From 32a90595be444d6a267eae52ace87a38caa914a0 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 17 Mar 2017 16:45:35 -0400
Subject: [PATCH] compose: Delete /usr/etc/passwd- (and the other variants)

There's no point to shipping these backup files in the base tree. We already had
code to delete them for the package layering case where they caused active harm.
At the point we added that code we really should have *also* changed treecompose
to delete them. Better late than never.

The reason I'm doing this now is because having them in the base tree causes `ex
livefs` to spuriously think that layering a package that *doesn't* change `/etc`
as if it does, because the layering code deletes the backup files.
---
 src/libpriv/rpmostree-passwd-util.c | 38 ++++++++++++++++++-----------
 src/libpriv/rpmostree-passwd-util.h |  4 +++
 src/libpriv/rpmostree-postprocess.c |  4 +++
 tests/compose-tests/test-basic.sh   |  3 +++
 4 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/src/libpriv/rpmostree-passwd-util.c b/src/libpriv/rpmostree-passwd-util.c
index b26b68f45f..6d3f13a94e 100644
--- a/src/libpriv/rpmostree-passwd-util.c
+++ b/src/libpriv/rpmostree-passwd-util.c
@@ -1191,23 +1191,13 @@ rootfs_has_usrlib_passwd (int rootfs_dfd,
   return TRUE;
 }
 
-/* We actually want RPM to inject to /usr/lib/passwd - we
- * accomplish this by temporarily renaming /usr/lib/passwd -> /usr/etc/passwd
- * (Which appears as /etc/passwd via our compatibility symlink in the bubblewrap
- *  script runner). We also copy the merge deployment's /etc/passwd to
- *  /usr/lib/passwd, so that %pre scripts are aware of newly added system users
- *  not in the tree's /usr/lib/passwd (through nss-altfiles in the container).
+/* This may be leftover in the tree from an older version of rpm-ostree that
+ * didn't clean them up at compose time, and having them exist will mean
+ * rofiles-fuse will prevent useradd from opening it for write.
  */
 gboolean
-rpmostree_passwd_prepare_rpm_layering (int                rootfs_dfd,
-                                       const char        *merge_passwd_dir,
-                                       gboolean          *out_have_passwd,
-                                       GCancellable      *cancellable,
-                                       GError           **error)
+rpmostree_passwd_cleanup (int rootfs_dfd, GCancellable *cancellable, GError **error)
 {
-  /* This may be leftover in the tree, and having it exist will mean
-   * rofiles-fuse will prevent useradd from opening it for write.
-   */
   for (guint i = 0; i < G_N_ELEMENTS (pwgrp_lock_and_backup_files); i++)
     {
       const char *file = pwgrp_lock_and_backup_files[i];
@@ -1223,6 +1213,26 @@ rpmostree_passwd_prepare_rpm_layering (int                rootfs_dfd,
         }
     }
 
+  return TRUE;
+}
+
+/* We actually want RPM to inject to /usr/lib/passwd - we
+ * accomplish this by temporarily renaming /usr/lib/passwd -> /usr/etc/passwd
+ * (Which appears as /etc/passwd via our compatibility symlink in the bubblewrap
+ *  script runner). We also copy the merge deployment's /etc/passwd to
+ *  /usr/lib/passwd, so that %pre scripts are aware of newly added system users
+ *  not in the tree's /usr/lib/passwd (through nss-altfiles in the container).
+ */
+gboolean
+rpmostree_passwd_prepare_rpm_layering (int                rootfs_dfd,
+                                       const char        *merge_passwd_dir,
+                                       gboolean          *out_have_passwd,
+                                       GCancellable      *cancellable,
+                                       GError           **error)
+{
+  if (!rpmostree_passwd_cleanup (rootfs_dfd, cancellable, error))
+    return FALSE;
+
   if (!rootfs_has_usrlib_passwd (rootfs_dfd, out_have_passwd, error))
     return FALSE;
   if (!*out_have_passwd)
diff --git a/src/libpriv/rpmostree-passwd-util.h b/src/libpriv/rpmostree-passwd-util.h
index 17c005be2e..4e6b610fcd 100644
--- a/src/libpriv/rpmostree-passwd-util.h
+++ b/src/libpriv/rpmostree-passwd-util.h
@@ -63,6 +63,10 @@ rpmostree_generate_passwd_from_previous (OstreeRepo      *repo,
                                          GCancellable    *cancellable,
                                          GError         **error);
 
+
+gboolean
+rpmostree_passwd_cleanup (int rootfs_dfd, GCancellable *cancellable, GError **error);
+
 gboolean
 rpmostree_passwd_prepare_rpm_layering (int       rootfs_dfd,
                                        const char        *merge_passwd_dir,
diff --git a/src/libpriv/rpmostree-postprocess.c b/src/libpriv/rpmostree-postprocess.c
index cff6e8d1d8..3440bab8d9 100644
--- a/src/libpriv/rpmostree-postprocess.c
+++ b/src/libpriv/rpmostree-postprocess.c
@@ -1190,6 +1190,7 @@ rpmostree_rootfs_prepare_links (int           rootfs_fd,
  *
  *  - Move /etc to /usr/etc
  *  - Clean up RPM db leftovers
+ *  - Clean /usr/etc/passwd- backup files and such
  */
 gboolean
 rpmostree_rootfs_postprocess_common (int           rootfs_fd,
@@ -1236,6 +1237,9 @@ rpmostree_rootfs_postprocess_common (int           rootfs_fd,
         }
     }
 
+  if (!rpmostree_passwd_cleanup (rootfs_fd, cancellable, error))
+    goto out;
+
   ret = TRUE;
  out:
   return ret;
diff --git a/tests/compose-tests/test-basic.sh b/tests/compose-tests/test-basic.sh
index 27ff4bd2e7..cef3d94d52 100755
--- a/tests/compose-tests/test-basic.sh
+++ b/tests/compose-tests/test-basic.sh
@@ -18,6 +18,9 @@ cat > metadata.json <<EOF
 EOF
 runcompose --add-metadata-from-json metadata.json
 ostree --repo=${repobuild} ls -R ${treeref} /usr/lib/ostree-boot > bootls.txt
+if ostree --repo=${repobuild} ls -R ${treeref} /usr/etc/passwd-; then
+    assert_not_reached "Found /usr/etc/passwd- backup file in tree"
+fi
 echo "ok compose"
 
 ostree --repo=${repobuild} show --print-metadata-key exampleos.gitrepo ${treeref} > meta.txt