WSL2
Viktor Dukhovni
ietf-dane at dukhovni.org
Thu Mar 11 20:36:07 UTC 2021
On Thu, Mar 11, 2021 at 07:53:20PM +0000, Simon Peyton Jones via ghc-devs wrote:
> Voila
Thanks!
> /etc/nsswitch.conf group entry
> group: files systemd
The main "suspicious" thing here (decoded traces below my signature) is
that the nsswitch.conf file is configured to try "systemd" as a source
of group data, but attempts to contact "systemd" or read the underlying
systemd store directly are failing. This is different from "not found",
where systemd might have furnished a negative reply (as is the case on
my Fedora 31 system, see below).
So a failure return code is not surprising, because the answer is not
authoritative, systemd might have answered differently if it had been
possible to query it. It appears the WSL2 systems have a systemically
misconfigured "nsswitch.conf" that wants to query "group" (and likely
other) data from an unavailable source.
[ Bottom line, the "unix" test case in question may need to be prepared
to encounter such misconfiguration of the test platform and accept
either type of error. Perhaps catch the IO expected IO exception, and
output a fixed "not found" message regardless of the exception details,
or by specifically checking for either of the two expected forms. ]
By way of contrast, on my Fedora system, systemd can actually be reached
and appears to respond to the "nss" library's satisfaction:
execve("/usr/bin/getent", ["getent", "group", "xyzzy0"], 0x7fff3afbcca0 /* 31 vars */) = 0
...
openat(AT_FDCWD, "/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
read(3, "root:x:0:\nbin:x:1:\ndaemon:x:2:\ns"..., 4096) = 1161
read(3, "", 4096) = 0
...
openat(AT_FDCWD, "/lib64/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 3
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 30) = 0
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
getsockopt(3, SOL_SOCKET, SO_PEERSEC, 0x5568c64660e0, [64]) = -1 ENOPROTOOPT (Protocol not available)
getsockopt(3, SOL_SOCKET, SO_PEERGROUPS, 0x5568c6466130, [256->0]) = 0
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\0AUTH EXTERNAL\r\nDATA\r\n", iov_len=22}, {iov_base="NEGOTIATE_UNIX_FD\r\n", iov_len=19}, {iov_base="BEGIN\r\n", iov_len=7}], msg_iovlen=3, msg_controllen=0, msg_flags=0}, MSG_DONTWAIT|MSG_NOSIGNAL) = 48
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="DATA\r\nOK 7bc788e33c85b875f6b74a6"..., iov_len=256}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 58
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\1\0\1\0\0\0\0\1\0\0\0m\0\0\0\1\1o\0\25\0\0\0/org/fre"..., iov_len=128}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_DONTWAIT|MSG_NOSIGNAL) = 128
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\2\1\1\16\0\0\0\377\377\377\377G\0\0\0\5\1u\0\1\0\0\0", iov_len=24}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 24
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\7\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0"..., iov_len=78}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 78
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\1\0\1\v\0\0\0\2\0\0\0\247\0\0\0\1\1o\0\31\0\0\0/org/fre"..., iov_len=184}, {iov_base="\6\0\0\0xyzzy0\0", iov_len=11}], msg_iovlen=2, msg_controllen=0, msg_flags=0}, MSG_DONTWAIT|MSG_NOSIGNAL) = 195
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\4\1\1\16\0\0\0\377\377\377\377\227\0\0\0\7\1s\0\24\0\0\0", iov_len=24}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 24
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="org.freedesktop.DBus\0\0\0\0\6\1s\0\t\0\0\0"..., iov_len=158}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 158
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\3\1\1(\0\0\0\257\30\r\0m\0\0\0\5\1u\0\2\0\0\0", iov_len=24}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 24
recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\6\1s\0\t\0\0\0:1.303526\0\0\0\0\0\0\0\4\1s\0*\0\0\0"..., iov_len=144}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_CMSG_CLOEXEC) = 144
close(3) = 0
--
Viktor.
So group lookups are configured to try /etc/group first, and then some
systemd-based machinery (possibly creating groups on the fly, ...).
> == Tracing getent group xyzzy0
execve("/usr/bin/getent", ["getent", "group", "xyzzy0"], 0x7ffeb59f7a30 /* 26 vars */) = 0
brk(NULL) = 0x55cb17d10000
... [ initialisation ] ...
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
close(3) = 0
... [ loading code for "files" ] ...
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
read(3, "root:x:0:\ndaemon:x:1:\nbin:x:2:\ns"..., 4096) = 828
read(3, "", 4096) = 0
... [ no match in "/etc/group" ] ...
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 3
... [ loading code for "systemd" ] ...
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path=@"userdb-16b836ad920fd3bea17e1fa40e9f2f3c"}, 42) = -1 ECONNREFUSED (Connection refused)
close(3) = 0
... [ failing to connect to systemd socket ] ...
openat(AT_FDCWD, "/run/systemd/userdb/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = -1 ENOENT (No such file or directory)
... [ failing to directly access the data ] ...
exit_group(2) = ?
... [ "not found" exit status ] ...
> == Tracing getgrnam xyzzy0
> (null)((nil)) No such process(3)
execve("./getgrnam", ["./getgrnam", "xyzzy0"], 0x7fff81dc1c38 /* 26 vars */) = 0
...
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
...
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
read(3, "root:x:0:\ndaemon:x:1:\nbin:x:2:\ns"..., 4096) = 828
read(3, "", 4096) = 0
...
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 3
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path=@"userdb-2cecd700b3e3705ac56ef006755c59a9"}, 42) = -1 ECONNREFUSED (Connection refused)
openat(AT_FDCWD, "/run/systemd/userdb/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = -1 ENOENT (No such file or directory)
write(1, "(null)((nil)) No such process(3)"..., 33) = 33
... [ same as getent(1), errno is from user-land,
otherwise would have been ENOENT, not ESRCH ]
> == Tracing getent group root
> root:x:0:
execve("/usr/bin/getent", ["getent", "group", "root"], 0x7ffea01ff4f0 /* 26 vars */) = 0
...
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
...
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
read(3, "root:x:0:\ndaemon:x:1:\nbin:x:2:\ns"..., 4096) = 828
write(1, "root:x:0:\n", 10) = 10
... [ found a match in /etc/group ] ...
exit_group(0) = ?
... [ success exit ] ...
> == Tracing getgrnam root
> root(0x7ffc07bd1490) Success(0)
execve("./getgrnam", ["./getgrnam", "root"], 0x7ffe5f593598 /* 26 vars */) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 3
read(3, "root:x:0:\ndaemon:x:1:\nbin:x:2:\ns"..., 4096) = 828
write(1, "root(0x7ffc07bd1490) Success(0)\n", 32) = 32
exit_group(0) = ?
... [ ditto ] ...
More information about the ghc-devs
mailing list