747e957263
Without an entry in the shadow file, this user can't use sudo with the following error: account validation failure, is your account locked (which I include here for future googling because it's pretty obscure, you have to have this odd situation, or a pretty broken PAM to see it). The "nodepool" user (10001) is in the root group, which is why the uid_entrypoint script can update the /etc/passwd file. We need to change the ownership of the /etc/shadow file for this to work. It feels a bit weird, but there's no password to actually guess anyway. Change-Id: I8846757edffe31f96df58999d05727910c9fca43
24 lines
862 B
Bash
Executable File
24 lines
862 B
Bash
Executable File
#!/bin/sh
|
|
# Copyright 2019 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
if ! whoami 2>&1 >/dev/null; then
|
|
if [ -w /etc/passwd ]; then
|
|
echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >> /etc/passwd
|
|
echo "${USER_NAME:-default}:!:18211:0:99999:7:::" >> /etc/shadow
|
|
fi
|
|
fi
|
|
exec dumb-init "$@"
|