From b226422cd76acb886017d1a84ded990efc192f85 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 23 Jul 2020 14:24:38 +0200
Subject: [PATCH] firstboot: don't create /etc/passwd with mode 000

It needs to be world readable (unlike /etc/shadow) when created anew.

This fixes systems that boot with "systemd-nspawn --volatile=yes", i.e.
come up with an entirely empty /etc/ and thus no existing /etc/passwd
file when firstboot runs.
---
 src/firstboot/firstboot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 82cd4040f9c..807a4f57291 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -685,7 +685,7 @@ static int write_root_passwd(const char *passwd_path, const char *password, cons
                 if (errno != ENOENT)
                         return -errno;
 
-                r = fchmod(fileno(passwd), 0000);
+                r = fchmod(fileno(passwd), 0644);
                 if (r < 0)
                         return -errno;
 
-- 
2.39.2