hst: optionally disable file placement

This works around stubborn package managers.

Signed-off-by: Ophestra <cat@gensokyo.uk>

hst/container.go

@@ -65,6 +65,8 @@ const (
 	// Some programs fail to connect to dbus session running as a different uid,
 	// this option works around it by mapping priv-side caller uid in container.
 	FMapRealUID
+	// FNoPlace disables placement of /etc/passwd and /etc/group.
+	FNoPlace
 
 	// FDevice mount /dev/ from the init mount namespace as is in the container
 	// mount namespace.
@@ -101,6 +103,8 @@ func (flags Flags) String() string {
 		return "tty"
 	case FMapRealUID:
 		return "mapuid"
+	case FNoPlace:
+		return "noplace"
 	case FDevice:
 		return "device"
 	case FCoverRun:
@@ -197,6 +201,8 @@ type containerConfigJSON = struct {
 
 	// Corresponds to [FMapRealUID].
 	MapRealUID bool `json:"map_real_uid"`
+	// Corresponds to [FNoPlace].
+	NoPlace bool `json:"noplace,omitempty"`
 
 	// Corresponds to [FDevice].
 	Device bool `json:"device,omitempty"`
@@ -224,6 +230,7 @@ func (c *ContainerConfig) MarshalJSON() ([]byte, error) {
 		Tty:           c.Flags&FTty != 0,
 		Multiarch:     c.Flags&FMultiarch != 0,
 		MapRealUID:    c.Flags&FMapRealUID != 0,
+		NoPlace:       c.Flags&FNoPlace != 0,
 		Device:        c.Flags&FDevice != 0,
 		CoverRun:      c.Flags&FCoverRun != 0,
 		ShareRuntime:  c.Flags&FShareRuntime != 0,
@@ -266,6 +273,9 @@ func (c *ContainerConfig) UnmarshalJSON(data []byte) error {
 	if v.MapRealUID {
 		c.Flags |= FMapRealUID
 	}
+	if v.NoPlace {
+		c.Flags |= FNoPlace
+	}
 	if v.Device {
 		c.Flags |= FDevice
 	}