rabbitmq-server @3.8.3: rabbitmq group created with wrong gid

[knightcode (Dylan)]

After installing, the mnesia folders are owned by a group with ID 505, which doesn't map to a known group:

$ ls -la /opt/local/var/lib/rabbitmq/mnesia/
total 16
drwxrwxr-x   7 root      505       224 Nov  9 13:03 ./
drwxrwxr-x   4 rabbitmq  505       128 Aug  7 18:05 ../
-rw-r--r--   1 root      rabbitmq    0 Nov  9 13:03 .turd_rabbitmq-server
drwxr-xr-x  21 rabbitmq  505       672 Nov  5 20:03 percical/
-rw-r--r--   1 rabbitmq  505       112 Aug  7 19:01 percical-feature_flags
drwxr-xr-x   2 rabbitmq  505        64 Nov  6 20:32 percical-plugins-expand/
-rw-r--r--   1 rabbitmq  505         6 Nov 10 13:41 percical.pid

The rabbitmq group has a different ID:

$ sudo dscl . -read /Groups/rabbitmq
dsAttrTypeNative:record_daemon_version: 7970000
AppleMetaNodeLocation: /Local/Default
GeneratedUID: 894CACDC-53B7-4B5B-AF79-BF5BAFDCDF62
GroupMembers: C5EDE282-BB6C-49FF-9EC7-CC194D3CA493
GroupMembership: rabbitmq
Password: *
PrimaryGroupID: 2147483647
RealName: rabbitmq
RecordName: rabbitmq
RecordType: dsRecTypeStandard:Groups

As a result, the server fails to start properly.

I can fix this by changing the groups ID to 505:

$ sudo dscl . -change /Groups/rabbitmq PrimaryGroupID 2147483647 505

then the ownership matches up and the server starts:

$ ls -la /opt/local/var/lib/rabbitmq/mnesia/
total 16
drwxrwxr-x   7 root      rabbitmq    224 Nov 10 13:56 ./
drwxrwxr-x   4 rabbitmq  rabbitmq    128 Aug  7 18:05 ../
-rw-r--r--   1 root      2147483647    0 Nov  9 13:03 .turd_rabbitmq-server
drwxr-xr-x  19 rabbitmq  rabbitmq    608 Nov 10 13:56 percical/
-rw-r--r--   1 rabbitmq  rabbitmq    112 Aug  7 19:01 percical-feature_flags
drwxr-xr-x   8 rabbitmq  rabbitmq    256 Nov 10 13:56 percical-plugins-expand/
-rw-r--r--   1 rabbitmq  rabbitmq      6 Nov 10 13:56 percical.pid

[ryandesign (Ryan Carsten Schmidt)]

I don't see how that can be possible.

It's not what I see when I download ​http://packages.macports.org/rabbitmq-server/rabbitmq-server-3.8.3_0.darwin_17.noarch.tbz2 and check its contents:

$ tar tvf rabbitmq-server-3.8.3_0.darwin_17.noarch.tbz2 | grep mnesia
-rw-r--r--  0 root   rabbitmq   58028 Mar  9  2020 ./opt/local/lib/rabbitmq/lib/rabbitmq_server-3.8.3/ebin/rabbit_mnesia.beam
-rw-r--r--  0 root   rabbitmq   21528 Mar  9  2020 ./opt/local/lib/rabbitmq/lib/rabbitmq_server-3.8.3/ebin/rabbit_mnesia_rename.beam
drwxrwxr-x  0 root     rabbitmq       0 May 20  2020 ./opt/local/var/lib/rabbitmq/mnesia/
-rw-r--r--  0 root     rabbitmq       0 May 20  2020 ./opt/local/var/lib/rabbitmq/mnesia/.turd_rabbitmq-server

The Portfile​ clearly shows that the directory is getting created with the right group:

set serveruser      rabbitmq
set servergroup     rabbitmq
set serverhome      ${prefix}/var/lib/rabbitmq

add_users ${serveruser} group=${servergroup} realname=RabbitMQ\ Server home=${serverhome}

    xinstall -d -g [existsgroup ${servergroup}] -m 0775 ${destroot}${mnesiadbdir}

2147483647 is a peculiar value for a uid or gid. 2147483647 is the largest signed 32-bit integer. I don't know how you ended up with the rabbitmq group's gid being that value. uids and gids are usually quite small. uids and gids created by MacPorts use the next free id starting at 501.

[knightcode (Dylan)]

I agree that it's weird. It seems like everything gets set up with a gid of 505 for me, but then the gid of the group is set to max int after the files and folders are assigned a group. It resets every time rabbit gets updated or reinstalled.

[knightcode (Dylan)]

Until recently, my command line tools weren't up-to-date. Maybe the next time I install, it'll be fine.

[ryandesign (Ryan Carsten Schmidt)]

Hm. If the user or group already exists, I thought MacPorts wouldn't do anything. Is it possible that something outside of MacPorts is changing your macOS user accounts? Do you have any weird system level software installed, such as antivirus or antimalware programs, or some corporate security or tracking software? Are your user accounts managed by a network directory server?

[knightcode (Dylan)]

No to all. My previous company had Avast antivirus on here, but it's gone now. Everything else is pretty standard as far as I know.

[knightcode (Dylan)]

Maybe I only notice the issue when rabbit's upgraded because that's the only time the process ever restarts. I hardly ever reboot.

[ryandesign (Ryan Carsten Schmidt)]

Since you already know the dscl command to view and fix the gid, you could try a few things to see which if any cause the problem to reappear.

1. Unload the port to stop its process:

   sudo port unload rabbitmq-server
   

   Is the gid still ok?
2. Load the port to start its process again:

   sudo port load rabbitmq-server
   

   Is the gid still ok?
3. Reinstall the port which will also stop and start the process:

   sudo port -n upgrade --force rabbitmq-server
   

   Is the gid still ok?

[knightcode (Dylan)]

No change after any of those. Everything is still fine.

[knightcode (Dylan)]

Upgraded to MacOS 12.1 and this the group ID reverted to MaxInt.

[knightcode (Dylan)]

ldap just recently got in there and snagged 505. I'm not sure what created that group, but all the files I can find that have that group attached are under:

/System/Volumes/Data/opt/local/var/macports/sources/rsync.macports.org

I moved rabbit's group to 510 and changed the owner:group of /opt/local/var/lib/rabbitmq and /opt/local/var/log/rabbitmq accordingly. So far, that seems to have fixed the problem temporarily again.