Makefile: use sysusers directly

Instead of using the libalpm systemd-syusers hook, use sysusers directly. The --root parameter allows us to avoid using the host's namespace and populate using the conf files in the target's build directory.

Makefile: use sysusers directly
Instead of using the libalpm systemd-syusers hook, use sysusers directly. The --root parameter allows us to avoid using the host's namespace and populate using the conf files in the target's build directory.
eb0c127b · Santiago Torres-Arias · hashworks · c0e73cd9 · eb0c127b · eb0c127b
Verified Commit eb0c127b authored Dec 10, 2020 by Santiago Torres-Arias Committed by hashworks Dec 11, 2020
--- a/Dockerfile.template
+++ b/Dockerfile.template
@@ -22,7 +22,6 @@ FROM scratch AS root
 COPY --from=verify /rootfs/ /

 RUN ldconfig
-RUN /usr/share/libalpm/scripts/systemd-hook sysusers

 ENV LANG=en_US.UTF-8
 CMD ["/usr/bin/bash"]
--- a/Makefile
+++ b/Makefile
@@ -23,6 +23,9 @@ fakechroot -- fakeroot -- chroot $(BUILDDIR) update-ca-trust

 	ln -fs /usr/lib/os-release $(BUILDDIR)/etc/os-release

+	# add system users
+	fakechroot -- fakeroot -- chroot $(BUILDDIR) /usr/bin/systemd-sysusers --root "/"
+
 	# remove passwordless login for root (see CVE-2019-5021 for reference)
 	sed -i -e 's/^root::/root:!:/' "$(BUILDDIR)/etc/shadow"