Since change 48e2c3b559 this kickstart
is pulling in systemd.
This was noticed because since
49306cb6ea started bringing in
weak-dependencies, we started installing systemd-resolved is which
created a symlinked /etc/resolv.conf in the image. Toolbox will not
currently reset this on container start, as it is a symlink (this
behaviour is a bit complicated; see [1]). This leads to an
incompatability running the toolbox on *non* systemd-resolved hosts
(e.g. RHEL9); you are left with a dangling symlink and no
name-resolution in the toolbox.
We do not want systemd in the toolbox image by default it; remove it
from the list. Exclude systemd-resolved specifically, so if something
else brings in systemd we still don't include this.
[1] https://github.com/containers/toolbox/issues/1410
This is a continuation from commit 69555b7b91, which tried to
ensure that all languages are present in the fedora-toolbox OCI image by
removing --inst-langs=en from fedora-container-toolbox.ks. Sadly, this
wasn't enough.
The image was still missing various localization bits like translations
for programs and manuals. All translations for all programs, such as
LC_MESSAGES and LC_TIME, were missing, except for those coming from
glibc-all-langpacks. eg., see:
$ LANG=cs_CZ.UTF-8 cp foo bar
cp: cannot stat 'foo': Adresář nebo soubor neexistuje
Only the part coming from glibc is translated. The part coming from
coreutils isn't. There are lots and lots of such packages. eg., bash,
coreutils, dnf, grep, rpm, sed, tar, etc..
Any package with translated manuals marked with %lang() in their %files
section were missing them. eg., man-db, passwd, psmisc, etc..
Finally, even though the %pre section in fedora-container-toolbox.ks
removes %_install_langs from /etc/rpm/macros.image-language-conf, it was
still set to en_US in the final image.
This was happening because fedora-container-toolbox.ks includes
fedora-container-common.ks, and some unintended bits from the latter
were leaking into the fedora-toolbox OCI image's build.
The image was still being built with '%packages --inst-langs=en',
possibly since fedora-container-common.ks has '%package --instLangs=en'.
That option wasn't just being applied to the packages being installed by
fedora-container-common.ks, but also to those being installed by
fedora-container-toolbox.ks [1].
Secondly, fedora-container-common.ks sets %_install_langs to en_US in
its %post section. This will strip out all non-English languages from
future RPM transactions in containers created from the image.
To address this, fedora-container-toolbox.ks has now been decoupled from
fedora-container-common.ks, by copying over the relevant bits.
[1] https://koji.fedoraproject.org/koji/buildinfo?buildID=2311452https://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/fedora-container-toolbox.kshttps://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/koji-f40-build-108073454-base.kshttps://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/data/logs/image/oz-aarch64.loghttps://bugzilla.redhat.com/show_bug.cgi?id=2244503https://pagure.io/fedora-kickstarts/pull-request/1002
The Container/Dockerfile equivalent of the fedora-toolbox OCI images
installed all languages by removing %_install_langs (set to en_US by the
fedora base image) from /etc/rpm/macros.image-language-conf [1]. The
Kickstart does the same in the %pre section.
Therefore, it's self-contradictory to have '%packages --inst-langs=en'.
The fedora-toolbox OCI image is meant for interactive command line
environments, not for deploying server applications. Therefore, they
need a fully featured CLI user experience at par with what's offered on
Fedora Silverblue and Workstation. Among the Kickstart files defined
here, other than fedora-container-toolbox.ks, only these ones don't
install all languages:
* fedora-cloud-base.ks
* fedora-container-base-minimal.ks
* fedora-container-base.ks
* fedora-container-common.ks
* fedora-eln-container-base.ks
* fedora-server-vm-full.ks
All the other Kickstarts, and definitely those for Fedora Workstation,
install all languages.
[1] https://src.fedoraproject.org/container/fedora-toolboxhttps://github.com/containers/toolbox/tree/main/images/fedorahttps://bugzilla.redhat.com/show_bug.cgi?id=2244503https://pagure.io/fedora-kickstarts/pull-request/997
The snippet to fix the /run/lock breakage and the lines following it
were copied from the first %post section in fedora-container-base.ks.
However, the %end marker to terminate the previous %pre section, and the
starting %post marker went missing in fedora-container-toolbox.ks
https://pagure.io/fedora-kickstarts/pull-request/993
standard pulls in sssd
core pulls in sssd-common
both of those pull in sssd-client, which is excluded in container-common
(to minimize size/deps).
If we need these, we can look at another solution.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>