From 198a7bf0dac9f47622a832899bd25734077d1d5d Mon Sep 17 00:00:00 2001 From: Neil Hanlon Date: Tue, 21 Nov 2023 16:29:12 -0500 Subject: [PATCH] build a working Base container --- 9-container.yml | 2 +- diskimage-builder | 2 +- .../environment.d/50-rocky-common | 2 + elements/rocky-container-base/element-deps | 1 + elements/rocky-minimal-yum/element-deps | 2 +- .../install.d/11-ensure-dbus-daemon | 28 ---------- elements/rocky-minimal-yum/pkg-map | 2 + .../post-install.d/80-cleanup-locales-etc | 52 +++++++++++++++++++ .../rocky-minimal-yum/root.d/08-yum-chroot | 17 +++--- 9 files changed, 69 insertions(+), 39 deletions(-) create mode 100644 elements/rocky-common/environment.d/50-rocky-common delete mode 100755 elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon create mode 100755 elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc diff --git a/9-container.yml b/9-container.yml index f21600a..67f069a 100644 --- a/9-container.yml +++ b/9-container.yml @@ -1,5 +1,5 @@ - imagename: Rocky-9-Container - types: [tgz] + types: [raw] docker-target: git.resf.org/sig_cloud/images:9.3 elements: [rocky-container-base] arch: ppc64le diff --git a/diskimage-builder b/diskimage-builder index b2d4d75..e2c20bf 160000 --- a/diskimage-builder +++ b/diskimage-builder @@ -1 +1 @@ -Subproject commit b2d4d75686d72cb67327736144e0b40b662ca9c4 +Subproject commit e2c20bf2cff0721fc1724afe1d979a382bfdbe04 diff --git a/elements/rocky-common/environment.d/50-rocky-common b/elements/rocky-common/environment.d/50-rocky-common new file mode 100644 index 0000000..fd5efcd --- /dev/null +++ b/elements/rocky-common/environment.d/50-rocky-common @@ -0,0 +1,2 @@ +export DIB_DISABLE_KERNEL_CLEANUP=${DIB_DISABLE_KERNEL_CLEANUP:-0} +export DIB_INIT_SYSTEM=systemd diff --git a/elements/rocky-container-base/element-deps b/elements/rocky-container-base/element-deps index 7f5e0ff..9f3f1fc 100644 --- a/elements/rocky-container-base/element-deps +++ b/elements/rocky-container-base/element-deps @@ -1 +1,2 @@ rocky-minimal-yum +no-final-image diff --git a/elements/rocky-minimal-yum/element-deps b/elements/rocky-minimal-yum/element-deps index ba3a453..33c347f 100644 --- a/elements/rocky-minimal-yum/element-deps +++ b/elements/rocky-minimal-yum/element-deps @@ -1,3 +1,3 @@ -redhat-common +rocky-common rpm-distro yum diff --git a/elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon b/elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon deleted file mode 100755 index ae1534d..0000000 --- a/elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# Copyright 2019 Red Hat, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# - -if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then - set -x -fi -set -eu -set -o pipefail - -# Ensure that dbus-daemon is enabled; fedora 30 and above has switched to -# dbus-broker. -if [[ ${DISTRO_NAME} == 'fedora' && ${DIB_RELEASE} -eq 29 ]]; then - systemctl --no-reload enable dbus-daemon.service -fi diff --git a/elements/rocky-minimal-yum/pkg-map b/elements/rocky-minimal-yum/pkg-map index b6c4f30..ede19d6 100644 --- a/elements/rocky-minimal-yum/pkg-map +++ b/elements/rocky-minimal-yum/pkg-map @@ -2,6 +2,8 @@ "family": { "redhat": { "lsb_release": "ed hostname patch postfix tar time" + "iscsi_package": " " + "open-iscsi": " " } } } diff --git a/elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc b/elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc new file mode 100755 index 0000000..f02402f --- /dev/null +++ b/elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc @@ -0,0 +1,52 @@ +#!/bin/bash + +if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then + set -x +fi +set -eu +set -o pipefail + +# Stay compatible +echo 'container' > /etc/dnf/vars/infra + +#Generate installtime file record +/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME + +# Limit languages to help reduce size. +LANG="en_US" +echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf + +# https://bugzilla.redhat.com/show_bug.cgi?id=1727489 +echo 'LANG="C.UTF-8"' > /etc/locale.conf + +for dir in $(ls -d /usr/share/locale/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done + +rm -fr /usr/share/man + + +# Cleanup caches left by chroot +rm -fr /usr/lib64/python*/__pycache__/ +rm -fr /var/cache/dnf/* +rm -fr /run +rm -fr /home/ansible/ + +# systemd fixes +:> /etc/machine-id +systemd-tmpfiles --create --boot + +# mask mounts and login bits +systemctl mask \ + console-getty.service \ + dev-hugepages.mount \ + getty.target \ + sys-fs-fuse-connections.mount \ + systemd-logind.service \ + systemd-remount-fs.service + +# Cleanup the image +rm -fv /etc/udev/hwdb.bin +rm -rfv /usr/lib/udev/hwdb.d/ \ + /boot /var/lib/dnf/history.* \ + "/tmp/*" "/tmp/.*" /var/log/* || true + +ls /dev/ -artlh diff --git a/elements/rocky-minimal-yum/root.d/08-yum-chroot b/elements/rocky-minimal-yum/root.d/08-yum-chroot index 45efe7f..cbf7636 100755 --- a/elements/rocky-minimal-yum/root.d/08-yum-chroot +++ b/elements/rocky-minimal-yum/root.d/08-yum-chroot @@ -224,7 +224,7 @@ function _install_pkg_manager { # satisfies the locale dependency (rhbz#1349258). # Work-around this by explicitly requring the minimal and # english (for en_US.UTF-8) pack. - _lang_pack="glibc-minimal-langpack glibc-langpack-en" + _lang_pack="glibc-minimal-langpack" fi # Yum has some issues choosing weak dependencies. It can end @@ -251,6 +251,7 @@ function _install_pkg_manager { --disableexcludes=all \ --setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \ --setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \ + --setopt=install_weak_deps=0 \ --releasever=${DIB_RELEASE/-*/} \ --installroot $TARGET_ROOT \ install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$? @@ -318,7 +319,7 @@ _install_repos # (https://docs.fedoraproject.org/en-US/modularity/) we can pick up # seemingly mismatched libraries. if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then - _install_pkg_manager dnf dnf-plugins-core curl-minimal libcurl-minimal + _install_pkg_manager dnf curl-minimal libcurl-minimal elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then _install_pkg_manager dnf dnf-plugins-core curl libcurl else @@ -366,19 +367,19 @@ _run_chroot ${YUM} clean all echo "%_install_langs C:en_US:en_US.UTF-8" | \ sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null -_base_packages="systemd passwd findutils sudo util-linux-ng " +_base_packages="findutils sudo passwd util-linux-ng " # This package is split out from systemd on >F24, dracut is # missing the dependency and will fail to make an initrd without # it; see # https://bugzilla.redhat.com/show_bug.cgi?id=1398505 -_base_packages+="systemd-udev " # bootstrap the environment within the chroot; bring in new # metadata with an update and install some base packages we need. _run_chroot ${YUM} -y update _run_chroot ${YUM} -y \ --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \ + --setopt=install_weak_deps=0 \ install ${_base_packages} # Put in a dummy /etc/resolv.conf over the temporary one we used @@ -401,10 +402,10 @@ _run_chroot ln -sf /usr/share/zoneinfo/UTC \ # TODO : move this into a exit trap; and reconsider how # this integrates with the global exit cleanup path. sudo umount $TMP_MOUNT_PATH/tmp/yum -sudo umount $TARGET_ROOT/proc -sudo umount $TARGET_ROOT/dev/pts -sudo umount $TARGET_ROOT/dev -sudo umount $TARGET_ROOT/sys +sudo umount -lf $TARGET_ROOT/proc +sudo umount -lf $TARGET_ROOT/dev/pts +sudo umount -lf $TARGET_ROOT/dev +sudo umount -lf $TARGET_ROOT/sys # RPM doesn't know whether files have been changed since install # At this point though, we know for certain that we have changed no