Bug#1126844: systemd: udev rules reject valid OWNER= and GROUP= settings

equinox at diac24.net equinox at diac24.net
Mon Feb 2 11:28:44 GMT 2026 

Package: systemd
Version: 259-1
Severity: important
Tags: upstream

Starting with systemd 258, it seems "non-system" users and groups are
rejected for the OWNER= and GROUP= settings in udev rules.  This breaks
any installation that has rules set up for particular users to own
particular devices, e.g. in my case a small list of USB device serial
numbers with associated owners.

The change in behavior seems to have been accidentally introduced in
https://github.com/systemd/systemd/commit/f5cdf9515aceca2e91f9a33b74267e0cf5a5b7e8
and after being reported as bug, retroactively justified as policy in
https://github.com/systemd/systemd/issues/39056

As is sadly usual with systemd issues, the discussion is not
particularly productive.  Replacing OWNER="xyz" with RUN+="chown xyz %N"
is being suggested (by other users) as workaround; there is no
configuration option or otherwise that allows reenabling the broken
OWNER= and GROUP= functionality.  At the end of the day, it's a
regression with no clear reasoning provided, and it seems to be
affecting a bunch of people.

I would request that f5cdf95 simply be reverted in the Debian package.
If that's not viable, at least a 'grep OWNER= /etc/udev/rules.d' +
warning in the package update scripts seems prudent as to not catch out
people completely by surprise.

Cheers,


-equi


-- Package-specific info:

-- System Information:
Debian Release: forky/sid
  APT prefers testing
  APT policy: (600, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable-debug'), (500, 'oldstable'), (400, 'unstable'), (300, 'jammy-updates'), (300, 'jammy-security'), (300, 'jammy'), (300, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.17.12+ (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd depends on:
ii  libc6              2.42-11
ii  libssl3t64         3.5.5-1
ii  libsystemd-shared  259-1
ii  libsystemd0        259-1
ii  mount              2.41.3-3

Versions of packages systemd recommends:
ii  dbus [default-dbus-system-bus]  1.16.2-2+b1
ii  linux-sysctl-defaults           4.15
ii  login                           1:4.16.0-2+really2.41.3-3
ii  ntpsec [time-daemon]            1.2.3+dfsg1-8
pn  systemd-cryptsetup              <none>

Versions of packages systemd suggests:
ii  libtss2-tcti-device0t64 [libtss2-tcti-device0]  4.1.3-1.3
ii  polkitd                                         127-1
pn  systemd-boot                                    <none>
ii  systemd-container                               259-1
pn  systemd-homed                                   <none>
ii  systemd-repart                                  259-1
pn  systemd-resolved                                <none>
ii  systemd-userdbd                                 259-1

Versions of packages systemd is related to:
ii  dbus-user-session  1.16.2-2+b1
pn  dracut             <none>
it  initramfs-tools    0.150
ii  libnss-systemd     259-1
ii  libpam-systemd     259-1
ii  udev               259-1

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list