Makefile: use sysusers directly

Instead of using the libalpm systemd-syusers hook, use sysusers directly. The --root parameter allows us to avoid using the host's namespace and populate using the conf files in the target's build directory.
2026-02-26 19:51:01 +01:00 · 2020-12-10 19:07:59 -05:00 · 2020-12-10 19:07:59 -05:00 · eb0c127ba6
commit eb0c127ba6
parent c0e73cd900
2 changed files with 3 additions and 1 deletions
--- a/Dockerfile.template
+++ b/Dockerfile.template
@ -22,7 +22,6 @@ FROM scratch AS root
 COPY --from=verify /rootfs/ /

 RUN ldconfig
-RUN /usr/share/libalpm/scripts/systemd-hook sysusers

 ENV LANG=en_US.UTF-8
 CMD ["/usr/bin/bash"]
--- a/3
+++ b/3
@ -23,6 +23,9 @@ fakechroot -- fakeroot -- chroot $(BUILDDIR) update-ca-trust

 	ln -fs /usr/lib/os-release $(BUILDDIR)/etc/os-release

+	# add system users
+	fakechroot -- fakeroot -- chroot $(BUILDDIR) /usr/bin/systemd-sysusers --root "/"
+
 	# remove passwordless login for root (see CVE-2019-5021 for reference)
 	sed -i -e 's/^root::/root:!:/' "$(BUILDDIR)/etc/shadow"