Skip to content
GitLab
Closed
Issue created by Iain Hallam@iainhallam

sympl-filesystem-security: public-group doesn't work

Summary

When putting a group into <domain>/config/public-group, running sympl-filesystem-security produces the output id: ‘<group>’: no such user. Found on sympl-core/stretch 9.0.200510.0.

Steps to reproduce

Place the name of a group that isn't www-data in <domain>/config/public-group and run sympl-filesystem-security.

Possible fixes

https://gitlab.mythic-beasts.com/sympl/sympl/-/blob/buster/core/sbin/sympl-filesystem-security#L50 (and 51) use id -g $gid, which seems like it should find the GID of a group, but actually finds the GID of the primary group of user $gid. If no user of the same name as the requested group exists, this fails. The script seems like it will need to use getent group and cut or awk to get the right fields.

/cc @kelduum

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information