Don't fail if /etc/passwd or /etc/group does not exists

Container images can be created without passwd or group file, currently
if one of these containers gets run with a --user flag the container blows
up complaining about t a missing /etc/passwd file.

We just need to check if the error on read is ENOEXIST then allow the
read to return, not fail.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

libpod/container_internal.go

@@ -5,7 +5,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/opencontainers/runc/libcontainer/user"
 	"io"
 	"io/ioutil"
 	"os"
@@ -25,6 +24,7 @@ import (
 	"github.com/containers/storage/pkg/archive"
 	"github.com/containers/storage/pkg/chrootarchive"
 	"github.com/containers/storage/pkg/mount"
+	"github.com/opencontainers/runc/libcontainer/user"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/opencontainers/selinux/go-selinux/label"
@@ -1069,7 +1069,7 @@ func (c *Container) generatePasswd() (string, error) {
 	}
 	originPasswdFile := filepath.Join(c.state.Mountpoint, "/etc/passwd")
 	orig, err := ioutil.ReadFile(originPasswdFile)
-	if err != nil {
+	if err != nil && !os.IsNotExist(err) {
 		return "", errors.Wrapf(err, "unable to read passwd file %s", originPasswdFile)
 	}
 

pkg/lookup/lookup.go

@@ -1,10 +1,12 @@
 package lookup
 
 import (
+	"os"
+	"strconv"
+
 	"github.com/cyphar/filepath-securejoin"
 	"github.com/opencontainers/runc/libcontainer/user"
 	"github.com/sirupsen/logrus"
-	"strconv"
 )
 
 const (
@@ -116,7 +118,7 @@ func GetUser(containerMount, userIDorName string) (*user.User, error) {
 		}
 		return u.Uid == uid
 	})
-	if err != nil {
+	if err != nil && !os.IsNotExist(err) {
 		return nil, err
 	}
 	if len(users) > 0 {
@@ -146,7 +148,7 @@ func GetGroup(containerMount, groupIDorName string) (*user.Group, error) {
 		}
 		return g.Gid == gid
 	})
-	if err != nil {
+	if err != nil && !os.IsNotExist(err) {
 		return nil, err
 	}
 	if len(groups) > 0 {