Bootable image: Login imposible

[mt-at-mt]

mkosi commit the issue has been seen with

main

Used host distribution

Debian bookworm

Used target distribution

Debian sid or Debian trixie

Linux kernel version used

6.10.6-1

CPU architectures issue was seen on

x86_64

Unexpected behaviour you saw

For a Debian/bookworm image, things login works as expected:

$ mkosi -f --release bookworm qemu
[...]
mke2fs 1.47.0 (5-Feb-2023)

Debian GNU/Linux 12 localhost hvc0

localhost login: root
Password: root
Linux localhost 6.1.0-25-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.106-3 (2024-08-26) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@localhost:~#

For the Debian/sid image, built and run with 'mkosi -f qemu' the password prompt does not appear:

Debian GNU/Linux trixie/sid localhost hvc0

localhost login: root

Debian GNU/Linux trixie/sid localhost hvc0

localhost login:

Might be due to a change in the utils-linux agetty behavior in newer version?

Booting a similar image on real arm64 hardware behaves the same.

Used mkosi config

[Distribution]
Distribution=debian
Release=sid

[Content]
RootPassword=root
Bootable=yes
Packages=linux-image-generic
         systemd
         systemd-boot
         systemd-sysv
         udev
         dbus

mkosi output

No response

[behrmann]

Can you add logs from running this with --debug

[mt-at-mt]

Can you add logs from running this with --debug

log.txt

I have the feeling the problem is related to this change in Debian:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833256

[mt-at-mt]

I have the feeling the problem is related to this change in Debian:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833256

Indeed, if I add the 'login' package to the packagelist, login works as with trixie/sid.

$ mkosi --force -p login qemu

The priority of the package changed in Debian. It was essential for the one provided by shadow in bookworm and the new one provided by util-linux in trixie/sid is only required so it is no longer installed by debootstrap.

Shall we add the package to this list https://mkosi.systemd.io/bootable.html ?

[DaanDeMeyer]

@mt-at-mt I'm sorry, but I'm closing this bug. This is not an issue in mkosi, but an issue in Debian. The Debian pam stack should be fixed to accomodate logging in as root with util-linux's login implementation. Please open a bug with Debian

[mt-at-mt]

@mt-at-mt I'm sorry, but I'm closing this bug. This is not an issue in mkosi, but an issue in Debian. The Debian pam stack should be fixed to accomodate logging in as root with util-linux's login implementation. Please open a bug with Debian

It is not about login as root, it is about login as any user, cause the login package is not installed by debootstrap anymore.

IMHO the use-case for debootstrap is creating chroots. This requires no login shell. So it is reasonable to add it manually.

0001-docs-bootable-debian-Add-login-package.patch.txt

Shall I do a pull request for this change?

But I will ask Debian to tag the package essential again first.

[DaanDeMeyer]

@mt-at-mt I'm sorry, but I'm closing this bug. This is not an issue in mkosi, but an issue in Debian. The Debian pam stack should be fixed to accomodate logging in as root with util-linux's login implementation. Please open a bug with Debian

It is not about login as root, it is about login as any user, cause the login package is not installed by debootstrap anymore.

IMHO the use-case for debootstrap is creating chroots. This requires no login shell. So it is reasonable to add it manually.

0001-docs-bootable-debian-Add-login-package.patch.txt

Shall I do a pull request for this change?

But I will ask Debian to tag the package essential again first.

No we want util-linux's login to be used and not shadow's login. The latest request to use util-linux login instead of shadow's came from us.

[mt-at-mt]

@mt-at-mt I'm sorry, but I'm closing this bug. This is not an issue in mkosi, but an issue in Debian. The Debian pam stack should be fixed to accomodate logging in as root with util-linux's login implementation. Please open a bug with Debian

It is not about login as root, it is about login as any user, cause the login package is not installed by debootstrap anymore. IMHO the use-case for debootstrap is creating chroots. This requires no login shell. So it is reasonable to add it manually. 0001-docs-bootable-debian-Add-login-package.patch.txt Shall I do a pull request for this change? But I will ask Debian to tag the package essential again first.

No we want util-linux's login to be used and not shadow's login. The latest request to use util-linux login instead of shadow's came from us.

That's fine, but shouldn't it be than also 'essential'?

[DaanDeMeyer]

@mt-at-mt I'm sorry, but I'm closing this bug. This is not an issue in mkosi, but an issue in Debian. The Debian pam stack should be fixed to accomodate logging in as root with util-linux's login implementation. Please open a bug with Debian

It is not about login as root, it is about login as any user, cause the login package is not installed by debootstrap anymore. IMHO the use-case for debootstrap is creating chroots. This requires no login shell. So it is reasonable to add it manually. 0001-docs-bootable-debian-Add-login-package.patch.txt Shall I do a pull request for this change? But I will ask Debian to tag the package essential again first.

No we want util-linux's login to be used and not shadow's login. The latest request to use util-linux login instead of shadow's came from us.

That's fine, but shouldn't it be than also 'essential'?

Luca clarified that util-linux's login won't be made essential, so we added it to the package lists: https://github.com/systemd/mkosi/pull/2996