build: add libnss-systemd as a hard dependency

Provides UNIX user and group name resolution for systemd DynamicUser when the user/group is not in /etc/passwd or /etc/group https://www.freedesktop.org/software/systemd/man/nss-systemd.html I also found out this package is required to use a unix socket with DynamicUser. I've removed the creation of the `sshportal` static user during the mariadb setup
alterway · Sep 4, 2023 · f271a8c · f271a8c
1 parent 08b672b
commit f271a8c
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -30,6 +30,7 @@ nfpms:
 
   dependencies:
     - systemd
+    - libnss-systemd
 
   recommends:
     - sqlite3

diff --git a/README.md b/README.md
@@ -60,8 +60,8 @@ You will be asked if you want to use `mariadb` instead of `sqlite` (default). Ma
 To install SSHportal with mariadb:
 
 ```bash
-apt install -y mariadb-server
-DEBIAN_FRONTEND=noninteractive SSHPORTAL_MARIADB_SETUP=true apt install --no-install-recommends -y ./sshportal_x.x.x_xxx.deb
+apt install --no-install-recommends -y mariadb-server
+DEBIAN_FRONTEND=noninteractive SSHPORTAL_MARIADB_SETUP=true apt install --no-install-recommends -y mariadb-server ./sshportal_x.x.x_xxx.deb
 ```
 
 If you want to stick with sqlite, you just have to do this:
@@ -80,7 +80,7 @@ Make sure to install `mariadb-server` before if you want to use it as this packa
 There is no debconf in RedHat distribution so if you want an automatic mariadb setup you need to install `sshportal` with :
 
 ```bash
-dnf install -y mariadb-server
+dnf install -y --setopt=install_weak_deps=False mariadb-server
 SSHPORTAL_MARIADB_SETUP=true dnf install --setopt=install_weak_deps=False ./sshportal_x.x.x_xxx.rpm
 ```
 

diff --git a/packaging/preinstall.sh b/packaging/preinstall.sh
@@ -30,7 +30,6 @@ if [ "$RET" = "true" ] || [ "$SSHPORTAL_MARIADB_SETUP" = "true" ]; then
 	 	exit 2
 	fi
 
-	useradd -rd /nonexistent -s /usr/sbin/nologin sshportal # can't use systemd dynamic user to access the unix socket
 	systemctl enable --now mariadb
     mariadb -e "CREATE DATABASE sshportal CHARACTER SET utf8;" || printf "${BYELLOW}%s %s${NC}\n" "WARNING: sshportal database already exists"
 	mariadb -e "GRANT ALL on sshportal.* to 'sshportal'@'localhost' identified via unix_socket;"
-Original file line number
+Diff line change
@@ Expand Up / @@ -30,6 +30,7 @@ nfpms: @@
       dependencies:
         - systemd
+        - libnss-systemd
       recommends:
         - sqlite3
@@ Expand Down @@