Bug#923881: systemd: user session fails when home directory contains /./

Stephane Chazelas stephane.chazelas at gmail.com
Wed Mar 6 17:28:47 GMT 2019 

Package: systemd
Version: 241-1
Severity: normal
Tags: patch upstream

Dear Maintainer,

At work, users (in LDAP) have home directories set as
/export/./home/username. The /./ is used for instance by vsftpd
to indicate the location where the users are chrooted into (not
relevant to this bug other than it gives some context as to why
there's a /./ in there).

With those home directories however, user login sessions don't
work properly, with for instance lxpolkit complaining about a
missing session, or network manager complaining about
insufficient rights. systemd-cgls doesn't show "user" control
groups. When using gdm3 and gnome, it's impossible to login (log
back out straight after authentication).

The auth logs have:

systemd-logind[1386]: Failed to start session scope session-17.scope: Failed to add required mount "/export/./home/stephane": Success

Turns out systemd doesn't like that /./. Looking at the code, it
fails because the path is not "normalized".

I'm not sure when it stopped working (Ubuntu's 237-3ubuntu10.13
package doesn't have the problem, 240-2 already had the problem,
my auth.log doesn't go further back).

The patch below fixes the problem for me. We call path_simplify
with a "kill_dots" argument of "true" instead of "false".

--- systemd-241/src/core/unit.c~	2019-03-06 16:53:30.910741632 +0000
+++ systemd-241/src/core/unit.c	2019-03-06 16:26:00.018550897 +0000
@@ -4598,7 +4598,7 @@ int unit_require_mounts_for(Unit *u, con
         if (!p)
                 return -ENOMEM;
 
-        path = path_simplify(p, false);
+        path = path_simplify(p, true);
 
         if (!path_is_normalized(path))
                 return -EPERM;
-- Package-specific info:

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-updates'), (500, 'oldstable-updates'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd depends on:
ii  adduser          3.118
ii  libacl1          2.2.52-5
ii  libapparmor1     2.13.2-7
ii  libaudit1        1:2.8.4-2
ii  libblkid1        2.33.1-0.1
ii  libc6            2.28-7
ii  libcap2          1:2.25-2
ii  libcryptsetup12  2:2.1.0-1
ii  libgcrypt20      1.8.4-5
ii  libgnutls30      3.6.6-2
ii  libgpg-error0    1.35-1
ii  libidn11         1.33-2.2
ii  libip4tc0        1.8.2-3
ii  libkmod2         26-1
ii  liblz4-1         1.8.3-1
ii  liblzma5         5.2.4-1
ii  libmount1        2.33.1-0.1
ii  libpam0g         1.3.1-5
ii  libseccomp2      2.3.3-4
ii  libselinux1      2.8-1+b1
ii  libsystemd0      241-1
ii  mount            2.33.1-0.1
ii  util-linux       2.33.1-0.1

Versions of packages systemd recommends:
ii  dbus            1.12.12-1
ii  libpam-systemd  241-1

Versions of packages systemd suggests:
ii  policykit-1        0.105-25
pn  systemd-container  <none>

Versions of packages systemd is related to:
pn  dracut           <none>
ii  initramfs-tools  0.133
ii  udev             241-1

-- debconf-show failed

More information about the Pkg-systemd-maintainers mailing list