unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
* bug#45570: operating-system definitions allow duplicate passwd and group entries
@ 2020-12-31 18:14 Jason Conroy
  2021-01-01 11:13 ` bug#45570: [PATCH] system: Assert, that user and group names are unique Leo Prikler
                   ` (3 more replies)
  0 siblings, 4 replies; 15+ messages in thread
From: Jason Conroy @ 2020-12-31 18:14 UTC (permalink / raw)
  To: 45570


[-- Attachment #1.1: Type: text/plain, Size: 646 bytes --]

When an operating-system contains multiple users or groups with the same
name, instantiating it with `guix system` does not cause a validation
failure, nor are the duplicate entries filtered from the resulting /etc
files.

This duplication can happen in a few different ways:

- both entries are manually included in the "users" or "groups" fields of
the operating-system
- a manually-specified entry collides with an entry defined by a service
(via an account-service-type extension)
- multiple services define entries that collide with each other

Steps to reproduce: call "guix system container" with the attached
operating-system definition.

[-- Attachment #1.2: Type: text/html, Size: 805 bytes --]

[-- Attachment #2: duplicate-users-and-groups.scm --]
[-- Type: application/octet-stream, Size: 1827 bytes --]

(use-modules (gnu))
(use-service-modules networking ssh)
(use-package-modules screen ssh)

(operating-system
  (host-name "komputilo")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")
  (bootloader (bootloader-configuration
                (bootloader grub-bootloader)
                (target "/dev/sdX")))
  (file-systems (cons (file-system
                        (device (file-system-label "my-root"))
                        (mount-point "/")
                        (type "ext4"))
                      %base-file-systems))

  (users (append (list
		  ;; Two manually-specified users with the same name
		  (user-account
                   (name "alice")
                   (comment "Alice 1")
                   (group "users"))
		  (user-account
                   (name "alice")
                   (comment "Alice 2")
                   (group "users"))
		  ;; A manually-specified user with the same name as a
		  ;; user defined by the openssh-service.
		  (user-account
                   (name "sshd")
                   (comment "Secure shell user")
                   (group "sshd")
		   (system? #t)))
               %base-user-accounts))

  (groups (append (list
		  ;; Two manually-specified groups with the same name
		   (user-group
		    (name "power-users"))
		   (user-group
		    (name "power-users"))
		   ;; A manually-specified group with the same name as
		   ;; a group defined by the openssh-service.
		   (user-group
		    (name "sshd")))
		  %base-groups))
  
  (services (append (list (service dhcp-client-service-type)
                          (service openssh-service-type
                                   (openssh-configuration
                                    (openssh openssh-sans-x)
                                    (port-number 2222))))
                    %base-services)))

^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2021-01-11 15:10 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-31 18:14 bug#45570: operating-system definitions allow duplicate passwd and group entries Jason Conroy
2021-01-01 11:13 ` bug#45570: [PATCH] system: Assert, that user and group names are unique Leo Prikler
2021-01-02  1:16   ` Danny Milosavljevic
2021-01-02  5:57 ` Leo Prikler
2021-01-06  9:56   ` Ludovic Courtès
2021-01-06 12:34     ` Leo Prikler
2021-01-06 13:32       ` Ludovic Courtès
2021-01-06 21:00         ` Leo Prikler
2021-01-07  8:29           ` Ludovic Courtès
2021-01-06 21:21 ` bug#45570: [PATCH v2] " Leo Prikler
2021-01-07  8:35   ` Ludovic Courtès
2021-01-07 11:13     ` Leo Prikler
2021-01-07 11:10 ` bug#45570: [PATCH v3] " Leo Prikler
2021-01-11 13:09   ` Ludovic Courtès
2021-01-11 15:06     ` Leo Prikler

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).