Unable to start container if user is managed by Active Directory (contains @ "at" sign) #1022

Mazwak · 2022-03-14T15:20:53Z

Describe the bug

If I try to enter a toolbox and my username contains '@', it fails with:
Error: invalid entry point PID of container test

If I try to attach with podman, the error is more obvious:
passwd: Libuser error at line: 210 - name contains invalid char `@'.
Error: failed to remove password for user [email protected]: failed to invoke passwd(1)

Steps how to reproduce the behaviour
Create a user with '@' in it.
toolbox create test
toolbox enter test

Expected behaviour
Entering the toolbox without error, at best.
Failing with a usefull message, at least.

Actual behaviour
Fails with a useless message.
I agree with #691 (comment) that debug info did not help at all.
Only trying with podman, after reading #691 (comment) did help.

Output of toolbox --version (v0.0.90+)

toolbox version 0.0.99.3

Toolbox package info (rpm -q toolbox)

toolbox-0.0.99.3-2.fc35.x86_64

Output of podman version
e.g.,

Version:      3.4.4
API Version:  3.4.4
Go Version:   go1.16.8
Built:        Wed Dec  8 22:45:07 2021
OS/Arch:      linux/amd64

Podman package info (rpm -q podman)

podman-3.4.4-1.fc35.x86_64

Info about your OS
Fedora Silverblue 35

Additional context

My user is imported from ActiveDirectory, and thus is [email protected].

The text was updated successfully, but these errors were encountered:

yrro · 2022-11-17T17:39:34Z

The problem is really the usermod command. I can toolbox enter debian-10 just fine, which ships shadow-utils 4.5; but toolbox-enter centos-stream8, which ships shadow-utils 4.6, gives me this error. Additionally I've noticed in the man page that usernames are limited to 32 characters, which is way too short for many users in an Active Directory environment!

But Toolbox can't do anything to fix the usermod command in dozens of old versions of distros. So what else could it do; detecting that useradd has failed, and re-running it with a modified username that is known to be accepted by usermod would be one approach.

debarshiray · 2022-11-29T02:02:19Z

Duplicate of #585

debarshiray · 2022-11-29T02:06:22Z

Closing. Thanks for your interest in Toolbx and digging into this!

yrro · 2022-11-29T10:01:36Z

Thanks. Apologies for not finding the duplicate issue...

Mazwak added the 1. Bug Something isn't working label Mar 14, 2022

HarryMichal changed the title ~~Unable to start container if user contains @ (at sign)~~ Unable to start container if user is managed by Active Directory (contains @ "at" sign) Mar 20, 2022

HarryMichal added 5. Help Wanted Extra attention is needed 2. Container Realm The issue is related to what happens inside of a toolbox container 2. Container Configuration Configuration of a container. Mounts, environmental variables, privileges. labels Mar 20, 2022

debarshiray marked this as a duplicate of #585 Nov 29, 2022

debarshiray mentioned this issue Nov 29, 2022

Doesn't work if user is managed by Active Directory (contains @ "at" sign) #585

Open

debarshiray closed this as completed Nov 29, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Unable to start container if user is managed by Active Directory (contains @ "at" sign) #1022

Unable to start container if user is managed by Active Directory (contains @ "at" sign) #1022

Mazwak commented Mar 14, 2022

yrro commented Nov 17, 2022

debarshiray commented Nov 29, 2022

debarshiray commented Nov 29, 2022

yrro commented Nov 29, 2022

Unable to start container if user is managed by Active Directory (contains @ "at" sign) #1022

Unable to start container if user is managed by Active Directory (contains @ "at" sign) #1022

Comments

Mazwak commented Mar 14, 2022

yrro commented Nov 17, 2022

debarshiray commented Nov 29, 2022

debarshiray commented Nov 29, 2022

yrro commented Nov 29, 2022