Automagically create users/groups

[josh1703658784]

In reference to: https://github.com/blacklabelops/logrotate/issues/25

Problem use case

Say a given log file has no user/group mapping present in the logrotate container. logrotate will attempt to rotate the file as root. This action may fail if the directory's permissions containing the log file are too open.

Why does this happen

This is mostly a result of the isolation that Docker gives. Each running container in a stack may have a unique set of user/group ID mappings. As a result, if all container logs are written to disk in a single directory permissions must be fairly open.

For example, if logrotate has the following /etc/passwd:

root:x:0:0
nobody:x:65534:65534

And say container foobar (running as user bizzbatt) has the following /etc/passwd:

root:x:0:0
bizzbatt:x:400:400
nobody:x:65534:65534

foobar will write logs to disk that are owned by bizzbatt.

logrotate will fail to find a user mapped to ID 400 and will attempt to rotate the log as root. This will also fail because the logging directory permissions are so open.

This issue is "solved" by the pull request. When adding a file to the logrotate configuration, it will create users and groups as needed for discovered log files without users and groups.

After running this script, /etc/passwd in logrotate may look like this:

root:x:0:0
fakeuser-1532375851:x:400: 400
nobody:x:65534:65534

Now logrotate can su as a the mapped user fakeuser-1532375851. If logrotate is removed and re-started a new set of user/group mappings would be created.