Bug #15407

Prevent system user uid:s and gid:s from changing between releases

Added by anonym 2018-03-13 14:59:44 . Updated 2018-09-05 16:21:29 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Build system
Target version:
Start date:
2018-06-28
Due date:
% Done:

100%

Feature Branch:
kibi:bugfix/15695-avoid-breaking-automatic-upgrades-to-tails-3-9
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

In Tails 3.6 the uid and gid are different compared to previous releases, making incremental upgrades impossible. I.e. it is Bug #13426 all over again (see discussion there for details on why it breaks incremental upgrades). Let’s fix this for good this time!

The automatic upgrade bug this will fix was identified in aufs. Assuming overlayfs hasn’t this bug:


Files


Subtasks


Related issues

Related to Tails - Bug #13426: Tor does not start on Tails 3.0.1 automatically upgraded from 3.0 Resolved 2017-07-05
Related to Tails - Bug #15419: Detect earlier in the dev process if we're breaking automatic upgrades Resolved 2018-06-28
Related to Tails - Bug #15424: Use fixed UID and GID for debian-tor Rejected 2018-03-16
Related to Tails - Feature #8415: Migrate from aufs to overlayfs Resolved 2014-12-18
Related to Tails - Bug #15695: Avoid breaking automatic upgrades to Tails 3.9 Resolved 2018-06-30

History

#1 Updated by anonym 2018-03-13 15:00:54

#2 Updated by anonym 2018-03-13 15:01:16

  • related to Bug #13426: Tor does not start on Tails 3.0.1 automatically upgraded from 3.0 added

#3 Updated by anonym 2018-03-13 15:04:19

The real solution is Feature #8415 (see Bug #13426#note-10) but we probably want to solve it before that by hardcoding the uid:s and gid:s that the system users get, some how.

#4 Updated by anonym 2018-03-14 14:55:51

So in Tails 3.5 the debian-tor uid was 108 and in Tails 3.6 it is 107, which causes this new instance of Bug #13426. The reason is simple: in Tails 3.5 we have the systemd-bus-proxy user, but it is not present in Tails 3.6 due to the systemd upgrade.

(Now you might wonder why we didn’t catch this when testing Tails 3.6~rc1, since the systemd upgrade was in by then. Well, for some reason (I failed to find why) the Debian-exim user was added in Tails 3.6~rc1 only, which “took” systemd-bus-proxy’s place so the uid for debian-tor was the same as in Tails 3.5. Talk about bad luck! :/)

#5 Updated by intrigeri 2018-03-16 16:47:40

  • related to Bug #15419: Detect earlier in the dev process if we're breaking automatic upgrades added

#6 Updated by intrigeri 2018-03-16 16:49:21

  • Assignee deleted (intrigeri)
  • Target version changed from Tails_3.7 to Tails_4.0

Sadly, there won’t be incremental upgrades to the first release that includes the proper fix suggested on this ticket (using fixed UID+GID for the debian-tor user and possibly a few others). So I think we should do this in 4.0. I’m thus postponing this ticket accordingly. In passing, another option would be to use systemd dynamic users but it’s much more involved.

See Bug #15419 and Bug #15418 for the shorter-term workarounds.

#7 Updated by intrigeri 2018-03-16 17:14:57

  • Assignee set to segfault
  • Target version changed from Tails_4.0 to Tails_3.6.1

Actually there’s an ugly way (config/chroot_local-hooks/04-change-gids-and-uids) to freeze UID:s/GID:s without breaking automatic upgrades. segfault is giving it a try.

#8 Updated by segfault 2018-03-16 20:02:07

  • related to Bug #15424: Use fixed UID and GID for debian-tor added

#9 Updated by intrigeri 2018-03-16 20:51:44

  • Assignee deleted (segfault)
  • Target version changed from Tails_3.6.1 to Tails_4.0

What segfault has prepared (Bug #15424) is a small subset of what this ticket is about.

#10 Updated by intrigeri 2018-03-21 13:41:18

#11 Updated by intrigeri 2018-03-22 08:24:28

  • Description updated

#12 Updated by intrigeri 2018-03-22 08:24:42

  • blocked by deleted (Feature #13245: Core work 2018Q1: Foundations Team)

#13 Updated by intrigeri 2018-03-28 09:23:29

  • Target version changed from Tails_4.0 to Tails_3.8

#14 Updated by intrigeri 2018-04-11 09:29:01

  • Description updated

#15 Updated by intrigeri 2018-04-14 08:16:50

  • Assignee set to intrigeri

See Bug #15424#note-12 for updates. During next cycle I want to make a decision wrt. the timing/relevance of this task (see ticket description) and then make sure the corresponding work is assigned to someone.

#16 Updated by intrigeri 2018-04-14 08:17:15

#17 Updated by intrigeri 2018-06-19 16:28:48

  • Target version changed from Tails_3.8 to Tails_3.9

#18 Updated by intrigeri 2018-06-28 13:59:03

  • blocked by deleted (Feature #15139: Core work 2018Q2: Foundations Team)

#19 Updated by intrigeri 2018-06-28 13:59:04

#20 Updated by intrigeri 2018-06-28 20:35:01

  • Description updated

#21 Updated by intrigeri 2018-06-28 20:35:52

#22 Updated by intrigeri 2018-06-28 20:39:21

  • blocked by Bug #15689: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID added

#23 Updated by intrigeri 2018-06-28 20:48:58

  • blocks deleted (Bug #15689: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID)

#24 Updated by intrigeri 2018-06-28 20:49:32

  • Assignee deleted (intrigeri)

#25 Updated by intrigeri 2018-06-28 20:49:40

  • blocked by deleted (Feature #15334: Core work 2018Q3: Foundations Team)

#26 Updated by intrigeri 2018-06-28 20:55:52

  • Target version deleted (Tails_3.9)

#27 Updated by intrigeri 2018-06-30 12:48:26

  • related to Bug #15695: Avoid breaking automatic upgrades to Tails 3.9 added

#28 Updated by intrigeri 2018-08-14 14:59:29

  • Status changed from Confirmed to In Progress
  • Assignee set to segfault
  • Target version set to Tails_3.9
  • QA Check set to Ready for QA

The branch for Bug #15695 does this.

#29 Updated by intrigeri 2018-08-14 15:00:02

  • Feature Branch set to bugfix/15695-avoid-breaking-automatic-upgrades-to-tails-3-9

#30 Updated by intrigeri 2018-08-14 15:49:31

  • Assignee changed from segfault to CyrilBrulebois

#31 Updated by CyrilBrulebois 2018-08-14 16:30:38

  • Assignee changed from CyrilBrulebois to intrigeri
  • QA Check changed from Ready for QA to Pass
  • Feature Branch changed from bugfix/15695-avoid-breaking-automatic-upgrades-to-tails-3-9 to kibi:bugfix/15695-avoid-breaking-automatic-upgrades-to-tails-3-9

The changes look good to me, even if there were quite a few merges and fixups needed.

I’ve pushed a branch with the same name to my repository, only with a few squashed commits. git diff against the branch on the main repository shows no differences.

We could probably compare sorted lists, but after discussion with intrigeri, that looks to be happening seldomly enough that it’s not worth the cost.

#32 Updated by intrigeri 2018-08-14 16:54:09

  • Status changed from In Progress to Fix committed
  • Assignee deleted (intrigeri)
  • % Done changed from 0 to 100

#33 Updated by intrigeri 2018-09-05 16:21:29

  • Status changed from Fix committed to Resolved