Improve arbitrary user run on OpenShift

[mcanevet]

With this patch, the image is compatible with OpenShift as it will
generate a valid /etc/passwd at runtime for initdb.

[tianon]

I'm definitely not comfortable with this image modifying /etc/passwd at runtime, that's a bit nasty. 😞

What is it about how OpenShift runs the image that makes this necessary?

[mcanevet]

@tianon By default, OpenShift Container Platform runs containers using an arbitrarily assigned user ID. (see https://docs.openshift.com/container-platform/3.7/creating_images/guidelines.html chapter Support Arbitrary User IDs). This image mostly support it, but, as per the documentation, initdb needs the user to exist in /etc/passwd. Both proposed workaround are not very easy to setup in a production orchestrator. With this patch, I think this image will fully support to be run with an arbitrary user and would not require extra setup for that anymore.

[mcanevet]

@tianon could you please explain what is the problem with this PR except that you are not "comfortable" with modifying the /etc/passwd at runtime? Unless I'm wrong, it does not add a security hole.
This will make this image fully support running as arbitrary use (and not "mostly" as now).

[yosifkit]

No need for editable /etc/passwd. Fixed by #448.