From 528561f325308b95f60f01be88af43d873ae5f85 Mon Sep 17 00:00:00 2001 From: Martin Kolman Date: Tue, 5 Mar 2024 17:53:58 +0100 Subject: [PATCH] FIXME: don't drop pam binaries during image build --- dockerfile/anaconda-iso-creator/Dockerfile | 1 + ...not-cleanup-pam-binaries-in-usr-sbin.patch | 26 +++++++++++++++++++ dockerfile/anaconda-iso-creator/lorax-build | 4 +++ 3 files changed, 31 insertions(+) create mode 100644 dockerfile/anaconda-iso-creator/do-not-cleanup-pam-binaries-in-usr-sbin.patch diff --git a/dockerfile/anaconda-iso-creator/Dockerfile b/dockerfile/anaconda-iso-creator/Dockerfile index 38844c5b10df..ceec22893fc0 100644 --- a/dockerfile/anaconda-iso-creator/Dockerfile +++ b/dockerfile/anaconda-iso-creator/Dockerfile @@ -48,6 +48,7 @@ RUN set -ex; \ COPY ["lorax-build", "/"] COPY ["lorax-build-webui", "/"] COPY ["adjust-templates-for-webui.patch", "/"] +COPY ["do-not-cleanup-pam-binaries-in-usr-sbin.patch", "/"] RUN mkdir /lorax /anaconda-rpms /images diff --git a/dockerfile/anaconda-iso-creator/do-not-cleanup-pam-binaries-in-usr-sbin.patch b/dockerfile/anaconda-iso-creator/do-not-cleanup-pam-binaries-in-usr-sbin.patch new file mode 100644 index 000000000000..0c4627871a07 --- /dev/null +++ b/dockerfile/anaconda-iso-creator/do-not-cleanup-pam-binaries-in-usr-sbin.patch @@ -0,0 +1,26 @@ +From 9000cafa125b15dd8b3659f112726b62cc67e5ab Mon Sep 17 00:00:00 2001 +From: Martin Kolman +Date: Tue, 5 Mar 2024 17:40:39 +0100 +Subject: [PATCH] Do not cleanup pam binaries in /usr/sbin + +They are needed for correct Wayland compositor startup. +--- + share/templates.d/99-generic/runtime-cleanup.tmpl | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/share/templates.d/99-generic/runtime-cleanup.tmpl b/share/templates.d/99-generic/runtime-cleanup.tmpl +index aad31f77..2b042932 100644 +--- a/share/templates.d/99-generic/runtime-cleanup.tmpl ++++ b/share/templates.d/99-generic/runtime-cleanup.tmpl +@@ -289,7 +289,7 @@ removefrom openssh /usr/libexec/* + removefrom openssh-clients /etc/ssh/* /usr/bin/ssh-* + removefrom openssh-clients /usr/libexec/* + removefrom openssh-server /etc/ssh/* /usr/libexec/openssh/sftp-server +-removefrom pam /usr/sbin/* /usr/share/locale/* ++removefrom pam /usr/share/locale/* + removefrom policycoreutils /etc/* /usr/bin/* /usr/share/locale/* + removefrom polkit /usr/bin/* + removefrom popt /usr/share/locale/* +-- +2.43.2 + diff --git a/dockerfile/anaconda-iso-creator/lorax-build b/dockerfile/anaconda-iso-creator/lorax-build index e394968ce9f0..8a1343edc845 100755 --- a/dockerfile/anaconda-iso-creator/lorax-build +++ b/dockerfile/anaconda-iso-creator/lorax-build @@ -36,6 +36,9 @@ mkdir -p $REPO_DIR cp -a $INPUT_RPMS/* $REPO_DIR || echo "RPM files can't be copied!" # We could just do the build with official repositories only createrepo_c $REPO_DIR +cp -r /usr/share/lorax/templates.d/ /lorax/ +patch -p2 -i /do-not-cleanup-pam-binaries-in-usr-sbin.patch + # build boot.iso with our rpms . /etc/os-release # The download.fedoraproject.org automatic redirector often selects download-ib01.f.o. for GitHub's cloud, which is too unreliable; use a mirror @@ -47,6 +50,7 @@ MINOR_VERSION=${VERSION_ID#*.} lorax -p RHEL -v "$MAJOR_VERSION" -r "$MINOR_VERSION" \ --volid "RHEL-$MAJOR_VERSION-$MINOR_VERSION-BaseOS-x86_64" \ --nomacboot \ + --sharedir ./templates.d/99-generic/ \ -s http://download.devel.redhat.com/rhel-10/nightly/RHEL-10-Public-Beta/latest-RHEL-10/compose/BaseOS/x86_64/os/ \ -s http://download.devel.redhat.com/rhel-10/nightly/RHEL-10-Public-Beta/latest-RHEL-10/compose/AppStream/x86_64/os/ \ -s https://download.copr.fedorainfracloud.org/results/m4rtink/python-pam-rebuild/centos-stream-10-x86_64/ \