Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Problem with system group #103

Open
1 task done
antwal opened this issue Dec 4, 2024 · 3 comments
Open
1 task done

[BUG] Problem with system group #103

antwal opened this issue Dec 4, 2024 · 3 comments

Comments

@antwal
Copy link

antwal commented Dec 4, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

When I specify a username that matches a system group name, usermod fails with an error

Expected Behavior

An error should be raised and the container should exit

Steps To Reproduce

Set USERNAME is "www-data", the same name is an existing group in the system

Environment

- OS: Debian 12
- How docker service was installed: apt

CPU architecture

x86-64

Docker creation

version: "3.9"
services:
  wordpress:
    networks:
      - blackhole
    hostname: openssh-server
    container_name: openssh-server
    restart: unless-stopped
    image: lscr.io/linuxserver/openssh-server:latest
    ports:
      - "2222:2222"
    environment:
      - PUID=33
      - PGID=33
      - TZ=Europe/Rome
      - USER_NAME=www-data # Problem with system group
    volumes:
      - /mnt/storage/openssh-server/config:/config
      - /mnt/storage/www-data/:/www-data/

networks:
  blackhole:
    name: container-net
    external: true

Container logs

[migrations] started
[migrations] no migrations found
groupmod: group 'www-data' already exists
───────────────────────────────────────
      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝
   Brought to you by linuxserver.io
───────────────────────────────────────
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID:    33
User GID:    1001
───────────────────────────────────────
Linuxserver.io version: 9.7_p1-r4-ls179
Build-date: 2024-12-01T18:53:35+00:00
───────────────────────────────────────
    
User name is set to www-data
sudo is disabled.
SSH host public key(s):
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNgS4rePrIpw+uygy69sltdCQdXTzDtVujxBWA+wk/JY9lYmlDzu1KiV/GW1VFA5wC4AJTprxdJmnOAwDSaBamo= root@openssh-server
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAueSTsWJbt0ku3byZZ8iKqWhMpvVSfy14m7jDP0zJN6 root@openssh-server
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXmqMpNt9jtEND7PRyEvQJqZdLUMCrhs+iuUESeFskdjfqvpQH5hFRuIRX/wnct1HJn+aOKhpyvVWuRvlR/GhPqbHyMhHJjavwj4+uZ4hz2QBfxaqu6p6mhYurbFfHDly1ob+mANAehuelABHZcArEWG7JItiH2pLIAQIWxGj1XBxx+Y7+rtar1JIN4vpNmhs9S+tCTv+GFa1hHj5N0+3WJpHFWMc5Jl8rB+381SLUPd5tvQoQ47fR9uTzgERni2UJHBBDsWvbwDLN1g05fbx0h8ksPu5i1tzkI1e6RfhlwNAn9jREBfisWiK8wulOGdN4noFUnIM9ULdSfZ/9v9qknEPi8Y2Muk6hU0CldrMaTIXI/xrp9lfpoe/E3Z7S5OqdgLPt+AP9Wvr873l7uolCUMkJXqOeV44RQavtLSvbgYujZIa2gqNgXyqm0mtOp5sXYfoh1wEeU3dAZkue2x/Bwe/2Dt5rmpydtLebenJNmT4wS+Jgl4lQLPdn7mQ+bZ0= root@openssh-server
sshd is listening on port 2222
User/password ssh access is disabled.
[custom-init] No custom files found, skipping...
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2024

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

@antwal
Copy link
Author

antwal commented Dec 4, 2024

Changing PUID and PGID the server starts despite the existing group error; but it does not accept any of the generated keys always giving the permissions denied error:

docker compose:

version: "3.9"
services:
  wordpress:
    networks:
      - blackhole
    hostname: openssh-server
    container_name: openssh-server
    restart: unless-stopped
    image: lscr.io/linuxserver/openssh-server:latest
    ports:
      - "2222:2222"
    environment:
      - PUID=1001
      - PGID=1001
      - TZ=Europe/Rome
      - USER_NAME=www-data
    volumes:
      - /mnt/storage/openssh-server/config:/config
      - /mnt/storage/www-data/:/www-data/

networks:
  blackhole:
    name: container-net
    external: true

container log:

[migrations] started
[migrations] no migrations found
groupmod: group 'www-data' already exists
───────────────────────────────────────
      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝
   Brought to you by linuxserver.io
───────────────────────────────────────
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID:    1001
User GID:    1001
───────────────────────────────────────
Linuxserver.io version: 9.7_p1-r4-ls179
Build-date: 2024-12-01T18:53:35+00:00
───────────────────────────────────────
    
User name is set to www-data
sudo is disabled.
ssh-keygen: generating new host keys: RSA ECDSA ED25519 
SSH host public key(s):
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKreHpyBCdsHe3Iypd5aYqK3MWb6E1sWpdNSM1fvcuT2IsM6GO0zTdeOrkhx5Wt5tqrNu+H3Cwd5qAfhbW+6wZQ= root@ssh-test
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBK+iE7H271ewnJ8x2UqdBTrSSiw8f5WCzKie7EpOsUT root@ssh-test
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCp/Nf8UvkYifznIBE2zUdzDTm38Lqqbdd0iW8Um/hpq/2+qR17Ex0QYmo7sCLQUfPdfW84XIN8s4YdydrHzEM2IGtvKM6tzqrdfjzM5Tk7VMNn3HOPTGWEKYBQn1q4IKbwqgWFXla1zLCzRisJMt1Zc5HS27gJl2Y7dWhKWnKtiNDllaxxoY1+k5nzV2hC52+W066NA43fJs1Q8OfgYYC7FS1PPXv/EBftVlEI0LUZznY0BRtUVuRdyF38WqTMCw/fNT1Ak+MY/IO9+2x9qUgI0nuj+9FN9qyWvllbGYBOwxc65hk6gI2hBe65DTd7YRY6J3iP8F7lrZYj8ol4o2WMAe9hxRtlzxGsLkncMNkNLu4N/kHZFq+NHEWshsxGoQjRoBNErCvZYSjsnpf3OpDWMuXan4Pm9ORN+32fhZiv/SdjfVq/xK1bLoBLweC/45fo8hDqkZ/k33zaxMQoqNiTyOO6NyIdnU2pdV2f22BWQ+WiMN0dy2DQQ7bWC97lWrE= root@ssh-test
sshd is listening on port 2222
User/password ssh access is disabled.
[custom-init] No custom files found, skipping...
[ls.io-init] done.

/etc/passwd:

root:x:0:0:root:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/mail:/sbin/nologin
news:x:9:13:news:/usr/lib/news:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
ftp:x:21:21::/var/lib/ftp:/sbin/nologin
sshd:x:22:22:sshd:/dev/null:/sbin/nologin
games:x:35:35:games:/usr/games:/sbin/nologin
ntp:x:123:123:NTP:/var/empty:/sbin/nologin
guest:x:405:1000:guest:/dev/null:/sbin/nologin
nobody:x:65534:65534:nobody:/:/sbin/nologin
klogd:x:100:101:klogd:/dev/null:/sbin/nologin
www-data:x:1001:1001::/config:/bin/bash

/etc/group:

root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin
adm:x:4:root,daemon
tty:x:5:
disk:x:6:root
lp:x:7:lp
kmem:x:9:
wheel:x:10:root
floppy:x:11:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
cron:x:16:cron
audio:x:18:
cdrom:x:19:
dialout:x:20:root
ftp:x:21:
sshd:x:22:
input:x:23:
tape:x:26:root
video:x:27:root
netdev:x:28:
kvm:x:34:kvm
games:x:35:
shadow:x:42:
www-data:x:1001:
users:x:1000:games,www-data
ntp:x:123:
abuild:x:300:
utmp:x:406:
ping:x:999:
nogroup:x:65533:
nobody:x:65534:
klogd:x:101:klogd
abc:!:1001:

@antwal
Copy link
Author

antwal commented Dec 4, 2024

the current solution to the problem is to use a different username with access via password and everything works normally

docker compose:

version: "3.9"
services:
  wordpress:
    networks:
      - blackhole
    hostname: openssh-server
    container_name: openssh-server
    restart: unless-stopped
    image: lscr.io/linuxserver/openssh-server:latest
    ports:
      - "2222:2222"
    environment:
      - PUID=33
      - PGID=33
      - TZ=Europe/Rome
      - USER_NAME=www-user
      - PASSWORD_ACCESS=true
      - USER_PASSWORD=password
    volumes:
      - /mnt/storage/openssh-server/config:/config
      - /mnt/storage/www-data/:/www-data/

networks:
  blackhole:
    name: container-net
    external: true

container log:

[migrations] started
[migrations] no migrations found
───────────────────────────────────────
      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝
   Brought to you by linuxserver.io
───────────────────────────────────────
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID:    33
User GID:    33
───────────────────────────────────────
Linuxserver.io version: 9.7_p1-r4-ls179
Build-date: 2024-12-01T18:53:35+00:00
───────────────────────────────────────
    
User name is set to www-user
sudo is disabled.
ssh-keygen: generating new host keys: RSA ECDSA ED25519 
SSH host public key(s):
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCna9vfeBcn9qTBrHqyZ1rFKOb+CS3IaBYSc9VrzSzw+3r4MzDgDbOLjRXgWs6iIkzJI1R9hRtqbFY531FdACxc= root@ssh-test
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICUn9Nb9McTwfo8LdOgCSniSNtyItKmSKq49cuj8V3hH root@ssh-test
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDhH+1eoPkaqW18JVxWzgHCRTphywP0jHt4TuYYIgYyCzNP8XcoPu6oZWvcYQGvOHalnJcJQEvgHQvo8nNN+J/LfgtKNi3onhABf5ba7IEuCYNBCFby8ODopRvB5CUyUzwdg/5LGp3XwYxgmtfsqp90vpJdbK1Ko5lbuWuU2P3WltyZUHV6CqTNCNlSkQgxS88XbftWu6dwYXHX3d1EWNld4YbveZ1wWrcJc1VBpkpAPDzcFFNwXgDLky7ZLF/8IH0V+C007C95lvpfuATW1nT+BNb7X3WEasHjshR44nYt4BEhdEwyHb7aDJdqBpKqQg9K/uDKkJ7JE1YtGDaAE1sUzyjHJVvgeeGxT7joEhFFeoGdFC0adgKh7LH5jM5qZ11beO4mFYaG4hfv/UYVPaee/gQ/T/XyKRRZsI3cZR29aR2C9wVf7AOFfHgn6OqkxprkjlrOTOTs9+gyVOeMB+DaUEL5znBvFPtho6rglkOrvtolRMzDWsqHzHQir/OLw0= root@ssh-test
sshd is listening on port 2222
User/password ssh access is enabled.
[custom-init] No custom files found, skipping...
[ls.io-init] done.

/etc/passwd:

root:x:0:0:root:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/mail:/sbin/nologin
news:x:9:13:news:/usr/lib/news:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
ftp:x:21:21::/var/lib/ftp:/sbin/nologin
sshd:x:22:22:sshd:/dev/null:/sbin/nologin
games:x:35:35:games:/usr/games:/sbin/nologin
ntp:x:123:123:NTP:/var/empty:/sbin/nologin
guest:x:405:1000:guest:/dev/null:/sbin/nologin
nobody:x:65534:65534:nobody:/:/sbin/nologin
klogd:x:100:101:klogd:/dev/null:/sbin/nologin
www-user:x:33:33::/config:/bin/bash

/etc/group:

root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin
adm:x:4:root,daemon
tty:x:5:
disk:x:6:root
lp:x:7:lp
kmem:x:9:
wheel:x:10:root
floppy:x:11:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
cron:x:16:cron
audio:x:18:
cdrom:x:19:
dialout:x:20:root
ftp:x:21:
sshd:x:22:
input:x:23:
tape:x:26:root
video:x:27:root
netdev:x:28:
kvm:x:34:kvm
games:x:35:
shadow:x:42:
www-data:x:82:
users:x:1000:games,www-user
ntp:x:123:
abuild:x:300:
utmp:x:406:
ping:x:999:
nogroup:x:65533:
nobody:x:65534:
klogd:x:101:klogd
www-user:!:33:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Issue & PR Tracker
Status: Issues
Milestone
No milestone
Development

No branches or pull requests
1 participant
@antwal