# auditdistd user is missing in make kernel



## MNIHKLOM (Dec 21, 2012)

Hi,

This morning, I have just finished *make kernel KERNCONF=THUNYALICE* but at the end I also got some print out as a gift, here it is


```
[MNIHKLOM] ~% cat /root/MakeKernelMsg.scr 
bal.h -I. -I@ -I@/contrib/altq -fno-common  -fno-omit-frame-pointer -I/kaitag/obj/usr/src/sys/THUNYALICE
  -mno-aes -mno-avx -mcmodel=kernel -mno-red-zone -mno-mmx -mno-sse -msoft-float
  -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector -std=iso9899:1999 -Qunused-arguments
 -fstack-protector -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes
 -Wpointer-arith -Winline -Wcast-qual  -Wundef -Wno-pointer-sign -fformat-extensions
  -Wmissing-include-dirs -fdiagnostics-show-option  -Wno-error-tautological-compare
 -Wno-error-empty-body  -Wno-error-parentheses-equality -c /usr/src/sys/modules/zlib/../../net/zlib.c
ld  -d -warn-common -r -d -o zlib.ko zlib.o
:> export_syms
awk -f /usr/src/sys/conf/kmod_syms.awk zlib.ko  export_syms | xargs -J% objcopy
% zlib.ko
objcopy --strip-debug zlib.ko
--------------------------------------------------------------
>>> Kernel build for THUNYALICE completed on Fri Dec 21 05:58:39 ICT 2012
--------------------------------------------------------------
ERROR: Required auditdistd user is missing, see /usr/src/UPDATING.
*** [installcheck_UGID] Error code 1
 
Stop in /usr/src.
*** [installkernel] Error code 1
 
Stop in /usr/src.
[MNIHKLOM] /usr/src#
```

I do not do anything further for now.  I also looked at handbook for auditdistd user but failed and there is not a manual page for auditdistd too.

If I drop into a single user mode and follow what is written at the beginning of  /usr/src/Makefile,  shall I get this kernel and world installed and working normall?

My current machine is


```
[MNIHKLOM] ~% uname -a
FreeBSD MNIHKLOM.jesgroup.in.th 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Thu Nov 29 15:56:20 ICT 2012     
[email]root@MNIHKLOM.jesgroup.in.th[/email]:/kaitag/obj/usr/src/sys/THUNYALICE  amd64
```

With best regards,
MNIHKLOM


----------



## kpa (Dec 21, 2012)

How about actually doing what the error message instructs you to do?


----------



## MNIHKLOM (Dec 21, 2012)

kpa said:
			
		

> How about actually doing what the error message instructs you to do?



Hi,

Thank you indeed for a very quick response but I afraid of having problem with my fresh kernel.  I do not know how to handle the situation actually.  

Do you mean that ``auditdistd user'' will be created for the first time during mergemaster -p, if this user has not yet never added ?

I really thank you very much for your times.

With best regards,
MNIHKLOM


----------



## wblock@ (Dec 21, 2012)

Use vipw(8) to add the auditdistd user as shown in /usr/src/etc/master.passwd.


----------



## MNIHKLOM (Dec 21, 2012)

Hi,

Thanks to kpa and wblock@ for giving me assitants.  My notebook is now


```
[MNIHKLOM] ~% uname -a
FreeBSD MNIHKLOM.jesgroup.in.th 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #1 r244509: Fri Dec 21 05:49:57 ICT 
2012     [email]root@MNIHKLOM.jesgroup.in.th[/email]:/kaitag/obj/usr/src/sys/THUNYALICE  amd64
```

and working as normal.

With best regards,
MNIHKLOM


----------



## SPlissken (Dec 23, 2012)

Well indeed, it s not very clear what we have to do.


----------



## SPlissken (Dec 23, 2012)

Well as said wblock@ , vipw does the job


----------



## felix (Dec 23, 2012)

Run this:

```
pw useradd -n auditdistd -g audit -c "Auditdistd unprivileged user" -d /var/empty -s /usr/sbin/nologin
```


----------



## Rudy (Jan 2, 2013)

*how to use the 'merge' option with mergemaster*

The 'merge' option in nifty in mergemaster.  This will get the standard UID and GID into your /etc/passwd for the new user.  Here is a 'how-to' on merging.  Note, the 'l' stands for 'pick the left side' and 'r' for the 'right' side.


```
*** Displaying differences between ./etc/master.passwd and installed version:

--- /etc/master.passwd  2012-06-26 05:09:30.000000000 -0700
+++ ./etc/master.passwd 2013-01-01 22:03:50.000000000 -0800
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.0.0/etc/master.passwd 218047 2011-01-28 22:29:38Z pjd $
+# $FreeBSD: src/etc/master.passwd,v 1.42.2.3 2012/12/06 11:55:13 svnexp Exp $
 #
-root:$1$zxcvzxcvzxcvzxcvzxcvzxcvzxcvzxc:0:0::0:0:Charlie &:/root:/bin/csh
+root::0:0::0:0:Charlie &:/root:/bin/csh
 toor:*:0:0::0:0:Bourne-again Superuser:/root:
 daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
 operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
@@ -19,8 +19,7 @@
 _dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
 uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
 pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
+auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
 www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
 hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin
 nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
-example:$1$asdfadsfasdfadsfdsfasdfasdfasd:1001:0::0:0:Example User:/home/example:/bin/tcsh
-_ntp:*:123:123::0:0:NTP Daemon:/var/empty:/usr/sbin/nologin

  Use 'd' to delete the temporary ./etc/master.passwd
  Use 'i' to install the temporary ./etc/master.passwd
  Use 'm' to merge the temporary and installed versions
  Use 'v' to view the diff results again

  Default is to leave the temporary file to deal with by hand

How should I deal with this? [Leave it for later] [B]m[/B]

# $FreeBSD: release/9.0.0/etc/master.passwd 218047 20 | # $FreeBSD: src/etc/master.passwd,v 1.42.2.3 2012/12/
%[B]r[/B]
root:$1$zxcvzxcvzxcvzxcvzxcvzxcvzxcvzxc:0:0::0:0:Char | root::0:0::0:0:Charlie &:/root:/bin/csh
%[B]l[/B]
                                                      > auditdistd:*:78:77::0:0:Auditdistd unprivileged user:
%[B]r[/B]
example:$1$asdfadsfasdfadsfdsfasdfasdfasd:1001:0::0:0 <
_ntp:*:123:123::0:0:NTP Daemon:/var/empty:/usr/sbin/n <
%[B]l[/B]

  Use 'i' to install merged file
  Use 'r' to re-do the merge
  Use 'v' to view the merged file
  Default is to leave the temporary file to deal with by hand

    *** How should I deal with the merged file? [Leave it for later] [B]v[/B]
# $FreeBSD: src/etc/master.passwd,v 1.42.2.3 2012/12/06 11:55:13 svnexp Exp $
#
root:$1$zxcvzxcvzxcvzxcvzxcvzxcvzxcvzxc:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
example:$1$asdfadsfasdfadsfdsfasdfasdfasd:1001:0::0:0:Example User:/home/example:/bin/tcsh
_ntp:*:123:123::0:0:NTP Daemon:/var/empty:/usr/sbin/nologin

  Use 'i' to install merged file
  Use 'r' to re-do the merge
  Use 'v' to view the merged file
  Default is to leave the temporary file to deal with by hand

    *** How should I deal with the merged file? [Leave it for later] [B]i[/B]

     *** Merged version of ./etc/master.passwd installed successfully


*** Comparison complete

*** /var/tmp/temproot is empty, deleting

*** You installed a new master.passwd file, so make sure that you run
    '/usr/sbin/pwd_mkdb -p /etc/master.passwd'
     to rebuild your password files

    Would you like to run it now? y or n [n] [B]y[/B]
    Running /usr/sbin/pwd_mkdb -p /etc/master.passwd
```


----------



## pnp (Jan 6, 2013)

kpa said:
			
		

> How about actually doing what the error message instructs you to do?



Forgive me for pointing this out, but UPDATING tells us mergemaster -p will take care of it. In the canonical way of updating as described in the handbook this step comes after 'make installkernel' while it is this step that generates the error and halts the installation. I'm fine with running mergemaster before installing the kernel but it is a bit like fixing it the linux way.


----------



## DutchDaemon (Jan 7, 2013)

IIRC, the amd64 installation did this correctly, whereas the i386 installation bombed due to the absence of this user. Adding it to the password file remedied this, but it looks like a bug on i386.


----------



## pnp (Jan 8, 2013)

DutchDaemon said:
			
		

> IIRC, the amd64 installation did this correctly, ...



I just had this error two days ago in the amd64 upgrade from 8.2, didn't have any i386 systems around to try it with.


----------

