Bug 38993 - W: failed to convert the username messagebus to the uid
W: failed to convert the username messagebus to the uid
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Update - univention-updater
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.1-0-errata
Assigned To: Philipp Hahn
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-07-21 09:21 CEST by FMPIT
Modified: 2016-01-27 16:23 CET (History)
8 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
Update log to errata258 (28.69 KB, text/x-log)
2015-07-21 09:21 CEST, FMPIT
Details

Note You need to log in before you can comment on or make changes to this bug.
Description FMPIT 2015-07-21 09:21:38 CEST
Created attachment 7037 [details]
Update log to errata258

UCS asked me to update the newest packages and I did. Everything seems to be OK until there is an error which appeared several times during the updating process: "W: failed to convert the username messagebus to the uid"

The update finished successfully but I don't know why this notice appear and how to solve it. Pls check the update log (just recent update to errata258) and help me. Thank you.
Comment 1 Philipp Hahn univentionstaff 2015-07-21 09:53:52 CEST
The message is harmless and can be ignored, as is is only to allow the group "messagebus" to read /etc/libnss-ldap.conf. (Bug #28807)

It's a bug in univention-pam.info, which references the user-id "messagebus", which is no longer a default user in Debian. The user is created dynamically when the package "dbus" is installed. As no UCS package depends on "dbus" by default, the user-ID can't be converted into a numerical UID.

See Bug #36168, as the missing "dbus(-x11)" packages are the reason for Firefox printing lots of warnings.

Thanks you for the report.
Comment 2 Michael Grandjean univentionstaff 2015-12-15 20:26:09 CET
Customer observed this during UCS@school Workshop.
Comment 3 Stephan Hendl 2015-12-16 12:33:04 CET
Same behavior in UCS-4.1-0.
Comment 4 Lutz Willek 2016-01-09 20:33:25 CET
Hallo Herr Hahn,

The bug in the "univention-pam.info" file have more negative impacts: password change related errors seems to be related to this bug if the user messagebus does not exist in the system, because the logfile is misleading in this case.

Here's an example:

root@nfs:~# ucr set server/password/interval=1
Setting server/password/interval
root@nfs:~# /usr/lib/univention-server/server_password_change
failed to change server password for cn=nfs,cn=computers,dc=***,dc=de

root@nfs:~# tail -5 /var/log/univention/server_password_change.log
run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-libnss-ldap nochange
W: failed to convert the username messagebus to the uid
File: /etc/libnss-ldap.conf
run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-nscd nochange
failed to change server password for cn=nfs,cn=computers,dc=***,dc=de
root@nfs:~# ucr commit /etc/libnss-ldap.conf
W: failed to convert the username messagebus to the uid
File: /etc/libnss-ldap.conf

root@nfs:~# id messagebus
id: messagebus: Einen solchen Benutzer gibt es nicht
root@nfs:~# dpkg -l | grep ' dbus '
root@nfs:~# 


A quick fix would be simply to install the missing dbus package, but that is not suitable for any environment.

Another quick fix is to create the user messagebus by hand, without installing the dbus package, what I have done to solve the problem in this case. (exactly as described in the file /var/lib/dpkg/info/dbus.postinst, please look on it at a dbus installed system)

As root i did the following:

MESSAGEUSER=messagebus
MESSAGEHOME=/var/run/dbus
adduser --system \
    --quiet \
    --home "$MESSAGEHOME" \
    --no-create-home \
    --disabled-password \
    --group "$MESSAGEUSER"

This step is idempotent and does not interfere with the later installation of dbus.

My suggestion would be a patch for the univention-pam package. The patch should simply create the user "messagebus" during the install of univention-pam, as described above. Erroneous or misleading error messages can be avoided by this step.

Regards Lutz Willek
Comment 5 Philipp Hahn univentionstaff 2016-01-11 17:23:17 CET
(In reply to Lutz Willek from comment #4)
> The bug in the "univention-pam.info" file have more negative impacts:
> password change related errors seems to be related to this bug if the user
> messagebus does not exist in the system, because the logfile is misleading
> in this case.

The messages are cosmetic by nature and can be ignored.
But as this is quiet annoying:

> Another quick fix is to create the user messagebus by hand, without
> installing the dbus package, what I have done to solve the problem in this
> case. (exactly as described in the file /var/lib/dpkg/info/dbus.postinst,
> please look on it at a dbus installed system)

Did that, thank you for the idea.

r66716 | Bug #38993 PAM: Create user 'messagebus'


r66721 | Bug #38993 PAM: Create user 'messagebus' YAML
 univention-pam.yaml
Comment 6 Felix Botner univentionstaff 2016-01-26 17:19:55 CET
OK - messagebus user is created during update (no dbus package)
OK - installation of dbus ok if messagebus user is created by univention-pam
OK - upgrade of univention-pam works fine if messagebus already exists
     (dbus package)

OK - YAML
Comment 7 Janek Walkenhorst univentionstaff 2016-01-27 16:23:22 CET
<http://errata.software-univention.de/ucs/4.1/67.html>