From cee37c74b11f336e99656b55778aeeed833601c8 Mon Sep 17 00:00:00 2001
From: RJ Trujillo <rjtrujillo@protonmail.ch>
Date: Wed, 20 Nov 2024 10:39:04 -0700
Subject: [PATCH] fix: Allow accounts to belong to GID 0 (#1407)

Currently, we block new users from belonging to GID 0. While this is a
great practice, some images may expect that the configured user belong
to GID 0 so remove the limitation

Signed-off-by: RJ Sampson <rj.sampson@chainguard.dev>
---
 pkg/build/accounts.go                  | 3 ---
 pkg/build/types/image_configuration.go | 4 ----
 2 files changed, 7 deletions(-)

diff --git a/pkg/build/accounts.go b/pkg/build/accounts.go
index 30892c978..02b1ab3ca 100644
--- a/pkg/build/accounts.go
+++ b/pkg/build/accounts.go
@@ -38,9 +38,6 @@ func appendGroup(groups []passwd.GroupEntry, group types.Group) []passwd.GroupEn
 }
 
 func userToUserEntry(user types.User) passwd.UserEntry {
-	if user.GID == 0 {
-		user.GID = user.UID
-	}
 	if user.Shell == "" {
 		user.Shell = "/bin/sh"
 	}
diff --git a/pkg/build/types/image_configuration.go b/pkg/build/types/image_configuration.go
index 089fcf3c7..c82178379 100644
--- a/pkg/build/types/image_configuration.go
+++ b/pkg/build/types/image_configuration.go
@@ -214,10 +214,6 @@ func (ic *ImageConfiguration) Validate() error {
 		if g.GroupName == "" {
 			return fmt.Errorf("configured group %v has no configured group name", g)
 		}
-
-		if g.GID == 0 {
-			return fmt.Errorf("configured group %v has GID 0", g)
-		}
 	}
 	return nil
 }