Skip to content

Commit

Permalink
fix: Allow accounts to belong to GID 0 (#1407)
Browse files Browse the repository at this point in the history 
Currently, we block new users from belonging to GID 0. While this is a
great practice, some images may expect that the configured user belong
to GID 0 so remove the limitation

Signed-off-by: RJ Sampson <rj.sampson@chainguard.dev>
  • Loading branch information
@EyeCantCU
EyeCantCU authored Nov 20, 2024
1 parent 0a5939c commit cee37c7
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 7 deletions.
3 changes: 0 additions & 3 deletions pkg/build/accounts.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,6 @@ func appendGroup(groups []passwd.GroupEntry, group types.Group) []passwd.GroupEn
}

func userToUserEntry(user types.User) passwd.UserEntry {
if user.GID == 0 {
user.GID = user.UID
}
if user.Shell == "" {
user.Shell = "/bin/sh"
}
Expand Down
4 changes: 0 additions & 4 deletions pkg/build/types/image_configuration.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,10 +214,6 @@ func (ic *ImageConfiguration) Validate() error {
if g.GroupName == "" {
return fmt.Errorf("configured group %v has no configured group name", g)
}

if g.GID == 0 {
return fmt.Errorf("configured group %v has GID 0", g)
}
}
return nil
}
Expand Down

0 comments on commit cee37c7

Please sign in to comment.