Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] groups with duplicate GIDs are not returned by get_group_list #62377

Closed
nicholasmhughes opened this issue Jul 25, 2022 · 0 comments · Fixed by #62378 or #64599
Closed

[BUG] groups with duplicate GIDs are not returned by get_group_list #62377

nicholasmhughes opened this issue Jul 25, 2022 · 0 comments · Fixed by #62378 or #64599
Labels
Bug broken, incorrect, or confusing behavior

Comments

@nicholasmhughes
Copy link
Collaborator

Description

The following error is thrown when attempting to enforce optional group membership for a group which does not have a unique GID.

[ERROR   ] These values could not be changed: {'groups': ['adm', 'audio', 'cdrom', 'dialout', 'dip', 'floppy', 'netdev', 'plugdev', 'sudo', 'user', 'users', 'video']}
local:
----------
          ID: groups_manage_user
    Function: user.present
        Name: debian
      Result: False
     Comment: These values could not be changed: {'groups': ['adm', 'audio', 'cdrom', 'dialout', 'dip', 'floppy', 'netdev', 'plugdev', 'sudo', 'user', 'users', 'video']}
     Started: 14:57:44.820074
    Duration: 39.273 ms
     Changes:   

Summary for local
------------
Succeeded: 0
Failed:    1
------------
Total states run:     1
Total run time:  39.273 ms

Setup

Example state file:

# /srv/salt/groups.sls

manage_user:
  user.present:
    - name: debian
    - optional_groups: [user]

Steps to Reproduce the behavior

Add the user group with a duplicate GID, such as copying the users group line in /etc/group and then run the state.

salt-call state.apply groups

Running in TRACE log level points toward the problem:

TRACE   ] Trying os.getgrouplist for 'debian'
[TRACE   ] Group list for user 'debian': ['adm', 'audio', 'cdrom', 'debian', 'dialout', 'dip', 'floppy', 'netdev', 'plugdev', 'sudo', 'users', 'video']

The group listing is derived from GIDs, so the user group is not shown.

Expected behavior
While not the best practice, duplicate GIDs are a valid configuration which might be experienced on systems. The function should be able to list unique group names which might have duplicate GIDs.

Versions Report

salt --versions-report (Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) 
Salt Version:
          Salt: 3005+0na.b18281e
 
Dependency Versions:
          cffi: Not Installed
      cherrypy: Not Installed
      dateutil: Not Installed
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.2
       libgit2: Not Installed
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.3
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     pycparser: Not Installed
      pycrypto: 2.6.1
  pycryptodome: 3.14.1
        pygit2: Not Installed
        Python: 3.7.3 (default, Jan 22 2021, 20:04:44)
  python-gnupg: Not Installed
        PyYAML: 6.0
         PyZMQ: 23.0.0
         smmap: Not Installed
       timelib: Not Installed
       Tornado: 4.5.3
           ZMQ: 4.3.4
 
System Versions:
          dist: debian 10 buster
        locale: UTF-8
       machine: x86_64
       release: 4.19.0-21-amd64
        system: Linux
       version: Debian GNU/Linux 10 buster
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug broken, incorrect, or confusing behavior
Projects
None yet
Milestone
No milestone
1 participant
@nicholasmhughes