From a68c858e2493e569b8a84d26626d12851e3cce7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Ravier?= Date: Tue, 24 Mar 2026 11:29:03 +0100 Subject: [PATCH] post-process: Remove workaround for openvswitch additional group We are moving the group inclusion directly to the RHEL base image instead of working around it here in the OCP node layer. See: https://github.com/openshift/os/pull/1917 See: https://github.com/coreos/rhel-coreos-config/pull/224 See: https://redhat.atlassian.net/browse/OCPBUGS-64841 --- packages-openshift.yaml | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/packages-openshift.yaml b/packages-openshift.yaml index 00057c79..7658205b 100644 --- a/packages-openshift.yaml +++ b/packages-openshift.yaml @@ -104,32 +104,6 @@ postprocess: #!/usr/bin/bash mkdir -p /usr/share/containers/oci/hooks.d - - | - #!/usr/bin/env bash - set -xeo pipefail - # Add the hugetlbfs group to the openvswitch user if the openvswitch-hugetlbfs.conf - # sysusers fragment exists. The usermod used to happen in the RPM scriptlets but - # that stopped working in the sysusers conversion. We should be able to drop this - # when a bug gets fixed in systemd: https://github.com/openshift/os/issues/1274#issuecomment-1605507390 - if [ -f /usr/lib/sysusers.d/openvswitch-hugetlbfs.conf ]; then - if [ -f /run/.containerenv ]; then - # We're running as part of a derivation; `usermod` will not work - # because it doesn't go through NSS. Hackily put the /usr/lib files - # in /etc temporarily then put them back - mv /etc/passwd /etc/passwd.bak - mv /etc/group /etc/group.bak - mv /usr/lib/passwd /etc/passwd - mv /usr/lib/group /etc/group - fi - usermod -a -G hugetlbfs openvswitch - if [ -f /run/.containerenv ]; then - mv /etc/passwd /usr/lib/passwd - mv /etc/group /usr/lib/group - mv /etc/passwd.bak /etc/passwd - mv /etc/group.bak /etc/group - fi - fi - - | #!/usr/bin/env bash set -xeuo pipefail