tedge --init fails on fedora linux iot 38 due to mosquitto user false negative

[reubenmiller]

Describe the bug

Initializing tedge manually via tedge --init fails due to the following reason:

User not found: "mosquitto".

However the user does exist as trying to create it manually produces the following error message from useradd:

useradd mosquitto
useradd: user 'mosquitto' already exists

The user can also be verified to exist by checking the id <username> command:

id mosquitto
uid=979(mosquitto) gid=979(mosquitto) groups=979(mosquitto)

To Reproduce

1. Setup a device running Fedora IoT 38

2. Install mosquitto (and then reboot as the packages will only be available after a reboot due to the way rpm-ostree works)

   rpm-ostree install mosquitto --reboot

3. Download the tarball for the relavant cpu (in this case it was for aarch64)

   curl -L https://github.com/thin-edge/thin-edge.io/releases/download/0.11.0/tedge_0.11.0_aarch64-unknown-linux-musl.tar.gz -O

4. Expand downloaded tarball (extracting the thin-edge.io binaries)

   tar xvzf tedge_0.11.0_aarch64-unknown-linux-musl.tar.gz

5. Create the tedge user

   useradd tedge

6. Try to initialize tedge (running as root) (assuming you are in the folder where you downloaded and extracted the thin-edge.io tarball)

   ./tedge --init

Expected behavior

The tedge --init command should initialize successfully without an error (when the mosquitto package and user is installed).

Screenshots

The following is the log showing the error message when running the command as root.

[root@lumber ~]# ./tedge --version
tedge 0.11.0
[root@lumber ~]# ./tedge --init
Error: Failed to initialize tedge. You have to run tedge with sudo.

Caused by:
    User not found: "mosquitto".
[root@lumber ~]# id mosquitto
uid=979(mosquitto) gid=979(mosquitto) groups=979(mosquitto)
[root@lumber ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
jack:x:1000:1000::/var/home/jack:/bin/bash
tedge:x:1001:1001::/var/home/tedge:/bin/bash

Environment (please complete the following information):

• OS [incl. version]: Fedora Linux 38.20230419.2 (IoT Edition)
• Hardware [incl. revision]: Raspberry Pi 4
• System-Architecture [e.g. result of "uname -a"]: Linux lumber 6.2.9-300.fc38.aarch64 1 SMP PREEMPT_DYNAMIC Thu Mar 30 22:53:50 UTC 2023 aarch64 GNU/Linux
• thin-edge.io version [e.g. 0.1.0]: 0.11.0

Additional context

[reubenmiller]

After some further investigation, it seems the uzers library is unable to lookup the user id and group id, in an rpm-ostree environment.

Using the id command directly do not have such asn issue, e.g.id -u <user> and id -g <group> are able to lookup the ids successfully.

The following shows the file where the user/group lookups are being called from:

file: crates/common/tedge_utils/src/file.rs

use uzers::get_group_by_name;
use uzers::get_user_by_name;

It must be noted that the rpm-ostree handles users under /usr/lib/passwd and groups under /usr/lib/group (instead of /etc/passwd and /etc/groups), so this is most likely the cause problems with the current library.

[reubenmiller]

Though it seems there is a lot of ongoing work regarding the management of users/groups in rpm-ostree (currently it uses nss-altfiles), so it might be best to hold off further effort here:

• Package layering and passwd/group coreos/rpm-ostree#1843

Or alternatively see if there is a nss-altfiles crate which would support this scenario.

[reubenmiller]

An alternative solution would be to use the id command for user/group lookups as mentioned in #2851