Bug#982976: systemd-coredump user is created by something other than its derived systemd packages

[Eric Desrochers]

It may have some effect in certain corner cases. One I have in mind is CIS
hardening benchmark which provides prescriptive guidance for establishing a
secure IT Infrastructure, with specific requirement related to home
directory.
That is how I came across this situation.

It could also be misleading for certain users as sysuser and
system-coredump directives aren't the same ("/" vs "/run/systemd")
Additionally, I don't see why systemd-coredump user would be implicitly
created, unless it is necessary without its corresponding binary package,
systemd-coredump,  installed.

- Eric

On Wed, Feb 17, 2021 at 12:17 PM Michael Biebl <biebl at debian.org> wrote:

> Am 17.02.21 um 17:50 schrieb Eric Desrochers:
> > Package: systemd
> > Version: 247.2-5
> > Severity: normal
> > X-Debbugs-Cc: eric.desrochers at canonical.com
> >
> > Dear Maintainer,
> >
> > Detailled informations can be found in
> https://launchpad.net/bugs/1915936
> >
> > Basically, systemd-coredump system user get created via systemd-sysusers
> and
> > default its home directory to "/", and this happen even if
> systemd-coredump
> > binary pkg isn't installed. The maintainer script (postinst) in systemd
> src
> > code for systemd-coredump has a different  home directory "/run/systemd".
>
> /usr/lib/sysusers.d/systemd.conf is shipped by the systemd package (and
> contains the definition for the systemd-coredump user.
> I don't think it's really worth splitting up that file, fwiw.
>
> Is there actually a problem or mainly a cosmetic issue that the home
> directories differ?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20210217/3ea0795f/attachment.html>