1

Problem

Context: Fedora CoreOS operating system (read-only root filesystem).

I'm trying to add myuser to group dialout so I can access /dev/ttyS1 via its group owner. However, during first boot, Ignition phase keeps failing.

Questions:

  • How can I add a custom user to group dialout?
  • How is it possible that it fails with the 2 error messages below ("group doesn't exist" and "group already exists")?

Docs reference: Fedora CoreOS Docs | Configuring Groups

What I tried

Adding User to Group

It fails with message "useradd: group 'dialout' does not exist\n".

Butane config:

variant: fcos
version: 1.6.0
passwd:
  users:
    - name: myuser
      # Password: mypassword
      password_hash: "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4"
      groups:
        - sudo
        - dialout
      home_dir: /home/myuser
      shell: /bin/bash
      uid: 1001

Ignition config:

{
  "ignition": {
    "version": "3.5.0"
  },
  "passwd": {
    "users": [
      {
        "groups": [
          "sudo",
          "dialout"
        ],
        "homeDir": "/home/myuser",
        "name": "myuser",
        "passwordHash": "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4",
        "shell": "/bin/bash",
        "uid": 1001
      }
    ]
  }
}

Logs (journalctl):

...
ignition[1195]: files: ensureUsers: op(2): [started] creating or modifying user "myuser"
ignition[1195]: files: ensureUsers: op(2): executing: "useradd" "--root" "/sysroot" "--home-dir" "/home/myuser" "--create-home" "--password" "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4" "--uid" "1001" "--groups" "sudo,dialout" "--shell" "/bin/bash" "myuser"
ignition[1195]: files: ensureUsers: op(2): [failed]   creating or modifying user "myuser": exit status 6: Cmd: "useradd" "--root" "/sysroot" "--home-dir" "/home/myuser" "--create-home" "--password" "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4" "--uid" "1001" "--groups" "sudo,dialout" "--shell" "/bin/bash" "myuser" Stdout: "" Stderr: "useradd: group 'dialout' does not exist\n"
systemd[1]: ignition-files.service: Main process exited, code=exited, status=1/FAILURE
...
systemd[1]: ignition-files.service: Failed with result 'exit-code'.

Creating Group AND Adding User to Group

This time it fails with message "groupadd: group 'dialout' already exists\n".

Butane config:

variant: fcos
version: 1.6.0
passwd:
  groups:
    - name: dialout
      gid: 18  # Standard dialout GID
  users:
    - name: myuser
      # Password: mypassword
      password_hash: "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4"
      groups:
        - sudo
        - dialout
      home_dir: /home/myuser
      shell: /bin/bash
      uid: 1001

Ignition config:

{
  "ignition": {
    "version": "3.5.0"
  },
  "passwd": {
    "groups": [
      {
        "gid": 18,
        "name": "dialout"
      }
    ],
    "users": [
      {
        "groups": [
          "sudo",
          "dialout"
        ],
        "homeDir": "/home/myuser",
        "name": "myuser",
        "passwordHash": "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4",
        "shell": "/bin/bash",
        "uid": 1001
      }
    ]
  }
}

Logs (journalctl):

ignition[1193]: files: ensureGroups: op(1): [started] adding group "dialout" 
ignition[1193]: files: ensureGroups: op(1): executing: "groupadd" "--root" "/sysroot" "--gid" "18" "--password" "*" "dialout"
ignition[1193]: files: ensureGroups: op(1): [failed]   adding group "dialout": exit status 9: Cmd "groupadd" "--root" "/sysroot" "--gid" "18" "--password" "*" "dialout" Stdout: "" Stderr: "groupadd: group 'dialout' already exists\n"
...
systemd[1]: ignition-files.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: ignition-files.service: Failed with result 'exit-code'.
systemd[1]: Failed to start ignition-files.service - Ignition (files).
Improve this question
2
  • 2
    "dialout group" is something I haven't heard in 20 years :) Are we sure this is where you want to take this? To me this sounds more like you should do the opposite: configure udev such that it gives access to exactly the USB-to-serial device you want to exactly the user you want? Commented May 15 at 13:04
  • I just found something related: github.com/coreos/rpm-ostree/issues/49#issuecomment-478091562 Commented Jun 4 at 13:59

2 Answers 2

Reset to default
1

Workaround

I was able to add the user myuser to group dialout via the following commands:

grep -qE "^dialout:" /etc/group || grep -E "^dialout:" /usr/lib/group >> /etc/group
usermod -a -G dialout myuser

Full Butane configuration:

variant: fcos
version: 1.6.0
passwd:
  users:
    - name: myuser
      # Password: mypassword
      password_hash: "$y$j9T$tZyPwp1NEbj9P6WAv.F720$Rj9PJnLqoTph5k2Qd5hAPLF6Evsp9TEgCz5ZkmwMHT4"
      groups:
        - sudo
      home_dir: /home/myuser
      shell: /bin/bash
      uid: 1001

systemd:
  units:
    - name: add-myuser-to-dialout.service
      enabled: true
      contents: |
        [Unit]
        Description=Add myuser to dialout group
        Wants=sysinit.target
        After=sysinit.target
        Before=zincati.service
        ConditionPathExists=!/var/lib/%N.stamp

        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/bin/sh -eux -c 'grep -qE "^dialout:" /etc/group || grep -E "^dialout:" /usr/lib/group >> /etc/group'
        ExecStart=/bin/sh -eux -c 'usermod -a -G dialout myuser'
        ExecStart=/bin/touch /var/lib/%N.stamp

        [Install]
        WantedBy=multi-user.target
Improve this answer
0

I'm not super familiar with Fedora CoreOS, but maybe it's wrongfully reporting an already-existing gid as an already-existing group with that name. In other words, try changing the dialout GID to one that you know is unused. I'd check /etc/group and see which GIDs are already taken, and use one that is not in there.

Improve this answer
0

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.