RPM 6.1.0 [*] will do NSS lookups again by default, and so the following commit should no longer be needed (or desired, really):

commit fd9d7e81367ddfd4c619d5ffbe9dd981f2a71823 (HEAD -> rawhide, origin/rawhide, origin/main, origin/f44, origin/HEAD)
Author: Joseph Marrero Corchado <jmarrero>
Date:   Mon Feb 16 16:01:02 2026 -0500

    Add RPM macros to configure %%_passwd_path and %%_group_path
    
    Fixes user/group lookup for packages with non-root file ownership
    See: https://github.com/rpm-software-management/rpm/pull/3672

The issue with this commit is two-fold:

1. It points RPM to a possibly non-existent /usr/lib/passwd or /usr/lib/group file (it will print an error)
2. It effectively enables the altfiles NSS module regardless of whether it's actually configured in the /etc/nsswitch.conf file or not

FWIW, there's a pending RHEL backport (https://redhat.atlassian.net/browse/RHEL-140819) where I've also commented.

Reproducible: Always

Steps to Reproduce:
1. dnf install nss-altfiles
2. dnf install nginx-core
Actual Results:
[...]
error: failed to open /usr/lib/passwd for id/name lookup: No such file or directory
[...]

Expected Results:
No error. The alternate passwd/group file shouldn't be consulted here if it's non-existent.

[*] https://fedoraproject.org/wiki/Changes/RPM-6.1