45 lines
1.6 KiB
Bash
Executable File
45 lines
1.6 KiB
Bash
Executable File
#! /bin/sh
|
|
#
|
|
# This script attempts to fix the following issue:
|
|
# https://github.com/wayblueorg/wayblue/issues/89
|
|
# More specifically, it does the following:
|
|
# * Iterates /etc/shadow and /etc/gshadow; and
|
|
# * For every entry that cannot be getent'd, delete it
|
|
#
|
|
# This script should be invoked before systemd-sysusers on system boot
|
|
#
|
|
# The reason for this is as follows:
|
|
# At time of writing, using rpm-ostree to build OCI container images fails to
|
|
# update /usr/lib/passwd and /usr/lib/group, instead dropping items in
|
|
# /usr/lib/sysusers.d for systemd-sysusers to process at boot time. This would
|
|
# fine under normal circumstances.
|
|
#
|
|
# HOWEVER. If you are coming from a distro that had entries in those /usr/lib
|
|
# files for that users/group, you will have entries in /etc/{,g}shadow for said
|
|
# users/groups.
|
|
#
|
|
# If an entry is present in /etc/shadow or /etc/gshadow that matches an object
|
|
# that systemd-sysusers is trying to add, it will fail and no abort further
|
|
# object processing. Thus, we remove objects that cannot be looked up, assuming
|
|
# that the cause is this disparity and that it will be smoothed out when
|
|
# systemd-sysusers next runs
|
|
#
|
|
set -e
|
|
set -o pipefail
|
|
|
|
# Iterate over each file we're interested in
|
|
for file in /etc/shadow /etc/gshadow; do
|
|
# Prelim check for zero-byte files (shouldn't proc)
|
|
if ! [ -s "$file" ]; then
|
|
echo "File is missing or empty: $file"
|
|
continue
|
|
fi
|
|
# Prelim check to ensure we can read the file
|
|
if ! [ -r "$file" ]; then
|
|
echo "Unable to read file: $file"
|
|
continue
|
|
fi
|
|
# Prelim checks succeeded, move forward
|
|
echo "Parsing $file for junk"
|
|
done
|