This is meant to distinguish OCI containers and images that are designed
specifically for Toolbx from others. Toolbx containers are long-lasting
pet containers for interactive command line use, which makes them
substantially different from short-lived containers running services.
Therefore, it can be useful to be able to identify Toolbx containers and
images when generating statistics about Fedora usage.
https://pagure.io/Fedora-Council/tickets/issue/449https://pagure.io/fedora-kickstarts/pull-request/1015
Per https://fedoraproject.org/wiki/Changes/Wget2asWget , wget
has been retired from Rawhide and replaced by wget2-wget.
I think kickstarts *do* resolve Provides so this probably works
okay as-is, but it seems clearer to update the name.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
The initial-setup packages for firstboot were split into their own
comps group that ensures initial-setup-gui is configured to use
kwin as the Wayland compositor.
Since change 48e2c3b559 this kickstart
is pulling in systemd.
This was noticed because since
49306cb6ea started bringing in
weak-dependencies, we started installing systemd-resolved is which
created a symlinked /etc/resolv.conf in the image. Toolbox will not
currently reset this on container start, as it is a symlink (this
behaviour is a bit complicated; see [1]). This leads to an
incompatability running the toolbox on *non* systemd-resolved hosts
(e.g. RHEL9); you are left with a dangling symlink and no
name-resolution in the toolbox.
We do not want systemd in the toolbox image by default it; remove it
from the list. Exclude systemd-resolved specifically, so if something
else brings in systemd we still don't include this.
[1] https://github.com/containers/toolbox/issues/1410
This is a continuation from commit 69555b7b91, which tried to
ensure that all languages are present in the fedora-toolbox OCI image by
removing --inst-langs=en from fedora-container-toolbox.ks. Sadly, this
wasn't enough.
The image was still missing various localization bits like translations
for programs and manuals. All translations for all programs, such as
LC_MESSAGES and LC_TIME, were missing, except for those coming from
glibc-all-langpacks. eg., see:
$ LANG=cs_CZ.UTF-8 cp foo bar
cp: cannot stat 'foo': Adresář nebo soubor neexistuje
Only the part coming from glibc is translated. The part coming from
coreutils isn't. There are lots and lots of such packages. eg., bash,
coreutils, dnf, grep, rpm, sed, tar, etc..
Any package with translated manuals marked with %lang() in their %files
section were missing them. eg., man-db, passwd, psmisc, etc..
Finally, even though the %pre section in fedora-container-toolbox.ks
removes %_install_langs from /etc/rpm/macros.image-language-conf, it was
still set to en_US in the final image.
This was happening because fedora-container-toolbox.ks includes
fedora-container-common.ks, and some unintended bits from the latter
were leaking into the fedora-toolbox OCI image's build.
The image was still being built with '%packages --inst-langs=en',
possibly since fedora-container-common.ks has '%package --instLangs=en'.
That option wasn't just being applied to the packages being installed by
fedora-container-common.ks, but also to those being installed by
fedora-container-toolbox.ks [1].
Secondly, fedora-container-common.ks sets %_install_langs to en_US in
its %post section. This will strip out all non-English languages from
future RPM transactions in containers created from the image.
To address this, fedora-container-toolbox.ks has now been decoupled from
fedora-container-common.ks, by copying over the relevant bits.
[1] https://koji.fedoraproject.org/koji/buildinfo?buildID=2311452https://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/fedora-container-toolbox.kshttps://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/images/koji-f40-build-108073454-base.kshttps://kojipkgs.fedoraproject.org//packages/Fedora-Container-Toolbox/Rawhide/20231025.n.0/data/logs/image/oz-aarch64.loghttps://bugzilla.redhat.com/show_bug.cgi?id=2244503https://pagure.io/fedora-kickstarts/pull-request/1002
The base container should always install tzdata to ensure that it is
available for applications built on top of the base container.
The minimal container should never have tzdata installed, and the
application should install it as part of the application dependencies.
Starting with Fedora 39 we have the capability to remove tzdata from
the minimal images without resorting to deleting files:
https://fedoraproject.org/wiki/Changes/AllowRemovalOfTzdata
The Container/Dockerfile equivalent of the fedora-toolbox OCI images
installed all languages by removing %_install_langs (set to en_US by the
fedora base image) from /etc/rpm/macros.image-language-conf [1]. The
Kickstart does the same in the %pre section.
Therefore, it's self-contradictory to have '%packages --inst-langs=en'.
The fedora-toolbox OCI image is meant for interactive command line
environments, not for deploying server applications. Therefore, they
need a fully featured CLI user experience at par with what's offered on
Fedora Silverblue and Workstation. Among the Kickstart files defined
here, other than fedora-container-toolbox.ks, only these ones don't
install all languages:
* fedora-cloud-base.ks
* fedora-container-base-minimal.ks
* fedora-container-base.ks
* fedora-container-common.ks
* fedora-eln-container-base.ks
* fedora-server-vm-full.ks
All the other Kickstarts, and definitely those for Fedora Workstation,
install all languages.
[1] https://src.fedoraproject.org/container/fedora-toolboxhttps://github.com/containers/toolbox/tree/main/images/fedorahttps://bugzilla.redhat.com/show_bug.cgi?id=2244503https://pagure.io/fedora-kickstarts/pull-request/997
The snippet to fix the /run/lock breakage and the lines following it
were copied from the first %post section in fedora-container-base.ks.
However, the %end marker to terminate the previous %pre section, and the
starting %post marker went missing in fedora-container-toolbox.ks
https://pagure.io/fedora-kickstarts/pull-request/993
systemd-boot is not yet supported on live media. Yet we
want it to appear on images where anaconda is installing
a system from RPMs (ex: the server dvd image).
The fix for this problem at the moment is to exclude anaconda
packages during the live media creation.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
See a90d590e00 - this is the same
fix, for the security image. As with LXDE, since
https://fedoraproject.org/wiki/Changes/ImproveDefaultFontHandling
we need to also drop default-fonts-core-math if we want to drop
stix-fonts, or the image build fails.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
It is FTI with Python 3.12, and fixing it requires handling two
rather complex dependency chains:
https://bugzilla.redhat.com/show_bug.cgi?id=2220598
so it's not going to be fixed overnight. Let's drop it from the
spins for now to get them building again.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This reverts commit ce5b31416f.
The anaconda update with the webUI changes is failing tests,
and we do not have time to resolve this right away. We can't
leave this in place without also pushing the anaconda update
stable and adjusting the openQA tests, so let's revert it for
now so tests pass on other updates, until we can come back and
clean up the webUI stuff tomorrow.
This failed a few weeks ago because the Python 3.12 rebuild was still
going and some dependencies for tracer were missing. I'm now able to
install tracer and its dependencies in rawhide and this change should be
ready to go once more.
https://fedoraproject.org/wiki/Changes/Automatic_Cloud_Reboot_On_Updates
Signed-off-by: Major Hayden <major@redhat.com>
Right now python3-dnf-plugins-extras is not rebuilt against python 3.12,
which causes composes to fail. Lets disable this for now and re-enable
it as soon as it's sorted out.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
standard pulls in sssd
core pulls in sssd-common
both of those pull in sssd-client, which is excluded in container-common
(to minimize size/deps).
If we need these, we can look at another solution.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
