Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible

To: Simon McVittie <smcv@debian.org>
Cc: 994006@bugs.debian.org, Michael Biebl <biebl@debian.org>
Subject: Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
From: Aurelien Jarno <aurel32@debian.org>
Date: Tue, 14 Sep 2021 18:29:33 +0200
Message-id: <[🔎] YUDN7QJXZA2Q6LDg@aurel32.net>
Reply-to: Aurelien Jarno <aurel32@debian.org>, 994006@bugs.debian.org
In-reply-to: <[🔎] YUBVu6TpmweWrl2k@momentum.pseudorandom.co.uk>
References: <[🔎] 163120477979.55329.17024209394569625767.reportbug@ohm.local> <[🔎] YTo66s9rx12Zu4of@aurel32.net> <[🔎] 163120477979.55329.17024209394569625767.reportbug@ohm.local> <[🔎] 6e39a1bd3d8254206463fb58569339d756960a82.camel@debian.org> <[🔎] 163120477979.55329.17024209394569625767.reportbug@ohm.local> <[🔎] YT+7tFIIg3zHGsLH@aurel32.net> <[🔎] YUBVu6TpmweWrl2k@momentum.pseudorandom.co.uk> <[🔎] 163120477979.55329.17024209394569625767.reportbug@ohm.local>

On 2021-09-14 08:56, Simon McVittie wrote:
> On Mon, 13 Sep 2021 at 22:59:32 +0200, Aurelien Jarno wrote:
> > - running the operation on a non-existing user, but as loginctl does a
> >   check that the user exists, it has to be done directly with the dbus
> >   API, for instance "gdbus call --system --dest org.freedesktop.login1
> >   --object-path /org/freedesktop/login1 --method
> >   org.freedesktop.login1.Manager.SetUserLinger 12345678 true true"
> > 
> > The latest is more a bit more complex to do (especially that
> > libglib2.0-bin is not necessarily installed on the system), but has the
> > advantage of exercising all configured NSS modules.
> 
> systemd happens to have its own D-Bus implementation sd-bus (a competitor
> to libdbus and GLib's GDBus) for which it provides busctl(1), an
> equivalent of gdbus(1) and dbus-send(1). So this could be written as:
> 
>     busctl call --system org.freedesktop.login1 /org/freedesktop/login1 \
>         org.freedesktop.login1.Manager SetUserLinger ubb $uid true true
> 
> which does not have dependencies outside systemd.deb.

Thanks a lot for the help here, as my knowledge with systemd is
relatively limited. That seems to work fine when executed just before
the libc6 upgrade in the script I use to trigger the upgrade at boot
time. I'll try to insert all pieces into libc6.preinst and see if that
still works.

> The nonexistent uid should probably be in one of the ranges reserved by
> Policy §9.2.2: perhaps 4294967294 or (uint32_t) -2, which is reserved
> as a representation of the anonymous NFS user?

Yes, that is probably a good pick. I guess we should actually disable
lingering (so ... ubb 4294967294 false false) to minimize the damages if
this user exists anyway.

Regards
Aurelien

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net

Reply to:

References:
- Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
  - From: Michael Biebl <biebl@debian.org>
- Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
  - From: Simon McVittie <smcv@debian.org>

Prev by Date: Re: Bug#994133: libc-bin: [iconv] [fr] Missing word in the French output of iconv
Next by Date: Processed: Bug#994006 marked as pending in glibc
Previous by thread: Bug#994006: libc6: NSS modules changes require a restart of systemd-logind, which is not possible
Next by thread: Processed: Bug#994006 marked as pending in glibc
Index(es):
- Date
- Thread