You've already forked fedora-toolbox
forked from davejansen/fedora-bootc
Dave Jansen
1ceb8b2b51
Reviewed-on: https://davejansen.dev/davejansen/fedora-bootc/pulls/1 Update cron schedule so builds only run every three days Attempt: Add custom containers-policy.json Actually copy cosign.pub into the build context Move containers policy file to the right place Oops :D Ensure the correct tags are set with new builds Add my own registries.d policy file, too Temporarily stop removing system-installed Firefox I'm trying to debug why my system-installed-1Password-and-Firefox-flatpak "hack" doesn't work on my bootc image. Borrow certain `/etc/passwd` and `/etc/group` clean-up steps from `hhd-dev/rechunk` One step back Further reduce. Re-remove system-installed Firefox Attempt: Separate cleanup step Add some debug echos, trigger cleanup while mounts are present Temporarily only look at /etc/group Attempt to re-add (optionally) writing `passwd` changes I always forget. Sunk cost fallacy "Let's try this again" I give up. For now.
74 lines
1.7 KiB
Bash
Executable File
74 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -ouex pipefail
|
|
|
|
## Handle files that rpm-ostree would normally remove
|
|
## Adapted from: https://github.com/hhd-dev/rechunk/blob/master/1_prune.sh#L33
|
|
|
|
# if [ -f /etc/passwd ]; then
|
|
# out="$(grep -v 'root' /etc/passwd)"
|
|
#
|
|
# if [[ ! -z "$out" ]]; then
|
|
# echo
|
|
# echo Appending the following passwd users to /usr/lib/passwd
|
|
# echo "${out}"
|
|
# echo "$out" >>/usr/lib/passwd
|
|
# fi
|
|
# fi
|
|
|
|
if [ -f /etc/group ]; then
|
|
out="$(grep -v 'root\|wheel' /etc/group)"
|
|
|
|
if [[ ! -z "$out" ]]; then
|
|
echo
|
|
echo Appending the following group entries to /usr/lib/group
|
|
echo "$out"
|
|
echo "$out" >>/usr/lib/group
|
|
fi
|
|
fi
|
|
|
|
if [ -f /etc/passwd ] || [ -f /etc/group ]; then
|
|
echo
|
|
echo "Warning: Make sure processed users and groups are from installed programs!"
|
|
fi
|
|
|
|
# # Create defaults for /etc/passwd, /etc/group
|
|
# cat <<EOT >/etc/passwd
|
|
# root:x:0:0:root:/root:/bin/bash
|
|
# EOT
|
|
# cat <<EOT >/etc/group
|
|
# root:x:0:
|
|
# wheel:x:10:
|
|
# EOT
|
|
|
|
# Extra lock files created by container processes that might cause issues
|
|
rm -rf \
|
|
/etc/.pwd.lock \
|
|
/etc/passwd- \
|
|
/etc/group- \
|
|
/etc/shadow- \
|
|
/etc/gshadow- \
|
|
/etc/subuid- \
|
|
/etc/subgid- \
|
|
/.dockerenv
|
|
|
|
# # Merge /usr/etc to /etc
|
|
# # OSTree will error out if both dirs exist
|
|
# # And rpm-ostree will be confused and use only one of them
|
|
# if [ -d /usr/etc ]; then
|
|
# echo
|
|
# echo WARNING: FOUND /usr/etc. MERGING TO ETC FOR COMPATIBILITY
|
|
# echo EXPECT PERMISSIONS ISSUES ON THE MERGED PATHS
|
|
# echo The following files from /usr/etc will be merged to /etc:
|
|
# tree /usr/etc
|
|
#
|
|
# echo
|
|
# rsync -aAX --numeric-ids --checksum --links /usr/etc/ /etc
|
|
# rm -rf /usr/etc
|
|
# fi
|
|
#
|
|
# # Move /etc to /usr/etc
|
|
# mv /etc /usr/
|
|
|
|
# ...normal ublue-inspired steps continue.
|