fix: debian image creation with host UID/GID

rezib · rezib · commit 5a9fbf463479 · 2023-03-28T21:55:56.000+02:00
Creation of fatbuildr user and group with host UID/GID in deb format container image at build time may fail due to possible conflict with other Debian sid packages (typically systemd). To avoid this error, possibly existing user and group with the conflicting UID/GID are removed before running systemd-sysusers. Fix #83
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -69,6 +69,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Avoid removal of tilde from version extracted in source tarball filename
   when submitted during build through HTTP REST API (#81).
 - Remove useless imports
+- images: fix fatbuildr user and group with host UID/GID in deb format container
+  image due to possible conflicts with other installed Debian sid packages (#83)
 
 ### Changed
 - cli: transform `images` command options `--create`, `--update`,
diff --git a/conf/images/scripts/deb-postinstall.sh b/conf/images/scripts/deb-postinstall.sh
@@ -1,6 +1,24 @@
 #!/bin/sh
 
-# Debian packages installed in OSI image do not call systemd-sysusers in their
-# postinst scripts. Then it is called explicitely here to create missing
-# sysusers, and especially fatbuildr system user.
+# The systemd package installed in Debian sid OSI image runs systemd-sysusers in
+# its deb postinst scripts with its own sysusers.d/*.conf files in arguments.
+# This makes systemd-sysusers ignoring the sysusers.d/fatbuildr.conf file
+# installed by mkosi skeleton with its explicit UID/GID (to match the host) and
+# it could potentially create systemd users and groups with conflicting UID/GID.
+# The solution in this postinstall script is to remove possible conflicting user
+# and group with the required UID/GID and rerun systemd-sysusers without
+# arguments to create all the missing stuff.
+
+EXISTING_USER=$(getent passwd ${FATBUILDR_UID}|cut -d: -f1)
+if [ -n "${EXISTING_USER}" ]; then
+    echo "Deleting conflicting system user ${EXISTING_USER}"
+    userdel $EXISTING_USER
+fi
+
+EXISTING_GROUP=$(getent group ${FATBUILDR_GID}|cut -d: -f1)
+if [ -n "${EXISTING_GROUP}" ]; then
+    echo "Deleting conflicting system group ${EXISTING_GROUP}"
+    groupdel $EXISTING_GROUP
+fi
+
 systemd-sysusers
diff --git a/conf/vendor/fatbuildr.ini b/conf/vendor/fatbuildr.ini
diff --git a/fatbuildr/images.py b/fatbuildr/images.py
@@ -113,6 +113,9 @@ def create(self, task, force):
                 path=str(self.path),
                 skeleton=str(self.skel_path),
                 user=user,
+                group=group,
+                uid=uid,
+                gid=gid,
             )
             .split(' ')
         )

Original file line number	Diff line number	Diff line change
`@@ -113,6 +113,9 @@ def create(self, task, force):`
`113`	`113`	`path=str(self.path),`
`114`	`114`	`skeleton=str(self.skel_path),`
`115`	`115`	`user=user,`
	`116`	`+ group=group,`
	`117`	`+ uid=uid,`
	`118`	`+ gid=gid,`
`116`	`119`	`)`
`117`	`120`	`.split(' ')`
`118`	`121`	`)`