Ubuntu
initramfs-tools package

initramfs-tools 0.142ubuntu23 copies host /etc/passwd into initramfs

Bug #2059739 reported by Philipp
28
This bug affects 6 people
Affects Status Importance Assigned to Milestone
initramfs-tools (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Recent changes to the dhcpd hook shipped with dhcpdinitramfs-tools 0.142ubuntu23 (noble-dev) copy the host /etc/passwd into the initramfs-image:
https://git.launchpad.net/ubuntu/+source/initramfs-tools/commit/hooks/dhcpcd?h=applied/ubuntu/noble&id=73c865b9d234087d977d7baa20852639746567fd

This has multiple problems:
 * The passwd file is copied without checking if the dhcpcd user actually exists (which is created by dhcpcd package, but only dhcpcd-base is installed via dependencies)
 * The change breaks dropbear-initramfs because the passwd file contains a root user with a non existing home directory
 * leaking user information into initramfs (which may or may not be a problem on fully encrypted systems)

Tags: patch
Revision history for this message
Benjamin Drung (bdrung) wrote :

Thank you for taking the time to report this bug and contributing to Ubuntu. The dhcpcd user is created by dhcpcd-base. So the user should exist.

Please test the attached patch that only copies the dhcpcd user into the initramfs.

Changed in initramfs-tools (Ubuntu):
importance: Undecided → Medium
status: New → In Progress
Ubuntu Foundations Team Bug Bot (crichton)
tags: added: patch
Revision history for this message
Philipp (phist0ne) wrote (last edit ):

Thanks you for the quick response.
Update-initramfs works without errors or warnings and dropbear correctly starts in the initial ramdisk environment created after applying 0001-Copy-only-dhcpcd-user-into-initramfs-etc-passwd.patch.

I can not really say anything about the dhcpd functionality though.

Benjamin Drung (bdrung)
Changed in initramfs-tools (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package initramfs-tools - 0.142ubuntu25

---------------
initramfs-tools (0.142ubuntu25) noble; urgency=medium

  * Copy only dhcpcd user into initramfs /etc/passwd (LP: #2059739)
  * autopkgtest: Ignore remainig udev processes also on amd64

 -- Benjamin Drung <email address hidden> Wed, 17 Apr 2024 17:55:09 +0200

Changed in initramfs-tools (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.