From: bugzilla@busybox.net
To: buildroot@uclibc.org
Subject: [Buildroot] [Bug 16015] New: nginx incorrectly created user group
Date: Sat, 30 Mar 2024 14:18:24 +0000 [thread overview]
Message-ID: <bug-16015-163@https.bugs.busybox.net/> (raw)
https://bugs.busybox.net/show_bug.cgi?id=16015
Bug ID: 16015
Summary: nginx incorrectly created user group
Product: buildroot
Version: 2023.02.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Other
Assignee: unassigned@buildroot.uclibc.org
Reporter: daiwei@sunkaisens.com
CC: buildroot@uclibc.org
Target Milestone: ---
Because of special needs, I set the directories using nginx to the home path of
www-data.
nginx.mk:
----------------------------
# www-data user and group are used for nginx. Because these user and group
# are already set by buildroot, it is not necessary to redefine them.
# See system/skeleton/etc/passwd
# username: www-data uid: 33
# groupname: www-data gid: 33
#
# So, we just need to create the directories used by nginx with the right
# ownership.
define NGINX_PERMISSIONS
/opt/var/lib/nginx d 755 33 33 - - - - -
endef
-----------------------------
At the same time, I modified the /etc/passwd file in the skeleton.
-------------------------------
[root@MiWiFi-R4A-srv skeleton]# more etc/passwd
root:x:0:0:root:/root:/bin/sh
daemon:x:1:1:daemon:/usr/sbin:/bin/false
bin:x:2:2:bin:/bin:/bin/false
sys:x:3:3:sys:/dev:/bin/false
sync:x:4:100:sync:/bin:/bin/sync
mail:x:8:8:mail:/var/spool/mail:/bin/false
www-data:x:33:33:www-data:/opt/var/lib/nginx:/bin/false
operator:x:37:37:Operator:/var:/bin/false
nobody:x:65534:65534:nobody:/home:/bin/false
----------------------------
After selecting nginx and compiling, the permissions of the generated nginx
file are changed to tape[group name].
The following is the file output by the output:
[root@MiWiFi-R4A-srv lib]# pwd
/home/build/buildroot-2023.02.9/output/images/opt/var/lib
[root@MiWiFi-R4A-srv lib]# ll -rlth
总用量 0
drwxr-xr-x. 2 102 103 6 3月 30 21:14 mysql
drwxr-xr-x. 2 105 106 6 3月 30 21:16 redis
drwxr-xr-x. 2 33 tape 6 3月 30 21:16 nginx
After my inspection, I found that the group name of GID 33 of the compilation
host is tape.
/etc/group on MyHost:
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:
cdrom:x:11:
mail:x:12:
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:33:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
users:x:100:
nobody:x:65534:
utmp:x:22:
utempter:x:35:
input:x:999:
kvm:x:36:qemu
render:x:998:
systemd-journal:x:190:
systemd-coredump:x:997:
dbus:x:81:
polkitd:x:996:
printadmin:x:995:
ssh_keys:x:994:
avahi:x:70:
rtkit:x:172:
sssd:x:993:
pipewire:x:992:
sgx:x:991:
libstoragemgmt:x:990:
systemd-oom:x:989:
brlapi:x:988:
tss:x:59:clevis
geoclue:x:987:
cockpit-ws:x:986:
cockpit-wsinstance:x:985:
flatpak:x:984:
colord:x:983:
clevis:x:982:
setroubleshoot:x:981:
gdm:x:42:
gnome-initial-setup:x:980:
sshd:x:74:
slocate:x:21:
chrony:x:979:
dnsmasq:x:978:
tcpdump:x:72:
build:x:1000:
wireshark:x:977:
usbmon:x:976:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
pesign:x:975:
qemu:x:107:
After testing, if I delete the tape group(gid 33) in the group on my
compilation host,the permissions of the compiled nginx files are correct(show
gid 33).Or if I change the user group with gid 33 to another name, the nginx
directory will be set to the new group(gid 33).
like below:
[root@MiWiFi-R4A-srv opt]# ll -lrt var/lib/
总用量 0
drwxr-xr-x. 2 102 103 6 3月 30 21:14 mysql
drwxr-xr-x. 2 105 106 6 3月 30 21:16 redis
drwxr-xr-x. 2 33 nonono 6 3月 30 21:16 nginx
I think that when building nginx, it did not correctly handle the permission
issue of the created file, and nginx did not find the correct gid in the
skeleton. It seems to be looking for the gid it belongs to in /etc/group on my
host.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next reply other threads:[~2024-03-30 14:18 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-30 14:18 bugzilla [this message]
2024-06-15 15:22 ` [Buildroot] [Bug 16015] nginx incorrectly created user group bugzilla
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-16015-163@https.bugs.busybox.net/ \
--to=bugzilla@busybox.net \
--cc=buildroot@uclibc.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox