diff --git a/wayblue-fix-89.sh b/wayblue-fix-89.sh
new file mode 100755
index 0000000..1152a76
--- /dev/null
+++ b/wayblue-fix-89.sh
@@ -0,0 +1,38 @@
+#! /bin/sh
+#
+# This script attempts to fix the following issue:
+# https://github.com/wayblueorg/wayblue/issues/89
+# More specifically, it does the following:
+# * Iterates /etc/shadow and /etc/gshadow; and
+# * For every entry that cannot be getent'd, delete it
+#
+# This script should be invoked before systemd-sysusers on system boot
+#
+# The reason for this is as follows:
+# At time of writing, using rpm-ostree to build OCI container images fails to
+# update /usr/lib/passwd and /usr/lib/group, instead dropping items in
+# /usr/lib/sysusers.d for systemd-sysusers to process at boot time. This would
+# fine under normal circumstances.
+#
+# HOWEVER. If you are coming from a distro that had entries in those /usr/lib
+# files for that users/group, you will have entries in /etc/{,g}shadow for said
+# users/groups.
+#
+# If an entry is present in /etc/shadow or /etc/gshadow that matches an object
+# that systemd-sysusers is trying to add, it will fail and no abort further
+# object processing. Thus, we remove objects that cannot be looked up, assuming
+# that the cause is this disparity and that it will be smoothed out when
+# systemd-sysusers next runs
+#
+set -e
+set -o pipefail
+
+# For each file we're interested in
+for file in /etc/shadow /etc/gshadow; do
+	# Prelim check to ensure we can read the file
+	if ! [ -r "$file" ]; then
+		echo "Unable to read file: $file"
+		continue
+	fi
+	echo "Parsing $file for junk"
+done