Instead of re-symlinking every tier-0 manifest, just include the tier-0
manifest directly. That way, rpm-ostree will already know to resolve its
manifests within the tier-0 directory.
I don't entirely remember what happened here when forking from
CoreOS, but we definitely want toolbox and lsof at least, just
looking at the differences.
While we're here I did readd sos, but in another section.
Signed-off-by: Colin Walters <walters@verbum.org>
This service is a backfill for lack of a better option
as a baseline to run in cloud/virt environments:
- Without cloud-init
- Even with cloud-init, as it doesn't yet support growing
on ostree/composefs
Signed-off-by: Colin Walters <walters@verbum.org>
This is only useful for RHEL developers who want to build RHEL
containers in the Fedora host and requires a subscription. Keep it out
by default; one can always of course re-layer it in a derived build.
This is a relatively small shell script, and was already split out
from cloud-init to support use cases like ours.
systemd-repart is a lot nicer but it isn't yet designed
for our use case (root is not Discoverable Partition).
Also systemd-repart doesn't handle LVM which this script
tries to support.
(IMO the real solution to stuff like this is either Stratis
or equivalent)
The `nfs-utils-coreos` package was created to not depend on
Python mainly, but we are way deep into many other packages
that do at this point.
There's some other package that `Requires: nfs-utils` that
this should fix.
Right now we have an "allowlist" effectively for our dracut modules
because we specify a configuration in `/usr/lib/dracut/dracut.conf.d`
which seems to turn off autodetection.
Add in lvm which we definitely want to support.
Signed-off-by: Colin Walters <walters@verbum.org>
bootc isn't in C9S yet, but it is in the -dev images. Add
the install config unconditionally so that `bootc install`
works in the `centos-bootc-dev` image.
We were missing `container-selinux`...oops. Fix that. While
we're here..
- Fully re-enable `recommends: true` - this is not a small image,
and so let's not try to override things.
- Drop out the old-style compat networking packages for podman,
since this is a new image
Part of the aim of this project is to make `dnf` "Just work"
in a bootable container native host.
There's some details to work through, but tier-1 is already
large, and this doesn't add much more.
This is basically just:
- kernel
- systemd
- selinux-policy-targeted
- bootc
Notably it doesn't have `rpm-ostree` or `rpm`, or many other things.
It also doesn't even have `linux-firmware`.
And no `openssh`!
It's almost certain that you need to derive from this, but
it should be a suitable starting point.
TODO: Add something like
```
$ dnf-system-bootstrap
Installing packaging tools from quay.io/fedora/fedora-boot-dnf@sha256:abcd...)
# This would be basically all the packages not in tier-0 that
# are enough to give `dnf install`
$ dnf install cowsay
# Install critical stuff
$ dnf system-bootstrap remove
# Remove everything that we added for the package system, that isn't
# a dependency of what the user wants!
```
(In theory we could make this work with multi-stage builds, but
it's a little hard)
Jonathan Lebon
Colin Walters
Micah Abbott
Colin Walters (Red Hat)
Paul Whalen
Daniel J Walsh
Liora Milbaum