Use systemd-sysusers to create user & group

This duplicates the sysusers config from upstream but only installs the upstream one. The configs should be kept in sync. We can not use the upstream one as it requires pre-processing that will only happen at a later time in the build process. See: https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation https://src.fedoraproject.org/rpms/flatpak/pull-request/8
2021-09-06 16:43:00 +02:00 · 2021-09-06 16:43:00 +02:00 · 6c2b44a54a
commit 6c2b44a54a
parent b6e9962fa4
2 changed files with 12 additions and 7 deletions
--- a/flatpak.spec
+++ b/flatpak.spec
@ -4,7 +4,7 @@

 Name:           flatpak
 Version:        1.13.2
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Application deployment framework for desktop apps

 License:        LGPLv2+
@ -16,6 +16,10 @@ Source0:        https://github.com/flatpak/flatpak/releases/download/%{version}/
 Source1:        flatpak-add-fedora-repos.service
 %endif

+# systemd-sysusers config. Only used for the %%pre macro. Must be kept in sync
+# with the config from upstream sources.
+Source2:        flatpak.sysusers.conf
+
 Patch0:         flatpak-selinux-permissions.patch

 BuildRequires:  pkgconfig(appstream) >= %{appstream_version}
@ -44,6 +48,7 @@ BuildRequires:  gpgme-devel
 BuildRequires:  libcap-devel
 BuildRequires:  python3-pyparsing
 BuildRequires:  systemd
+BuildRequires:  systemd-rpm-macros
 BuildRequires:  /usr/bin/xdg-dbus-proxy
 BuildRequires:  /usr/bin/xmlto
 BuildRequires:  /usr/bin/xsltproc
@ -158,11 +163,7 @@ install -D -t %{buildroot}%{_unitdir} %{SOURCE1}
 %find_lang %{name}

 %pre
-getent group flatpak >/dev/null || groupadd -r flatpak
-getent passwd flatpak >/dev/null || \
-    useradd -r -g flatpak -d / -s /sbin/nologin \
-     -c "User for flatpak system helper" flatpak
-exit 0
+%sysusers_create_compat %{SOURCE2}


 %if 0%{?fedora}
@ -227,7 +228,7 @@ fi
 %{_sysconfdir}/dbus-1/system.d/org.freedesktop.Flatpak.SystemHelper.conf
 %{_sysconfdir}/flatpak/remotes.d
 %{_sysconfdir}/profile.d/flatpak.sh
-%{_sysusersdir}/flatpak.conf
+%{_sysusersdir}/%{name}.conf
 %{_unitdir}/flatpak-system-helper.service
 %{_userunitdir}/flatpak-oci-authenticator.service
 %{_userunitdir}/flatpak-portal.service
@ -267,6 +268,9 @@ fi


 %changelog
+* Tue May 17 2022 Timothée Ravier <tim@siosm.fr> - 1.13.2-3
+- Use sysusers_create_compat macro to create user & group.
+
 * Tue Apr 12 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.13.2-2
 - Avoid SELinux denials caused by read access to /etc/passwd, watching files
  inside /usr/libexec and read access to /var/lib/flatpak
--- a/flatpak.sysusers.conf
+++ b/flatpak.sysusers.conf
@ -0,0 +1 @@
+u flatpak - "Flatpak system helper" -