Don't fail if /etc/passwd or /etc/group does not exists

Container images can be created without passwd or group file, currently
if one of these containers gets run with a --user flag the container blows
up complaining about t a missing /etc/passwd file.

We just need to check if the error on read is ENOEXIST then allow the
read to return, not fail.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

1 files changed, 2 insertions, 2 deletions

diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index d928c4aed..558099e82 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -5,7 +5,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/opencontainers/runc/libcontainer/user"
 	"io"
 	"io/ioutil"
 	"os"
@@ -25,6 +24,7 @@ import (
 	"github.com/containers/storage/pkg/archive"
 	"github.com/containers/storage/pkg/chrootarchive"
 	"github.com/containers/storage/pkg/mount"
+	"github.com/opencontainers/runc/libcontainer/user"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/opencontainers/selinux/go-selinux/label"
@@ -1069,7 +1069,7 @@ func (c *Container) generatePasswd() (string, error) {
 	}
 	originPasswdFile := filepath.Join(c.state.Mountpoint, "/etc/passwd")
 	orig, err := ioutil.ReadFile(originPasswdFile)
-	if err != nil {
+	if err != nil && !os.IsNotExist(err) {
 		return "", errors.Wrapf(err, "unable to read passwd file %s", originPasswdFile)
 	}