From 30f76d387d9e7f5ce6cfb395a96a392435fd6f60 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Wed, 18 Oct 2023 19:50:51 +0200 Subject: [PATCH] container-toolbox: Install all languages (part 2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a continuation from commit 69555b7b91a7b23d, which tried to ensure that all languages are present in the fedora-toolbox OCI image by removing --inst-langs=en from fedora-container-toolbox.ks. Sadly, this wasn't enough. The image was still missing various localization bits like translations for programs and manuals. All translations for all programs, such as LC_MESSAGES and LC_TIME, were missing, except for those coming from glibc-all-langpacks. eg., see: $ LANG=cs_CZ.UTF-8 cp foo bar cp: cannot stat 'foo': Adresář nebo soubor neexistuje Only the part coming from glibc is translated. The part coming from coreutils isn't. There are lots and lots of such packages. eg., bash, coreutils, dnf, grep, rpm, sed, tar, etc.. Any package with translated manuals marked with %lang() in their %files section were missing them. eg., man-db, passwd, psmisc, etc.. Finally, even though the %pre section in fedora-container-toolbox.ks removes %_install_langs from /etc/rpm/macros.image-language-conf, it was still set to en_US in the final image. This was happening because fedora-container-toolbox.ks includes fedora-container-common.ks, and some unintended bits from the latter were leaking into the fedora-toolbox OCI image's build. The image was still being built with '%packages --inst-langs=en', possibly since fedora-container-common.ks has '%package --instLangs=en'. That option wasn't just being applied to the packages being installed by fedora-container-common.ks, but also to those being installed by fedora-container-toolbox.ks [1]. Secondly, fedora-container-common.ks sets %_install_langs to en_US in its %post section. This will strip out all non-English languages from future RPM transactions in containers created from the image. To address this, fedora-container-toolbox.ks has now been decoupled from fedora-container-common.ks, by copying over the relevant bits. [1] https://koji.fedoraproject.org/koji/buildinfo?buildID=2311452 https://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/fedora-container-toolbox.ks https://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/koji-f40-build-108073454-base.ks https://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/data/logs/image/oz-aarch64.log https://bugzilla.redhat.com/show_bug.cgi?id=2244503 https://pagure.io/fedora-kickstarts/pull-request/1002 --- fedora-container-toolbox.ks | 54 +++++++++++++++++++++++++++++++++++-- 1 file changed, 52 insertions(+), 2 deletions(-) diff --git a/fedora-container-toolbox.ks b/fedora-container-toolbox.ks index f343fdb..357d102 100644 --- a/fedora-container-toolbox.ks +++ b/fedora-container-toolbox.ks @@ -1,9 +1,20 @@ # Kickstart file for Fedora Toolbox # See fedora-container-common.ks for details on how to hack on container image kickstarts -# This base is a standard Fedora image with python3 and dnf -%include fedora-container-common.ks +text # don't use cmdline -- https://github.com/rhinstaller/anaconda/issues/931 +bootloader --disabled +timezone --isUtc Etc/UTC +timesource --ntp-disable +rootpw --lock --iscrypted locked +keyboard us +network --bootproto=dhcp --device=link --activate --onboot=on +reboot + +# boot partitions are irrelevant as the final docker image is a tarball +zerombr +clearpart --all +autopart --noboot --nohome --noswap --nolvm # Install packages %packages --nocore @@ -12,6 +23,7 @@ bash bash-completion bc bzip2 +coreutils coreutils-common curl default-editor @@ -19,9 +31,13 @@ diffutils dnf dnf-yum # https://fedorahosted.org/fesco/ticket/1312#comment:29 dnf-plugins-core +-dosfstools +-e2fsprogs +fedora-release-container findutils flatpak-spawn fpaste +-fuse-libs gawk git -glibc-minimal-langpack @@ -29,15 +45,18 @@ glibc-all-langpacks gnupg2 gnupg2-smime grep +-grubby gvfs-client gzip hostname iproute iputils +-kernel keyutils krb5-libs less libcap +-libss lsof man-db man-pages @@ -51,6 +70,7 @@ p11-kit pam passwd pigz +-pinentry procps-ng python3 rootfiles @@ -58,6 +78,8 @@ rpm rsync sed shadow-utils +-shared-mime-info +-sssd-client sudo systemd tar # https://bugzilla.redhat.com/show_bug.cgi?id=1409920 @@ -65,6 +87,8 @@ tcpdump time traceroute tree +-trousers +tzdata unzip util-linux util-linux-core @@ -75,6 +99,7 @@ wget which whois words +-xkeyboard-config xorg-x11-xauth xz zip @@ -93,6 +118,31 @@ sed -i '/tsflags=nodocs/d' /mnt/sysimage/etc/dnf/dnf.conf %end %post --erroronfail --log=/root/anaconda-post.log +set -eux + +# https://bugzilla.redhat.com/show_bug.cgi?id=1727489 +echo 'LANG="C.UTF-8"' > /etc/locale.conf + +# https://bugzilla.redhat.com/show_bug.cgi?id=1400682 +echo "Import RPM GPG key" +releasever=$(rpm --eval '%{?fedora}') + +# When building ELN containers, we don't have the %{fedora} macro +if [ -z $releasever ]; then + releasever=eln +fi + +rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary + +echo "# fstab intentionally empty for containers" > /etc/fstab + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +echo "# resolv placeholder" > /etc/resolv.conf +chmod 644 /etc/resolv.conf + # https://bugzilla.redhat.com/show_bug.cgi?id=1343138 # Fix /run/lock breakage since it's not tmpfs in docker # This unmounts /run (tmpfs) and then recreates the files