Minimize base image.

Containerfile

@@ -23,10 +23,10 @@
 # Because it's generating a base image and uses containerization features itself.
 # In the future some of this can be lifted.
 
-FROM quay.io/fedora/fedora:rawhide as repos
+FROM quay.io/fedora/fedora:41 as repos
 
 # BOOTSTRAPPING: This can be any image that has rpm-ostree and selinux-policy-targeted.
-FROM quay.io/fedora/fedora:rawhide as builder
+FROM quay.io/fedora/fedora:41 as builder
 RUN dnf -y install rpm-ostree selinux-policy-targeted
 ARG MANIFEST=fedora-bootc.yaml
 COPY --from=repos /etc/dnf/vars /etc/dnf/vars

build.sh

@@ -0,0 +1,5 @@
+podman build \
+       --security-opt=label=disable \
+       --cap-add=all \
+       --device /dev/fuse \
+       -t localhost/fedora-bootc .

tier-1/coreos-user-experience.yaml

@@ -3,15 +3,8 @@
 packages:
   # Additional file compression/decompression
   - bzip2 zstd
-  # Improved MOTD experience
-  - console-login-helper-messages-issuegen
-  - console-login-helper-messages-profile
   # kdump support
   # https://github.com/coreos/fedora-coreos-tracker/issues/622
   - kexec-tools
-  # Container tooling
-  - toolbox
   # nvme-cli for managing nvme disks
   - nvme-cli
-  # Used by admins interactively
-  - lsof

tier-1/manifest.yaml

@@ -3,28 +3,18 @@ recommends: true
 
 include:
   - ../tier-x/manifest.yaml
-  - autoupdates.yaml
   - networking-tools.yaml
   - system-configuration.yaml
   - coreos-user-experience.yaml
   - persistent-journal.yaml
   - initramfs-full.yaml
-  - generic-growfs.yaml
 
 packages:
-  # Include and set the default editor
-  - nano
   - nfs-utils
   # Additional firewall support; we aren't including these in RHCOS or they
   # don't exist in RHEL
   - iptables-services
   - WALinuxAgent-udev
-  # Allow communication between sudo and SSSD
-  # for caching sudo rules by SSSD.
-  # https://github.com/coreos/fedora-coreos-tracker/issues/445
-  - libsss_sudo
-  # SSSD; we only ship a subset of the backends
-  - sssd-client sssd-ad sssd-ipa sssd-krb5 sssd-ldap
   # Used by admins interactively
   - openssl
   # Provides terminal tools like clear, reset, tput, and tset
@@ -34,19 +24,10 @@ packages:
   # zram-generator (but not zram-generator-defaults) for F33 change
   # https://github.com/coreos/fedora-coreos-tracker/issues/509
   - zram-generator
-  # This one is in Python so isn't in FCOS, but we can safely add it here.
-  - sos
 
 # These are random architecture-specific packages
-packages-x86_64:
-  - irqbalance
-packages-ppc64le:
-  - irqbalance
-  - librtas
-  - powerpc-utils-core
-  - ppc64-diag-rtas
-packages-aarch64:
-  - irqbalance
+packages-x86_64: []
+packages-aarch64: []
 
 postprocess:
   # Undo RPM scripts enabling units; we want the presets to be canonical

tier-1/system-configuration.yaml

@@ -3,9 +3,6 @@
 packages:
   # Explicit dep for RHEL >= 10
   - crypto-policies-scripts
-  # Configuring SSH keys, cloud provider check-in, etc
-  # TODO: needs Ignition kargs
-  # - afterburn afterburn-dracut
   # NTP support
   - chrony
   # Storage configuration/management
@@ -24,7 +21,4 @@ packages:
   # Anything package layered will also tend to expect files dropped in
   # /etc/logrotate.d to work. Really, this is a legacy thing, but if we don't
   # have it then people's disks will slowly fill up with logs.
-  - logrotate
-  # Boost starving threads
-  # https://github.com/coreos/fedora-coreos-tracker/issues/753
-  - stalld
+  - logrotate