#! /bin/sh
#
# This script attempts to fix the following issue:
# https://github.com/wayblueorg/wayblue/issues/89
# More specifically, it does the following:
# * Iterates /etc/shadow and /etc/gshadow; and
# * For every entry that cannot be getent'd, delete it
#
# This script should be invoked before systemd-sysusers on system boot
#
# The reason for this is as follows:
# At time of writing, using rpm-ostree to build OCI container images fails to
# update /usr/lib/passwd and /usr/lib/group, instead dropping items in
# /usr/lib/sysusers.d for systemd-sysusers to process at boot time. This would
# fine under normal circumstances.
#
# HOWEVER. If you are coming from a distro that had entries in those /usr/lib
# files for that users/group, you will have entries in /etc/{,g}shadow for said
# users/groups.
#
# If an entry is present in /etc/shadow or /etc/gshadow that matches an object
# that systemd-sysusers is trying to add, it will fail and no abort further
# object processing. Thus, we remove objects that cannot be looked up, assuming
# that the cause is this disparity and that it will be smoothed out when
# systemd-sysusers next runs
#
set -e
set -o pipefail

# Iterate over each file we're interested in
for file in /etc/shadow /etc/gshadow; do
	# Prelim check for zero-byte files (shouldn't proc)
	if ! [ -s "$file" ]; then
		echo "File is missing or empty: $file"
		continue
	fi
	# Prelim check to ensure we can read the file
	if ! [ -r "$file" ]; then
		echo "Unable to read file: $file"
		continue
	fi
	# Prelim checks succeeded, move forward
	echo "Parsing $file for junk"
done