#!/bin/bash updateDockerInstallPassword() { # The rootless docker user's password is set at install (as root, from the # startPreInstall → installDockerRootlessUser path). Under the de-sudo model # the runtime runs AS the manager with a SCOPED sudoers that grants only # LP_HELPERS/LP_SYSTEM + running-as-the-install-user — NOT `passwd`. So the # per-scan re-sync from start_scan.sh can't work (sudo passwd is denied) and # isn't needed (the user is operated via rootless-docker tooling, not a # password login). Skip unless actually root, else every system scan fails # this step. Twin of the updateDockerSudoPassword guard. if [[ $EUID -ne 0 ]]; then return 0 fi local result; result=$(echo -e "$CFG_DOCKER_INSTALL_PASS\n$CFG_DOCKER_INSTALL_PASS" | runSystem passwd "$CFG_DOCKER_INSTALL_USER" > /dev/null 2>&1) checkSuccess "Updating the password for the $CFG_DOCKER_INSTALL_USER user" }