From 1ae9b8f04dc20e2f1a70b8a6fb53a079f887882c Mon Sep 17 00:00:00 2001
From: Vinayak Goyal <vinaygo@google.com>
Date: Sat, 19 Jun 2021 09:22:54 -0700
Subject: [PATCH] Update kernel components to run as non-root in kubeadm.

---
 cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go b/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go
index 0e0f33bfe99..4afae2d492e 100644
--- a/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go
+++ b/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go
@@ -27,8 +27,10 @@ import (
 	"k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
 	"k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow"
 	kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
+	"k8s.io/kubernetes/cmd/kubeadm/app/features"
 	"k8s.io/kubernetes/cmd/kubeadm/app/util/initsystem"
 	utilruntime "k8s.io/kubernetes/cmd/kubeadm/app/util/runtime"
+	"k8s.io/kubernetes/cmd/kubeadm/app/util/users"
 	utilsexec "k8s.io/utils/exec"
 )
 
@@ -90,6 +92,13 @@ func runCleanupNode(c workflow.RunData) error {
 	}
 	resetConfigDir(kubeadmconstants.KubernetesDir, certsDir)
 
+	if features.Enabled(r.Cfg().FeatureGates, features.RootlessControlPlane) {
+		klog.V(1).Infoln("[reset] Removing users and groups created for rootless control-plane")
+		if err := users.RemoveUsersAndGroups(); err != nil {
+			klog.Warningf("[reset] Failed to remove users and groups: %v\n", err)
+		}
+	}
+
 	return nil
 }