[BUG]: Unable to add user to the users group

[gbraad]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

It is currently not possible to add a user to the users group.

Expected Behavior

A usermod -a -G users <username> should work as expected.

Steps To Reproduce

bash-5.1# cat /etc/group | grep users
bash-5.1#
bash-5.1# groupadd -g 100 users
groupadd: group 'users' already exists
bash-5.1# useradd gbraad
bash-5.1# usermod -a -G users gbraad
bash-5.1# groups gbraad
gbraad : gbraad

The following workaround is possible:

bash-5.1# echo "users:x:100:gbraad" | sudo tee -a /etc/group
users:x:100:gbraad
bash-5.1# groups gbraad
gbraad : gbraad users

Anything else?

This is reported upstream: https://gitlab.com/fedora/bootc/base-images/-/issues/42 as this is also happening for the fedora-bootc and centos-bootc images.

Search terms

usermod users useradd

[gbraad]

I am guessing here; but I have seen changes related to sysusers.d; I think they might want to create the users group at boot-time or so (to handle possible upgrade scenarios?). If so, at the moment this is not working.

There are entries in /etc/group, but the users group does exist in /etc/gshadow:

$ cat /etc/gshadow | grep users
users:::

It seems it is defined in sysusers.d, but does not run ?

$ cat /usr/lib/sysusers.d/20-setup-groups.conf | grep users
g users 100

Does the entry in /etc/gshadow maybe causes issues with sysusers.d ?

[gbraad]

I think I got it:

$ getent -s altfiles group users
users:x:100:
$ ls -l /usr/lib/group /usr/lib/passwd
-rw-rw-r--. 1 root root  803 Jan  1  1970 /usr/lib/group
-rw-rw-r--. 1 root root 2058 Jan  1  1970 /usr/lib/passwd
$ cat /usr/lib/group | grep users
users:x:100:

So altfiles provides the value, but systemd-sysusers will not create the group /etc/, and usermod only operates on /etc properly as the filesystem at /usr is read-only. It should create the entries in /etc/ instead

[gbraad]

$ cat /etc/group | grep users
$ sudo bootc usr-overlay
Development mode enabled.  A writable overlayfs is now mounted on /usr.
All changes there will be discarded on reboot.
$ sudo rm -f /usr/lib/group
$ sudo systemd-sysusers
Creating group 'nobody' with GID 65534.
Creating group 'utmp' with GID 992.
Creating group 'audio' with GID 986.
Creating group 'cdrom' with GID 985.
Creating group 'dialout' with GID 984.
Creating group 'disk' with GID 983.
Creating group 'input' with GID 981.
Creating group 'kmem' with GID 980.
Creating group 'kvm' with GID 979.
Creating group 'lp' with GID 978.
Creating group 'render' with GID 977.
Creating group 'tape' with GID 976.
Creating group 'tty' with GID 5.
Creating group 'video' with GID 975.
Creating group 'users' with GID 100.
Creating group 'ssh_keys' with GID 101.
Creating group 'printadmin' with GID 974.
Creating group 'chrony' with GID 973.
Creating group 'dbus' with GID 972.
Creating group 'sshd' with GID 971.
Creating group 'systemd-coredump' with GID 970.
Creating group 'systemd-resolve' with GID 969.
Creating group 'tss' with GID 968.
/etc/gshadow: Group "tty" already exists.
$

For the command

$ usermod -a -G users gbraad

I expect if this can't work on /usr/lib it should error, otherwise it should fallback using /etc/group. At the moment it does neither.