Creating fatbuildr user/group in deb image container with host UID/GID fails

[rezib]

Due to changes in Debian sid, the creation of fatbuildr system user and group in deb format container image fails due to UID/GID conflict with systemd-network:

$ fatbuildrctl images create --format deb --force --watch
Submitted deb image creation task 4b99297f-2f4a-4668-9a76-842cfd6c07f4
 ⚬ INFO: Running image creation task 4b99297f-2f4a-4668-9a76-842cfd6c07f4
 ⚬ INFO: Creating image for deb format
 ⚬ INFO: Generating skeleton archive /var/lib/fatbuildr/images/skeleton.tar.xz
 ⚬ DEBUG: Removing existing skeleton archive /var/lib/fatbuildr/images/skeleton.tar.xz
 ⚬ INFO: Creating image for deb format
 ⚬ DEBUG: Running command: /usr/libexec/fatbuildr/u-mkosi --force --default /usr/share/fatbuildr/images/deb.mkosi --output /var/lib/fatbuildr/images/default/deb.img --cache /var/lib/fatbuildr/images/default/.cache-deb --skeleton-tree /var/lib/fatbuildr/images/skeleton.tar.xz --environment FATBUILDR_USER=fatbuildr
‣ Removing output files…
‣ Detaching namespace
‣ Setting up temporary workspace.
‣ Temporary workspace set up in /var/lib/fatbuildr/images/default/.mkosi-qx7oeh23
‣ Running second (final) stage…
‣  Mounting image…
‣   Setting up basic OS tree…
‣   Mounting Package Cache
‣    Installing Debian…
I: Retrieving InRelease 
I: Checking Release signature
I: Valid Release signature (key id A7236886F3CCCAAD148A27F80E98404D386FA1D9)
…
: Configuring libc-bin...
I: Configuring ca-certificates...
I: Base system installed successfully.
‣     Copying in skeleton file trees…
‣     Mounting API VFS…
Atteint :1 http://deb.debian.org/debian sid InRelease
Réception de :2 http://deb.debian.org/debian sid/main Translation-fr [2 822 kB]
Réception de :3 http://deb.debian.org/debian sid/main Translation-en [6 985 kB]
9 807 ko réceptionnés en 1s (7 607 ko/s)
Lecture des listes de paquets…
W: Impossible de lire /etc/apt/apt.conf.d/ - DirectoryExists (2: Aucun fichier ou dossier de ce type)
W: Le téléchargement est effectué en dehors du bac à sable en tant que « root » car le fichier « /var/lib/fatbuildr/images/default/.mkosi-qx7oeh23/root/var/lib/apt/lists/partial/deb.debian.org_debian_dists_sid_InRelease » n'est pas accessible par l'utilisateur « _apt ». - pkgAcquire::Run (13: Permission non accordée)
‣     Unmounting API VFS…
‣     Mounting API VFS…
W: Impossible de lire /etc/apt/apt.conf.d/ - DirectoryExists (2: Aucun fichier ou dossier de ce type)
‣     Unmounting API VFS…
‣     Mounting API VFS…
Lecture des listes de paquets…
Construction de l'arbre des dépendances…
Les paquets supplémentaires suivants seront installés : 
  adduser binutils binutils-common binutils-x86-64-linux-gnu bsdextrautils
  bzip2 cowdancer dbus-bin dbus-daemon dbus-session-bus-common
  …
Selecting previously unselected package systemd.
Preparing to unpack .../systemd_252.6-1_amd64.deb ...
Unpacking systemd (252.6-1) ...
Chrooting into /var/lib/fatbuildr/images/default/.mkosi-qx7oeh23/root/
Setting up libargon2-1:amd64 (0~20190702+dfsg-2) ...
Setting up libjson-c5:amd64 (0.16-2) ...
Setting up libfdisk1:amd64 (2.38.1-5+b1) ...
Setting up libkmod2:amd64 (30+20221128-1) ...
Setting up libapparmor1:amd64 (3.0.8-3) ...
Setting up libip4tc2:amd64 (1.8.9-2) ...
Setting up libsystemd-shared:amd64 (252.6-1) ...
Setting up libdevmapper1.02.1:amd64 (2:1.02.185-2) ...
Setting up libcryptsetup12:amd64 (2:2.6.1-3) ...
Setting up systemd (252.6-1) ...
Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service → /lib/systemd/system/getty@.service.
Created symlink /etc/systemd/system/multi-user.target.wants/remote-fs.target → /lib/systemd/system/remote-fs.target.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-pstore.service → /lib/systemd/system/systemd-pstore.service.
Creating group 'systemd-journal' with GID 999.
Creating group 'systemd-network' with GID 998.
Creating user 'systemd-network' (systemd Network Management) with UID 998 and GID 998.
Setting up dmsetup (2:1.02.185-2) ...
Chrooting into /var/lib/fatbuildr/images/default/.mkosi-qx7oeh23/root/
Selecting previously unselected package systemd-sysv.
  …
Processing triggers for systemd (252.6-1) ...
W: Impossible de lire /etc/apt/apt.conf.d/ - DirectoryExists (2: Aucun fichier ou dossier de ce type)
‣     Unmounting API VFS…
‣   Unmounting Package Cache
‣   Mounting Package Cache
‣    Running postinstall script…
Suggested group ID 998 for fatbuildr already used.
Creating group 'fatbuildr' with GID 996.
Suggested user ID 998 for fatbuildr already used.
Creating user 'fatbuildr' (Fatbuildr user) with UID 995 and GID 998.
‣   Unmounting Package Cache
‣   Recording packages in manifest…
‣   Resetting machine ID
‣  Unmounting image…
‣ Linking image file…
‣ Linked var/lib/fatbuildr/images/default/deb.img
‣ Saving manifest var/lib/fatbuildr/images/default/deb.img.manifest
‣  Changing ownership of output file var/lib/fatbuildr/images/default/deb.img.manifest to user root…
‣  Changed ownership of var/lib/fatbuildr/images/default/deb.img.manifest
‣ Resulting image size is 843.0M.
 ⚬ INFO: Task succeeded

Fatbuildr systemd-sysusers configuration is deployed with mkosi skeleton before systemd is installed in container image but systemd packaging postinst script runs systemd-sysusers with its files in parameter, thus ignoring existing Fatbuildr file.