build a working Base container

9-container.yml

@@ -1,5 +1,5 @@
 - imagename: Rocky-9-Container
-  types: [tgz]
+  types: [raw]
   docker-target: git.resf.org/sig_cloud/images:9.3
   elements: [rocky-container-base]
   arch: ppc64le

diskimage-builder

@@ -1 +1 @@
-Subproject commit b2d4d75686d72cb67327736144e0b40b662ca9c4
+Subproject commit e2c20bf2cff0721fc1724afe1d979a382bfdbe04

elements/rocky-common/environment.d/50-rocky-common

@@ -0,0 +1,2 @@
+export DIB_DISABLE_KERNEL_CLEANUP=${DIB_DISABLE_KERNEL_CLEANUP:-0}
+export DIB_INIT_SYSTEM=systemd

elements/rocky-container-base/element-deps

@@ -1 +1,2 @@
 rocky-minimal-yum
+no-final-image

elements/rocky-minimal-yum/element-deps

@@ -1,3 +1,3 @@
-redhat-common
+rocky-common
 rpm-distro
 yum

elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon

@@ -1,28 +0,0 @@
-#!/bin/bash
-#
-# Copyright 2019 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-
-if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
-    set -x
-fi
-set -eu
-set -o pipefail
-
-# Ensure that dbus-daemon is enabled; fedora 30 and above has switched to
-# dbus-broker.
-if [[ ${DISTRO_NAME} == 'fedora' && ${DIB_RELEASE} -eq 29 ]]; then
-    systemctl --no-reload enable dbus-daemon.service
-fi

elements/rocky-minimal-yum/pkg-map

@@ -2,6 +2,8 @@
   "family": {
     "redhat": {
       "lsb_release": "ed hostname patch postfix tar time"
+      "iscsi_package": " "
+      "open-iscsi": " "
     }
   }
 }

elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+# Stay compatible
+echo 'container' > /etc/dnf/vars/infra
+
+#Generate installtime file record
+/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
+
+# Limit languages to help reduce size.
+LANG="en_US"
+echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1727489
+echo 'LANG="C.UTF-8"' >  /etc/locale.conf
+
+for dir in $(ls -d /usr/share/locale/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
+
+rm -fr /usr/share/man
+
+
+# Cleanup caches left by chroot
+rm -fr /usr/lib64/python*/__pycache__/
+rm -fr /var/cache/dnf/*
+rm -fr /run
+rm -fr /home/ansible/
+
+# systemd fixes
+:> /etc/machine-id
+systemd-tmpfiles --create --boot
+
+# mask mounts and login bits
+systemctl mask \
+    console-getty.service \
+    dev-hugepages.mount \
+    getty.target \
+    sys-fs-fuse-connections.mount \
+    systemd-logind.service \
+    systemd-remount-fs.service
+
+# Cleanup the image
+rm -fv /etc/udev/hwdb.bin
+rm -rfv /usr/lib/udev/hwdb.d/ \
+       /boot /var/lib/dnf/history.* \
+       "/tmp/*" "/tmp/.*" /var/log/* || true
+
+ls /dev/ -artlh

elements/rocky-minimal-yum/root.d/08-yum-chroot

@@ -224,7 +224,7 @@ function _install_pkg_manager {
             # satisfies the locale dependency (rhbz#1349258).
             # Work-around this by explicitly requring the minimal and
             # english (for en_US.UTF-8) pack.
-            _lang_pack="glibc-minimal-langpack glibc-langpack-en"
+            _lang_pack="glibc-minimal-langpack"
         fi
 
         # Yum has some issues choosing weak dependencies.  It can end
@@ -251,6 +251,7 @@ function _install_pkg_manager {
             --disableexcludes=all \
             --setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \
             --setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \
+            --setopt=install_weak_deps=0 \
             --releasever=${DIB_RELEASE/-*/} \
             --installroot $TARGET_ROOT \
             install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$?
@@ -318,7 +319,7 @@ _install_repos
 # (https://docs.fedoraproject.org/en-US/modularity/) we can pick up
 # seemingly mismatched libraries.
 if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then
-    _install_pkg_manager dnf dnf-plugins-core curl-minimal libcurl-minimal
+    _install_pkg_manager dnf curl-minimal libcurl-minimal
 elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then
     _install_pkg_manager dnf dnf-plugins-core curl libcurl
 else
@@ -366,19 +367,19 @@ _run_chroot ${YUM} clean all
 echo "%_install_langs C:en_US:en_US.UTF-8" | \
     sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null
 
-_base_packages="systemd passwd findutils sudo util-linux-ng "
+_base_packages="findutils sudo passwd util-linux-ng "
 
 # This package is split out from systemd on >F24, dracut is
 # missing the dependency and will fail to make an initrd without
 # it; see
 #  https://bugzilla.redhat.com/show_bug.cgi?id=1398505
-_base_packages+="systemd-udev "
 
 # bootstrap the environment within the chroot; bring in new
 # metadata with an update and install some base packages we need.
 _run_chroot ${YUM} -y update
 _run_chroot ${YUM} -y \
     --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
+    --setopt=install_weak_deps=0 \
     install ${_base_packages}
 
 # Put in a dummy /etc/resolv.conf over the temporary one we used
@@ -401,10 +402,10 @@ _run_chroot ln -sf /usr/share/zoneinfo/UTC \
 # TODO : move this into a exit trap; and reconsider how
 # this integrates with the global exit cleanup path.
 sudo umount $TMP_MOUNT_PATH/tmp/yum
-sudo umount $TARGET_ROOT/proc
-sudo umount $TARGET_ROOT/dev/pts
-sudo umount $TARGET_ROOT/dev
-sudo umount $TARGET_ROOT/sys
+sudo umount -lf $TARGET_ROOT/proc
+sudo umount -lf $TARGET_ROOT/dev/pts
+sudo umount -lf $TARGET_ROOT/dev
+sudo umount -lf $TARGET_ROOT/sys
 
 # RPM doesn't know whether files have been changed since install
 # At this point though, we know for certain that we have changed no