25 lines
992 B
Desktop File
25 lines
992 B
Desktop File
[Unit]
|
|
# apt-ostree v2023.6 introduced a permission issue on `/etc/[g]shadow[-]`.
|
|
# This makes sure to fix permissions on systems that were deployed with the wrong permissions.
|
|
Description=Update permissions for /etc/shadow
|
|
Documentation=https://github.com/coreos/rpm-ostree-ghsa-2m76-cwhg-7wv6
|
|
# This new stamp file is written by the Rust code, and obsoletes
|
|
# the old /etc/.apt-ostree-shadow-mode-fixed.stamp
|
|
ConditionPathExists=!/etc/.apt-ostree-shadow-mode-fixed2.stamp
|
|
ConditionPathExists=/run/ostree-booted
|
|
# Filter out non-traditional ostree setups (e.g. live boots)
|
|
ConditionKernelCommandLine=ostree
|
|
# Because we read the sysroot
|
|
RequiresMountsFor=/boot
|
|
# Make sure this is started before any unprivileged (interactive) user has access to the system.
|
|
Before=systemd-user-sessions.service
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=apt-ostree fix-shadow-perms
|
|
RemainAfterExit=yes
|
|
# So we can remount /sysroot writable in our own namespace
|
|
MountFlags=slave
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|