[Bug 941905] [NEW] keystone user should not have a primary group of nogroup

Andrew Glen-Young 941905 at bugs.launchpad.net
Mon Feb 27 13:25:14 UTC 2012

Public bug reported:

The keystone package creates a keystone user who's primary (and only)
group membership is 'nogroup'. This results in files/directories created
by the keystone user having 'nogroup' group ownership. This is
considered a bad thing.

The keystone user should have it's primary group set to 'keystone'.

I am currently using Precise and keystone-light, however the current
keystone package seems to be affected as well.

$ cat /etc/lsb-release 
DISTRIB_DESCRIPTION="Ubuntu precise (development branch)"

$ apt-cache madison keystone
  keystone | 2012.1+git201202210954-0ubuntu1 | http://ppa.launchpad.net/openstack-ubuntu-testing/openstack-ksl-testing/ubuntu/ precise/main amd64 Packages
  keystone | 2012.1~e4~20120203.1574-0ubuntu3 | http://archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages

I have attached a patch for keystone-light which should fix the problem
(liberally cribbed from the nova packages).

--- Tests ---

$ id keystone
uid=112(keystone) gid=65534(nogroup) groups=65534(nogroup)

$ getent passwd keystone

$ getent group keystone

** Affects: keystone (Ubuntu)
     Importance: Undecided
         Status: New

You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.

  keystone user should not have a primary group of nogroup

To manage notifications about this bug go to:

More information about the Ubuntu-server-bugs mailing list