Move the tss group to /etc so it can be mutated
This works around two issues: - First, rpm switched to reading users/groups directly for its implementation of systemd-sysusers, which meant it no longer reads via nss, which breaks nss-altfiles. xref: https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1536435351 and below. - Second, even if that was fixed, `keylime` wants to add its user to the group, which can't be done when it's a system uid. Since nothing in the OS content is owned by this group, we can move underneath `/etc` by default. Signed-off-by: Colin Walters <walters@verbum.org>
This commit is contained in:
Colin Walters
parent
78462e6c13
commit
993845d2a2
2 changed files with 11 additions and 0 deletions
6
tests/rootfs/cases/etc-group
Executable file
6
tests/rootfs/cases/etc-group
Executable file
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/bash
|
||||
set -xeuo pipefail
|
||||
# Verify group members
|
||||
getent group tss >/dev/null
|
||||
# This one needs to be in /etc
|
||||
grep -q tss /etc/group
|
||||
Loading…
Add table
Add a link
Reference in a new issue