Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-5222

[RFE] openssh use systemd-sysusers

    • openssh-8.7p1-35.el9
    • Minor
    • 1
    • sst_security_crypto
    • ssg_security
    • 16
    • 0.2
    • QE ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto23Q4
    • Hide

      AC1) Sanity only verification that the patch is in compose, applied.

      Show
      AC1) Sanity only verification that the patch is in compose, applied.
    • Pass
    • None
    • Enhancement
    • Hide
      .User and group creation in OpenSSH uses the `sysusers.d` format

      Previously, OpenSSH used static `useradd` scripts. With this update, OpenSSH uses the `sysusers.d` format to declare system users, which makes it possible to introspect system users.
      Show
      .User and group creation in OpenSSH uses the `sysusers.d` format Previously, OpenSSH used static `useradd` scripts. With this update, OpenSSH uses the `sysusers.d` format to declare system users, which makes it possible to introspect system users.
    • Done
    • None

      Description of problem:
      openssh is using static useradd scripts

      Version-Release number of selected component (if applicable):
      openssh-8.7p1-8.el9

      How reproducible:
      100%

      Steps to Reproduce:
      1.review %pre
      2.
      3.

      Actual results:

      %pre server
      getent group sshd >/dev/null || groupadd -g %

      {sshd_uid} -r sshd || :
      getent passwd sshd >/dev/null || \
      useradd -c "Privilege-separated SSH" -u %{sshd_uid}

      -g sshd \
      -s /sbin/nologin -r -d /usr/share/empty.sshd sshd 2> /dev/null || :

      Expected results:
      use of system-sysusers

      Additional info:
      https://www.freedesktop.org/software/systemd/man/systemd-sysusers.html
      https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format

            dbelyavs@redhat.com Dmitry Belyavskiy
            riehecky Pat Riehecky
            Miluse Bezo Konecna Miluse Bezo Konecna
            Jan Fiala Jan Fiala
            Votes:
            0 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated:
              Resolved: