#1139253 libpam-modules: pam_mkhomedir.so creates /nonexistent

Package:
libpam-modules
Source:
libpam-modules
Description:
Pluggable Authentication Modules for PAM
Submitter:
Raphaël Halimi
Date:
2026-06-07 17:39:02 UTC
Severity:
normal
Tags:
#1139253#5
Date:
2026-06-07 17:38:05 UTC
From:
To:
Dear developer,

Since Bookworm, `adduser` by default creates system users without a home
directory, and the manual page states:

"If no home directory is specified, the default home directory for a new
system user is /nonexistent. This directory should never exist on any
Debian system, and adduser will never create it automatically."

Unfortunately, pam_mkhomedir.so does create such a home directory if a
system user opens a session (in my case, a system user existing solely
to create SSH tunnels from a system to another).

A simple workaround is to jump over the pam_mkhomedir.so call if the
home directory matches "/nonexistent".

Here is a simple patch to accomplish this.

The patch suppresses wrongful behavior and seems quite harmless to me,
so a proposed-update to Trixie would be appreciated.

Regards,