From 219ce9317ca6f7d479451e9d9c6480190d309d0a Mon Sep 17 00:00:00 2001
From: Simon Deziel <simon.deziel@canonical.com>
Date: Tue, 23 Apr 2024 11:04:06 -0400
Subject: [PATCH] snapcraft/commands/daemon.start: set primary group to lxd

By creating the group first, the user creation can use `--gid lxd` to have the
right primary group.

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
(cherry picked from commit cd1a18d67df30be4e316d09c9c151276572c8110)
(cherry picked from commit 6cba91382caeeea0e4307d669cac4fd32904198e)
---
 snapcraft/commands/daemon.start | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/snapcraft/commands/daemon.start b/snapcraft/commands/daemon.start
index 57f8e89ae..8f1cc2b28 100755
--- a/snapcraft/commands/daemon.start
+++ b/snapcraft/commands/daemon.start
@@ -274,16 +274,6 @@ for entry in dev proc sys; do
     mount -o bind "/${entry}" "/var/lib/snapd/hostfs/${entry}"
 done
 
-# Setup the "lxd" user
-if ! getent passwd lxd >/dev/null 2>&1; then
-    echo "==> Creating \"lxd\" user"
-    if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
-        nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --extrausers lxd || true
-    else
-        nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false lxd || true
-    fi
-fi
-
 # Setup the "lxd" group
 if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
     echo "==> Creating \"lxd\" group"
@@ -294,6 +284,16 @@ if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
     fi
 fi
 
+# Setup the "lxd" user
+if ! getent passwd lxd >/dev/null 2>&1; then
+    echo "==> Creating \"lxd\" user"
+    if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
+        nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd --extrausers lxd || true
+    else
+        nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd lxd || true
+    fi
+fi
+
 # Setup for ceph
 echo "==> Setting up ceph configuration"
 if [ "${ceph_builtin:-"false"}" = "true" ]; then