libvirt-bin postinst can try to add non-system group members to libvirtd group
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| libvirt (Ubuntu) |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
In the postinst for libvirt-bin it tries to add members of the admin group to libvirtd, but it uses a method that might get a NIS group of the same name.
for u in $(getent group admin | sed -e "s/^.*://" -e "s/,/ /g"); do
adduser "$u" libvirtd >/dev/null || true
done
This is done correctly in the debian source package
(libvirt_
for u in $(grep "^admin:" /etc/group | sed -e "s/^.*://" -e "s/,/ /g"); do
adduser "$u" libvirtd >/dev/null || true
done
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libvirt-bin 0.9.8-2ubuntu17.8
ProcVersionSign
Uname: Linux 3.2.0-40-generic x86_64
NonfreeKernelMo
ApportVersion: 2.0.1-0ubuntu17.1
Architecture: amd64
Date: Thu Apr 18 14:26:59 2013
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Alpha amd64 (20120206)
KernLog:
MarkForUpload: True
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.
upstart.
| Francis Bacon (sink128) wrote | #1 |
| Serge Hallyn (serge-hallyn) wrote | #2 |
| Changed in libvirt (Ubuntu): | |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
Thanks for reporting this bug. After a dicussion in irc, it's not yet 100% clear which behavior we want. On the one hand is the fact that "you get what you asked for" with the group called admin. On the other hand is the fact that a site with hundreds of users in an nis group could certainly be frustrated by this.
I'm leaning toward reverting the switch from grep to getent, but not 100% convinced yet.
Marking confirmed as certainly the title is true.