyI9LDblyugVFRicr1xDM4/+mJ1b417CcZbMIFOA0Zi8LQSXlpbcgq8D0nYkDB5kSwsIAJTzSafRE840do9Pkn4k6owr6secYvOILr7NquJeLfPon1tW+8Pg1cjDQhQcV+ia9I4ujHS58AaW5VBXCYVxwFIG0tdaJFck/q0IGViOKEqWzChMWpeH3/5vxl70axicy6WfK/zkK72yoTGl5Qwf/pIPfKoDHetkz+Z0PBcInNaFGaehdjn0j3Re5MoB7lYgIZ x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TY2PR01MB2652.jpnprd01.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8a2e7d6b-3779-4188-26ea-08d8d399f511 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Feb 2021 23:15:46.6964 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3ce358ea-700e-4f0f-bb37-fd0b7c21366c X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: nGtsiDBcCSNz4AxPECeAsJPepkgSr6uN+4EKXtPToC5asncHlP4oEZCxEhKWVR6+IJUfFYeNmAAMyvlhOaFWNOCyCWFYNFVV8YgMWngUYes= X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY2PR01MB1929 X-OriginatorOrg: exc.epson.co.jp X-Spam-Status: No, score=-0.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS autolearn=disabled version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org Bob Proulx writes: > Meeuwissen Olaf wrote: >> I just upgraded a number of packages on a machine where I had >> manually added a `kvm` group. This caused the postinst script >> to fail with >> >> The group `kvm' already exists and is not a system group. Exiting. >> >> leaving `eudev` unconfigured. > > I noticed this on Sunday and also investigated. And then today > another user DeepDive on #devuan IRC reported the same problem. > Therefore I am raising the severity to important due to the effect > this has for many users. Thanks. I was wondering whether to do so on the initial report. >> I don't know if the `kvm` *must* be a system group but things >> have been working fine for me with a non-system group. As long as >> a non-system `kvm` group exists, configuring `eudev` will fail. >> This is easily confirmed with >> >> $ sudo dpkg-reconfigure eudev >> The group `kvm' already exists and is not a system group. Exiting. >> >> Changing the group to a system group fixes this behaviour. >> >> I worked around the issue by appending `|| true` in the postscript >> to the `adduser` command that tries to create the system group. >> >> If the `kvm` group does not have to be a system group, I would expect >> configuration to succeed if a non-system `kvm` group is present. > > But the code used in the postinst is problematic. The code is this. > (I know the web version does not show indentation. Imagine the code > being indented. Check the original files.) > > #!/bin/sh > set -e > ... > case "$1" in > configure) > ... > # Add new system group used by udev rules > addgroup --quiet --system input > > # Make /dev/kvm accessible to kvm group > addgroup --quiet --system kvm > > # Make /dev/dri/renderD* accessible to render group > addgroup --quiet --system render > > Those are unconditional additions. Which means that if the addgroup > returns a non-zero exit code then due to the set -e the configure > fails and the package is left unconfigured. > > It is true that the addgroup would return 0 (success) if it would not > need to do the action. But if the user has already locally configured > an account user or group then that previously existing configuration > should be maintained. > > Therefore group addition should not be unconditional. It should be > conditional upon the group not already existing. I present two > alternative examples from existing packages that handle this in two > different ways. > > The first from postfix. The "try it and see" method. > > cd ${CHROOT} > # make sure that the postfix user exists. Simplest portable way to c= heck is to > # chown something, so we'll create the directories that we need here. > makedir private root:root 700 > chgrp postfix private 2>/dev/null || > addgroup --system postfix > chown postfix private 2>/dev/null || > adduser --system --home ${CHROOT} --no-create-home --disabled-pas= sword --ingroup postfix postfix > > The second from libvirt-daemon-system. The "check it and see" method. > > if ! getent group libvirt >/dev/null; then > addgroup --quiet --system libvirt > fi > if ! getent group kvm >/dev/null; then > addgroup --quiet --system kvm > fi > > Again for the web display please imagine the above having indentation. > > And so either way seems good and acceptable. I would probably do the > same thing libvirt-daemon-system is doing as that is simple enough. I would also go the libvirt-daemon-system way. It more clearly states what is going on. > Here is a suggested fix for this. > > # Add new system group used by udev rules > if ! getent group input >/dev/null; then > addgroup --quiet --system input > fi > > # Make /dev/kvm accessible to kvm group > if ! getent group kvm >/dev/null; then > addgroup --quiet --system kvm > fi > > # Make /dev/dri/renderD* accessible to render group > if ! getent group render >/dev/null; then > addgroup --quiet --system render > fi > > Thank you for maintaining eudev in Devuan! :-) And thank you for actually suggesting a fix! Hope this helps, -- Olaf Meeuwissen, LPIC-2 FLOSS Engineer -- EPSON AVASYS CORPORATION Free Software Foundation Associate Member since 2004-01-27 Support Free Software https://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join=