From 7c423653e57eb532d7404b8e040e541a7b662225 Mon Sep 17 00:00:00 2001
From: Jan Pazdziora <jan.pazdziora@code.adelton.com>
Date: Thu, 26 Dec 2024 20:04:19 +0100
Subject: [PATCH] Stop the sssd.service from changing the /etc/sssd symlink.

Addressing
C /etc/sssd
---
 Dockerfile.fedora-rawhide | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Dockerfile.fedora-rawhide b/Dockerfile.fedora-rawhide
index efa2fc6d..1f01a434 100644
--- a/Dockerfile.fedora-rawhide
+++ b/Dockerfile.fedora-rawhide
@@ -22,6 +22,9 @@ RUN systemctl mask rpc-gssd.service
 # Workaround https://bugzilla.redhat.com/show_bug.cgi?id=2334087
 COPY patches/sssd-capabilities.conf /usr/lib/systemd/system/sssd.service.d/capabilities.conf
 RUN setcap cap_dac_override+ep /usr/libexec/sssd/ldap_child
+# Stop the sssd.service from changing the /etc/sssd symlink
+RUN mkdir /usr/lib/systemd/system/sssd.service.d \
+	&& ( echo '[Service]' ; echo 'ExecStartPre=' ; sed '/ExecStartPre/!d; s/-R/-R -H/g' /usr/lib/systemd/system/sssd.service ) > /usr/lib/systemd/system/sssd.service.d/avoid-chown-chmod-on-image.conf
 
 # Container image which runs systemd
 # debug: RUN test -f /etc/machine-id && ! test -s /etc/machine-id