passwd: sync etc/{,g}shadow according to etc/{passwd,group}

Refer to coreos#49 (comment), Remove bin line in group and passwd Build FCOS, see logs: ``` systemd.post: Creating group 'bin' with GID 1. systemd.post: Creating user 'bin' (bin) with UID 1 and GID 1. systemd.post: /etc/gshadow: Group "bin" already exists. ``` According to @cgwalters 's pointer: The above log will lead systemd-sysusers (during systemd.post) exit early before saving the updated `/etc/{passwd,group}` refer to [code](https://github.com/systemd/systemd/blob/main/src/sysusers/sysusers.c#L820), and bin user/group will not be saved finally. The root cause is that `gshadow` is not consistent with group, `gshadow` is from setup, and we override group according to https://github.com/coreos/fedora-coreos-config/blob/testing-devel/manifests/group. The `shadow` is also from setup, and is not consistent with passwd, we should also sync it. Fix coreos/fedora-coreos-tracker#1525
HuijingHei · Jul 17, 2023 · 4844f8b · 4844f8b
1 parent 52f9cdf
commit 4844f8b
Showing 1 changed file with 1 addition and 7 deletions.
diff --git a/rust/src/passwd.rs b/rust/src/passwd.rs
@@ -337,12 +337,6 @@ fn passwd_compose_prep_impl(
         }
     }
 
-    let shadow_file = format!("{}shadow", dest);
-    let contents = rootfs
-        .read_to_string(shadow_file)
-        .with_context(|| format!("Reading {shadow_file}"))?;
-    println!("==={}===", contents);
-
     Ok(())
 }
 
@@ -395,7 +389,7 @@ fn write_data_from_treefile(
         })
         .with_context(|| format!("failed to write /{}", &target_etc_filename))?;
 
-    // Regernate /etc/{,g}shadow according to usr/lib/{password,group}
+    // Regernate etc/{,g}shadow according to etc/{password,group}
     let db = rootfs.open(target_etc_filename).map(BufReader::new)?;
     let shadow_name = if target == "passwd" { "shadow" } else { "gshadow" };
     let target_etc_shadow = format!("{}{}", dest_path, shadow_name);