[PATCH 2/2] rpm: disable account creation for Fedora >= 42

Daniel P. Berrangé <berrange@xxxxxxxxxx> · Thu, 30 Jan 2025 15:21:31 +0000

In Fedora >= 42, support for user/group account creation based on
sysusers files has been enabled in RPM. Manually running useradd/
groupadd is thus obsolete.

Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 libvirt.spec.in | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/libvirt.spec.in b/libvirt.spec.in
index 5825de7cf1..be91fa6bb4 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -44,6 +44,12 @@
     %define with_qemu_kvm      0
 %endif
 
+%if 0%{?fedora} >= 42
+    %define with_account_add 0
+%else
+    %define with_account_add 1
+%endif
+
 %define with_qemu_tcg      %{with_qemu}
 
 # RHEL disables TCG on all architectures
@@ -535,8 +541,10 @@ Requires(posttrans): /usr/bin/systemctl
 Requires(preun): /usr/bin/systemctl
 # libvirtd depends on 'messagebus' service
 Requires: dbus
+%if %{with_account_add}
 # For uid creation during pre
 Requires(pre): shadow-utils
+%endif
 # Needed by /usr/libexec/libvirt-guests.sh script.
     %if 0%{?fedora}
 Requires: gettext-runtime
@@ -1095,8 +1103,10 @@ Wireshark dissector plugin for better analysis of libvirt RPC traffic.
 %package login-shell
 Summary: Login shell for connecting users to an LXC container
 Requires: libvirt-libs = %{version}-%{release}
+%if %{with_account_add}
 # For uid creation during pre
 Requires(pre): shadow-utils
+%endif
 
 %description login-shell
 Provides the set-uid virt-login-shell binary that is used to
@@ -1796,10 +1806,12 @@ export VIR_TEST_DEBUG=1
 %pre daemon-common
 %libvirt_sysconfig_pre libvirt-guests
 %libvirt_systemd_oneshot_pre libvirt-guests
+%if %{with_account_add}
 # 'libvirt' group is just to allow password-less polkit access to libvirt
 # daemons. The uid number is irrelevant, so we use dynamic allocation.
 getent group libvirt >/dev/null || groupadd -r libvirt
 exit 0
+%endif
 
 %posttrans daemon-common
 %libvirt_sysconfig_posttrans libvirt-guests
@@ -1922,6 +1934,7 @@ exit 0
 %libvirt_sysconfig_pre virtqemud
 %libvirt_systemd_unix_pre virtqemud
 
+%if %{with_account_add}
 # We want soft static allocation of well-known ids, as disk images
 # are commonly shared across NFS mounts by id rather than name.
 # See https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/
@@ -1937,6 +1950,7 @@ if ! getent passwd 'qemu' >/dev/null; then
   fi
 fi
 exit 0
+%endif
 
 %posttrans daemon-driver-qemu
 %libvirt_sysconfig_posttrans virtqemud
@@ -2063,8 +2077,10 @@ done
 
     %if %{with_lxc}
 %pre login-shell
+%if %{with_account_add}
 getent group virtlogin >/dev/null || groupadd -r virtlogin
 exit 0
+%endif
     %endif
 %endif
 
-- 
2.47.1







