Bug 2185876 - gssproxy postinstall scripts should not add content in /var
Summary: gssproxy postinstall scripts should not add content in /var
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: gssproxy
Version: 37
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Simo Sorce
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-04-11 13:30 UTC by Massimo Gollo
Modified: 2023-04-11 13:30 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Massimo Gollo 2023-04-11 13:30:02 UTC
Description of problem:

Packages should not leave content in /var at installation time as content in /var is dedicated for variable files. See FHS2.3: https://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.pdf
However, unbound package ships content in /var


How reproducible:
Make a containerfile from fedora-coreos:stable. Install cockpit-machine package (it has deps including unbound) and build image

Steps to Reproduce:
1. make Containerfile (see additional info)
2. podman build --tag localhost:fcos-extended -f ./Containerfile .

Actual results:
podman logs: 

+ ostree container commit
.. omitted .. 
Found file: "var/lib/gssproxy/default.sock"
error: Found content in var
Error: error building at STEP "RUN set -x; PACKAGES_INSTALL="cockpit-podman cockpit-machines cockpit-networkmanager cockpit-storaged cockpit-system cockpit-ostree cockpit-bridge";     rpm-ostree install $PACKAGES_INSTALL && ostree container commit": error while running runtime: exit status 1

Expected results:

Successfully build image


Additional info:

- Containerfile 

FROM quay.io/fedora/fedora-coreos:stable

RUN set -x; PACKAGES="cockpit-podman cockpit-machines cockpit-networkmanager cockpit-storaged cockpit-system cockpit-ostree cockpit-bridge"; \
         rpm-ostree install $PACKAGES && ostree container commit


Note You need to log in before you can comment on or make changes to this bug.