build a working Base container

9-container.yml

@@ -1,5 +1,5 @@
 - imagename: Rocky-9-Container
-  types: [tgz]
+  types: [raw]
   docker-target: git.resf.org/sig_cloud/images:9.3
   elements: [rocky-container-base]
   arch: ppc64le

diskimage-builder

@@ -1 +1 @@
-Subproject commit d06a66d0f019a4ec7ad03390c39ee1e09e87a753
+Subproject commit e2c20bf2cff0721fc1724afe1d979a382bfdbe04

elements/rocky-common/environment.d/50-rocky-common

@@ -0,0 +1,2 @@
+export DIB_DISABLE_KERNEL_CLEANUP=${DIB_DISABLE_KERNEL_CLEANUP:-0}
+export DIB_INIT_SYSTEM=systemd

elements/rocky-container-base/element-deps

@@ -1 +1,2 @@
 rocky-minimal-yum
+no-final-image

elements/rocky-minimal-yum/element-deps

@@ -1,3 +1,3 @@
-redhat-common
+rocky-common
 rpm-distro
 yum

elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon

@@ -1,28 +0,0 @@
-#!/bin/bash
-#
-# Copyright 2019 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-
-if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
-    set -x
-fi
-set -eu
-set -o pipefail
-
-# Ensure that dbus-daemon is enabled; fedora 30 and above has switched to
-# dbus-broker.
-if [[ ${DISTRO_NAME} == 'fedora' && ${DIB_RELEASE} -eq 29 ]]; then
-    systemctl --no-reload enable dbus-daemon.service
-fi

elements/rocky-minimal-yum/pkg-map

@@ -2,6 +2,8 @@
   "family": {
     "redhat": {
       "lsb_release": "ed hostname patch postfix tar time"
+      "iscsi_package": " "
+      "open-iscsi": " "
     }
   }
 }

elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+# Stay compatible
+echo 'container' > /etc/dnf/vars/infra
+
+#Generate installtime file record
+/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
+
+# Limit languages to help reduce size.
+LANG="en_US"
+echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1727489
+echo 'LANG="C.UTF-8"' >  /etc/locale.conf
+
+for dir in $(ls -d /usr/share/locale/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
+
+rm -fr /usr/share/man
+
+
+# Cleanup caches left by chroot
+rm -fr /usr/lib64/python*/__pycache__/
+rm -fr /var/cache/dnf/*
+rm -fr /run
+rm -fr /home/ansible/
+
+# systemd fixes
+:> /etc/machine-id
+systemd-tmpfiles --create --boot
+
+# mask mounts and login bits
+systemctl mask \
+    console-getty.service \
+    dev-hugepages.mount \
+    getty.target \
+    sys-fs-fuse-connections.mount \
+    systemd-logind.service \
+    systemd-remount-fs.service
+
+# Cleanup the image
+rm -fv /etc/udev/hwdb.bin
+rm -rfv /usr/lib/udev/hwdb.d/ \
+       /boot /var/lib/dnf/history.* \
+       "/tmp/*" "/tmp/.*" /var/log/* || true
+
+ls /dev/ -artlh

elements/rocky-minimal-yum/pre-install.d/03-yum-cleanup

@@ -23,56 +23,6 @@ set -o pipefail
 
 # effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target"
 
-# This is only required on CentOS7 ... see notes in
-# root.d/08-yum-chroot about %_install_langs
-if [[ $DISTRO_NAME == "centos" && $DIB_RELEASE == "7" ]]; then
-
-    # Stripping *all* locales is a bad idea.  For now, we take the
-    # suggestion in [1] for reducing this
-    # [1] https://bugzilla.redhat.com/show_bug.cgi?id=156477
-
-    if [ ! -f /usr/lib/locale/locale-archive ]; then
-        die "locale-archive not found?  Can not do cleanup."
-    fi
-
-    # now the archive has everything in it, and is about 100MiB.  Strip it
-    # to just en_US (basically, this is the locale we support if you ssh
-    # in, other than POSIX)
-    localedef --delete-from-archive \
-        $(localedef --list-archive | grep -v '^en_US' | xargs)
-
-    # This removes the locales from the archive index but doesn't rebuild
-    # the file, so it is still the same size (maybe it is sparse?
-    # presumably as it's mmapped you don't want to fiddle with the offsets
-    # of locales in the archive on a live system.  We are not live).
-
-    # build-locale-archive is a tool provided by the RH packaging of
-    # glibc.  Documentation is scarce, but it takes the pre-built locales
-    # in the tmpl file and creates an archive.  It seems originally the
-    # installer would set some flags to rpm to tell the package what
-    # languages to pick out of the template, but along the way, this was
-    # reverted to install them (size considered less important than locale
-    # support).
-
-    # We hack this by moving the locale-archive we've removed the extra
-    # locales from to the template, then re-run the build.
-    mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
-
-    # rebuild archive from template
-    /usr/sbin/build-locale-archive
-
-    # leave empty template behind as package does.  I think this stops
-    # upgrades redoing things
-    echo > /usr/lib/locale/locale-archive.tmpl
-
-    # remove the unnecessary source locale files and iconv files
-    pushd /usr/share/locale
-    find . ! -name 'locale.alias' -delete
-    popd
-    rm -rf {lib.lib64}/gconv
-
-fi
-
 # docs
 rm -rf /usr/share/{doc,info,gnome/help}
 # i18n

elements/rocky-minimal-yum/root.d/08-yum-chroot

@@ -224,7 +224,7 @@ function _install_pkg_manager {
             # satisfies the locale dependency (rhbz#1349258).
             # Work-around this by explicitly requring the minimal and
             # english (for en_US.UTF-8) pack.
-            _lang_pack="glibc-minimal-langpack glibc-langpack-en"
+            _lang_pack="glibc-minimal-langpack"
         fi
 
         # Yum has some issues choosing weak dependencies.  It can end
@@ -251,6 +251,7 @@ function _install_pkg_manager {
             --disableexcludes=all \
             --setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \
             --setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \
+            --setopt=install_weak_deps=0 \
             --releasever=${DIB_RELEASE/-*/} \
             --installroot $TARGET_ROOT \
             install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$?
@@ -318,7 +319,7 @@ _install_repos
 # (https://docs.fedoraproject.org/en-US/modularity/) we can pick up
 # seemingly mismatched libraries.
 if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then
-    _install_pkg_manager dnf dnf-plugins-core curl-minimal libcurl-minimal
+    _install_pkg_manager dnf curl-minimal libcurl-minimal
 elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then
     _install_pkg_manager dnf dnf-plugins-core curl libcurl
 else
@@ -366,19 +367,19 @@ _run_chroot ${YUM} clean all
 echo "%_install_langs C:en_US:en_US.UTF-8" | \
     sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null
 
-_base_packages="systemd passwd findutils sudo util-linux-ng "
+_base_packages="findutils sudo passwd util-linux-ng "
 
 # This package is split out from systemd on >F24, dracut is
 # missing the dependency and will fail to make an initrd without
 # it; see
 #  https://bugzilla.redhat.com/show_bug.cgi?id=1398505
-_base_packages+="systemd-udev "
 
 # bootstrap the environment within the chroot; bring in new
 # metadata with an update and install some base packages we need.
 _run_chroot ${YUM} -y update
 _run_chroot ${YUM} -y \
     --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
+    --setopt=install_weak_deps=0 \
     install ${_base_packages}
 
 # Put in a dummy /etc/resolv.conf over the temporary one we used
@@ -401,10 +402,10 @@ _run_chroot ln -sf /usr/share/zoneinfo/UTC \
 # TODO : move this into a exit trap; and reconsider how
 # this integrates with the global exit cleanup path.
 sudo umount $TMP_MOUNT_PATH/tmp/yum
-sudo umount $TARGET_ROOT/proc
-sudo umount $TARGET_ROOT/dev/pts
-sudo umount $TARGET_ROOT/dev
-sudo umount $TARGET_ROOT/sys
+sudo umount -lf $TARGET_ROOT/proc
+sudo umount -lf $TARGET_ROOT/dev/pts
+sudo umount -lf $TARGET_ROOT/dev
+sudo umount -lf $TARGET_ROOT/sys
 
 # RPM doesn't know whether files have been changed since install
 # At this point though, we know for certain that we have changed no

elements/rocky-minimal/README.rst

@@ -1,9 +0,0 @@
-==============
-rocky-minimal
-==============
-
-Create a minimal image based on Rocky.
-
-This element sets the ``DISTRO_NAME`` var to 'rocky'. The release of
-rocky to be installed can be controlled through the ``DIB_RELEASE``
-variable, which defaults the latest supported release.

elements/rocky-minimal/element-deps

@@ -1 +0,0 @@
-yum-minimal

elements/rocky-minimal/element-provides

@@ -1 +0,0 @@
-operating-system

elements/rocky-minimal/environment.d/10-rocky-distro-name.bash

@@ -1,3 +0,0 @@
-export DISTRO_NAME=rocky
-export DIB_RELEASE=${DIB_RELEASE:-9}
-export EFI_BOOT_DIR="EFI/rocky"

elements/rocky-minimal/environment.d/11-yum-dnf.bash

@@ -1,2 +0,0 @@
-export YUM=dnf
-export DNF_VAR_contentdir=stg/rocky

elements/rocky-minimal/test-elements/build-succeeds/README.rst

@@ -1 +0,0 @@
-Verify we can build a rocky-minimal image.

elements/rocky-minimal/test-elements/build-succeeds/element-deps

@@ -1,2 +0,0 @@
-block-device-gpt
-vm

elements/rocky-minimal/yum.repos.d/yum.repo

@@ -1,17 +0,0 @@
-[baseos]
-name=Rocky Linux $releasever - BaseOS - STG
-baseurl=http://dl.rockylinux.org/stg/rocky/$releasever/BaseOS/$basearch/os/
-gpgcheck=1
-enabled=1
-countme=1
-metadata_expire=6h
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
-
-[appstream]
-name=Rocky Linux $releasever - AppStream
-baseurl=http://dl.rockylinux.org/stg/rocky/$releasever/AppStream/$basearch/os/
-gpgcheck=1
-enabled=1
-countme=1
-metadata_expire=6h
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9