You are not logged in.

Pages: 1

#1 2024-06-06 18:21:43

Lone_Wolf
Administrator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 13,146

pacman -Qikk shadow - /usr/bin/groupmems permission mismatch

Recently I ran pacman -Qkk and noticed warnings about shadow package.

$ sudo pacman -Qikk shadow
Name            : shadow
Version         : 4.15.1-2
Description     : Password and account management tool suite with support for shadow files and PAM
Architecture    : x86_64
URL             : https://github.com/shadow-maint/shadow
Licenses        : BSD-3-Clause
Groups          : None
Provides        : None
Depends On      : glibc  acl  libacl.so=1-64  attr  libattr.so=1-64  audit  libaudit.so=1-64  libxcrypt  libcrypt.so=2-64  pam
                  libpam.so=0-64  libpam_misc.so=0-64
Optional Deps   : None
Required By     : base  git  util-linux
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 3.75 MiB
Packager        : David Runge <dvzrv@archlinux.org>
Build Date      : ma 01 apr 2024 12:19:58 CEST
Install Date    : do 06 jun 2024 14:49:10 CEST
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

warning: shadow: /usr/bin/groupmems (GID mismatch)
warning: shadow: /usr/bin/groupmems (Permissions mismatch)
shadow: 588 total files, 1 altered file
$ 
$ stat /usr/bin/groupmems 
  File: /usr/bin/groupmems
  Size: 47240           Blocks: 96         IO Block: 4096   regular file
Device: 259,1   Inode: 145892      Links: 1
Access: (2750/-rwxr-s---)  Uid: (    0/    root)   Gid: (  962/  groups)
Access: 2024-06-06 14:49:16.103506943 +0200
Modify: 2024-04-01 12:19:58.000000000 +0200
Change: 2024-06-06 14:49:11.473425311 +0200
 Birth: 2024-06-06 14:49:10.963416319 +0200
$

Looking inside /var/cache/pacman/pkg/shadow-4.15.1-2-x86_64.pkg.tar.zst shows groupmems has permission 0750 with user root and group root.

This explains why pacman warns about the alteration.

I looked at https://gitlab.archlinux.org/archlinux/ … ges/shadow .
shadow.tmpfiles contains z /usr/bin/groupmems 2750 root groups - - so the changes in permissions & gid are intentional .

Oddly enough the shadow PKGBUILD contains

 # adapt executables to match the modes used by tmpfiles.d, so that pacman does not complain:
  chmod 750 "$pkgdir/usr/bin/groupmems"

Did I accidentally stumble on a bug in shadow or am I misinterpreting things ?

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building not flexible enough ?
Try clean chroot manager by graysky

Offline

#2 2024-06-06 21:21:10

tekstryder
Member
Registered: 2013-02-14
Posts: 183

Re: pacman -Qikk shadow - /usr/bin/groupmems permission mismatch

Lone_Wolf wrote:

Did I accidentally stumble on a bug in shadow or am I misinterpreting things ?

I dove into that curiosity myself recently...

https://bbs.archlinux.org/viewtopic.php … 3#p2168243

Offline

#3 2024-06-06 21:24:59

seth
Member
Registered: 2012-09-03
Posts: 60,378

Re: pacman -Qikk shadow - /usr/bin/groupmems permission mismatch

https://gitlab.archlinux.org/archlinux/ … w.tmpfiles

https://gitlab.archlinux.org/archlinux/ … 009d85e63b looks like a bug in the PKGBUILD which wanted to align to 2750 but skipped the SGID

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB