0

I have some issues with permission from various apps (such as accessing serial ports, despite being the dialout group, or contacting to Docker daemon, despite being in the docker group -- I think) and I need clarifications here.

When I run the id command, I get this:

uid=1000(eudoxos) gid=1000(eudoxos) groups=1000(eudoxos)

I understand that Debian/Ubuntu create separate primary group for each user (gid 1000).

When I look inside /etc/group, I see my username in a number of other groups (those are secondary groups, right?), such as adm, sudo, audio, plugdev, fuse, docker, dialout and so on). The id command should report those, as per GID, current, primary, supplementary, effective and real group IDs? but I don't see anything like that in the output. What am I missing? Is something misconfigured? (I did login anew after changing groups already)

EDIT: more information

$ grep eudoxos /etc/group
adm:x:4:eudoxos,syslog
dialout:x:20:eudoxos
cdrom:x:24:eudoxos
floppy:x:25:eudoxos
sudo:x:27:eudoxos
audio:x:29:eudoxos,pulse,timidity
dip:x:30:eudoxos
video:x:44:eudoxos
plugdev:x:46:eudoxos
eudoxos:x:1000:
fuse:x:104:eudoxos
lpadmin:x:111:eudoxos
admin:x:117:eudoxos
vboxusers:x:123:eudoxos
sambashare:x:129:eudoxos
pgrimaging:x:1003:eudoxos
docker:x:151:eudoxos
kvm:x:152:eudoxos
libvirt:x:153:eudoxos

and

$ grep group /etc/nsswitch.conf
group:          compat systemd
netgroup:       nis
eudoxos
  • 831
  • Can you add the output of grep eudoxos /etc/group and grep group /etc/nsswitch.conf to your question. – Thomas Jan 27 '19 at 14:01
  • added as edit :) – eudoxos Jan 27 '19 at 14:16
  • Hm...strange. Should work. Which distribution and version are you running? Does groups also do not show the groups? id -a? – Thomas Jan 27 '19 at 14:37
  • Ubuntu 18.04. id -a shows the same as id (i.e. uid=1000(eudoxos) gid=1000(eudoxos) groups=1000(eudoxos)) and groups only says eudoxos. ... – eudoxos Jan 27 '19 at 14:39
  • Just tested in a 18.04 VM and no problems at all. Did configure something on your own? Are you somehow in a docker or snap environment? – Thomas Jan 27 '19 at 14:46
  • It is a plain desktop installation. But I've kept upgrading it for maybe 5 years, so there might be leftovers somewhere... – eudoxos Jan 27 '19 at 15:02
  • did you logout and back in again after making the group changes? changes do not show up until then (or on modern systems sssd could be screwing you over, somehow) – thrig Jan 27 '19 at 15:45
  • Yes, login/logout was done many times in the meantime. – eudoxos Jan 27 '19 at 15:49
  • I got something. When I log in the console (or via sudo login in terminal emulator), I have all group memberships as they should be. It means something is failing in the X11 session startup. Anyone cas guess better what it is? – eudoxos Feb 20 '19 at 07:45
  • Ok, found it is a bug in lightdm, I posted that finding as an answer below. – eudoxos Feb 20 '19 at 07:53

1 Answers1

0

As indicated in my last comment, the issue only happens when logging into the GUI session (not in terminal). This lead quickly to finding reports of the same allover forums/bugzillas. It is a bug in lightdm (which I incidentally use) which has not been fixed. Commenting out pam_kwallet*.so from its config file and reboot fixes the issue.

Thanks to all those who were helpfully commenting on the issue above.

eudoxos
  • 831