From 3f2939c2ef6d9867862f597751c12b14c74440a3 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Mon, 21 Mar 2022 16:43:14 +0100
Subject: run, create: add --passwd-entry

It allows to customize the entry that is written to the `/etc/passwd`
file when --passwd is used.

Closes: https://github.com/containers/podman/issues/13185

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/container_internal_linux.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'libpod/container_internal_linux.go')

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 11ca169ca..9369b746c 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -2724,6 +2724,9 @@ func (c *Container) userPasswdEntry(u *user.User) (string, error) {
 	if !hasHomeSet {
 		c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir))
 	}
+	if c.config.PasswdEntry != "" {
+		return c.passwdEntry(u.Username, u.Uid, u.Gid, u.Name, homeDir), nil
+	}
 
 	return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Name, homeDir), nil
 }
@@ -2775,9 +2778,25 @@ func (c *Container) generateUserPasswdEntry(addedUID int) (string, int, int, err
 			gid = group.Gid
 		}
 	}
+
+	if c.config.PasswdEntry != "" {
+		entry := c.passwdEntry(fmt.Sprintf("%d", uid), fmt.Sprintf("%d", uid), fmt.Sprintf("%d", gid), "container user", c.WorkingDir())
+		return entry, int(uid), gid, nil
+	}
+
 	return fmt.Sprintf("%d:*:%d:%d:container user:%s:/bin/sh\n", uid, uid, gid, c.WorkingDir()), int(uid), gid, nil
 }
 
+func (c *Container) passwdEntry(username string, uid, gid, name, homeDir string) string {
+	s := c.config.PasswdEntry
+	s = strings.Replace(s, "$USERNAME", username, -1)
+	s = strings.Replace(s, "$UID", uid, -1)
+	s = strings.Replace(s, "$GID", gid, -1)
+	s = strings.Replace(s, "$NAME", name, -1)
+	s = strings.Replace(s, "$HOME", homeDir, -1)
+	return s + "\n"
+}
+
 // generatePasswdAndGroup generates container-specific passwd and group files
 // iff g.config.User is a number or we are configured to make a passwd entry for
 // the current user or the user specified HostsUsers
-- 
cgit v1.2.3-54-g00ecf