Bug#854252: biboumi: systemd unit file references non-existant group

Jonas Wielicki jonas at wielicki.name
Sun Feb 5 13:50:02 UTC 2017 

Package: biboumi
Version: 4.0-1
Severity: important

Dear Maintainer,

systemctl start biboumi fails because the group "nobody" does not exist:

--- 8< ---
root at biboumi:~# systemctl restart biboumi
Job for biboumi.service failed. See 'systemctl status biboumi.service' and
'journalctl -xn' for details.

root at biboumi:~# systemctl status biboumi
● biboumi.service - Biboumi, XMPP to IRC gateway
   Loaded: loaded (/lib/systemd/system/biboumi.service; disabled)
   Active: failed (Result: start-limit) since Sun 2017-02-05 10:20:43 UTC;
547ms ago
     Docs: man:biboumi(1)
           https://biboumi.louiz.org
  Process: 12981 ExecStart=/usr/bin/biboumi /etc/biboumi/biboumi.cfg
(code=exited, status=216/GROUP)
 Main PID: 12981 (code=exited, status=216/GROUP)

root at biboumi:~# systemctl cat biboumi
# /lib/systemd/system/biboumi.service
[Unit]
Description=Biboumi, XMPP to IRC gateway
Documentation=man:biboumi(1) https://biboumi.louiz.org
After=network.target

[Service]
Type=notify
ExecStart=/usr/bin/biboumi /etc/biboumi/biboumi.cfg
ExecReload=/bin/kill -s USR1 $MAINPID
WatchdogSec=20
Restart=always
User=nobody
Group=nobody

[Install]
WantedBy=multi-user.target
--- >8 ---


A workaround is to place the following in
/etc/systemd/system/biboumi.service.d/override.conf:

--- 8< ---
[Service]
Group=nogroup
--- >8 ---

Even better would be to provide a separate user and group for biboumi. This
allows to harden the configuration file making it readable only for the biboumi
user. This is relevant because the configuration file contains secrets.

Best regards,
Jonas Wielicki



-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages biboumi depends on:
ii  libc-ares2   1.12.0-1
ii  libc6        2.24-9
ii  libexpat1    2.2.0-2
ii  libgcc1      1:6.3.0-5
ii  libidn11     1.33-1
ii  libstdc++6   6.3.0-5
ii  libsystemd0  232-15
ii  libuuid1     2.29.1-1

biboumi recommends no packages.

biboumi suggests no packages.

-- no debconf information

More information about the Pkg-voip-maintainers mailing list