Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.bugs.dist > #1288216
| From | Chris Hofstaedtler <zeha@debian.org> |
|---|---|
| Newsgroups | linux.debian.bugs.dist |
| Subject | Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values |
| Date | 2026-04-02 19:50 +0200 |
| Message-ID | <MFul3-cc87-5@gated-at.bofh.it> (permalink) |
| References | <MFaFI-bYKy-7@gated-at.bofh.it> <MFaFI-bYKy-7@gated-at.bofh.it> <MFbip-bZgb-1@gated-at.bofh.it> <MFaFI-bYKy-7@gated-at.bofh.it> <MFbip-bZgb-1@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
Hi Serge, On Wed, Apr 01, 2026 at 04:16:28PM -0500, Serge E. Hallyn wrote: > On Wed, Apr 01, 2026 at 10:40:01PM +0200, Aurelien Jarno wrote: > > Since version 0.91.6, sbuild started to use getsubids to parse > > /etc/subgid [1]. The format of this file is supposed to be [2]: > > > > login name or UID : numerical subordinate group ID : numerical subordinate group ID count > > > > Unfortunately getsubids parses it as login name or *GID*. This breaks > > when this file contains UID and when UID != GID: > > > > $ id buildd > > uid=2952(buildd) gid=1009(buildd) groupes=1009(buildd),115(sbuild) > > $ grep 2952 /etc/subgid > > 2952:193462272:65536 > > $ getsubids -g buildd > > Error fetching ranges > > > > Fortunately it seems that newgidmap parses the file correctly, so this > > is not a security issue. > > > > The following untested patch should fix the issue (which means that > > get_owner_id() can be simplified as this is the only caller: > > > > Indeed, thanks for the patch and catching that. > > Reviewed-by: Serge Hallyn <serge@hallyn.com> > > Not sure what the flow from here is. Would you mind sending a > patch to upstream at https://github.com/shadow-maint/shadow, > or, if you prefer not to, should I forward it? Could you take care of the upstream part? > I can see about preparing a shadow package for debian with this fix > and having Chris sponsor it, unless (my preference) he wants to > prepare it himself. I understand this is problematic for the Debian build infrastructure, so I'll apply the patch in Debian now directly. Best, Chris
Back to linux.debian.bugs.dist | Previous | Next — Previous in thread | Next in thread | Find similar
Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Aurelien Jarno <aurel32@debian.org> - 2026-04-01 22:50 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values "Serge E. Hallyn" <serge@hallyn.com> - 2026-04-01 23:30 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Chris Hofstaedtler <zeha@debian.org> - 2026-04-02 19:50 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Aurelien Jarno <aurel32@debian.org> - 2026-04-02 20:00 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Chris Hofstaedtler <zeha@debian.org> - 2026-04-03 12:00 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Jochen Sprickerhof <jspricke@debian.org> - 2026-04-03 17:30 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Aurelien Jarno <aurel32@debian.org> - 2026-04-03 20:00 +0200
Bug#1132509: [Pkg-shadow-devel] Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Aurelien Jarno <aurel32@debian.org> - 2026-04-02 20:00 +0200
Bug#1132509: uidmap: getsubids look up /etc/subgid by gid instead of uid when using numerical values Johannes Schauer Marin Rodrigues <josch@debian.org> - 2026-04-01 23:50 +0200
csiph-web