Keep at least one browser, file manager and terminal application in the
base image:
* those applications are almost always needed,
* we can not pre-install Flatpak replacement yet,
* we must ensure they work well.
We were trying to be accurate by filtering by group but
PackageKit is spread across all of them and has various subpackages,
so just add a global regexp-based blacklist.
This doesn't actually drop PK yet because `gnome-software` hard
requires it, but is prep for fixing that.
Until we can preinstall flatpaks, we need the apps in the
base image that are needed for first login. Thats yelp, which
is used for the "welcome tour" part of the inial setup experience.
This sync also pulls in the new backgrounds package.
At some point I want to add a `usr_bin_sbin_unification: true`
option or so to rpm-ostree, and having `usermode` blocks that.
Also this is a weird legacy Red Hat-ism tool.
Some stuff like `telnet` is in both `standard` and `gnome-desktop`.
We currently need to blacklist both. I think we should massively
prune comps but...
I'm trying to do a `--unified-core` build in prep for rojig, and
it breaks on `psacct` which is trying to write to `/var`. Let's
use this opportunity to do some more cleaning.
- Update blacklist for new ppc64le specific powerpc-utils and lsvpd
- Explicitly blacklist fprintd-pam with comment
- Looks like NetworkManager-ppp comes in intentionally
The mental model here is simpler if our base package set is truly a subset of
Workstation.
Extend `comps-sync` to also support deleting packages not in the Workstation
set. The only exception here is that we still want `kernel-modules-extra`
which for some reason is only in `livecd-tools`...I don't understand that.
For now I added a `whitelist`.
The set of resulting changes here generally makes sense. We lose some
random unnecessary stuff like `teamd` and `dracut-network`, and `mactel-boot`.
We gain things like the desktop background packages, `sshpass`, and some `qt`
bits.
```
+ NetworkManager-openconnect-gnome-1.2.4-9.fc28.x86_64 (fedora-rawhide)
- NetworkManager-team-1:1.10.2-1.fc28.x86_64 (fedora-rawhide)
+ NetworkManager-ssh-1.2.7-1.fc28.x86_64 (fedora-rawhide)
+ NetworkManager-ssh-gnome-1.2.7-1.fc28.x86_64 (fedora-rawhide)
- adobe-source-han-sans-cn-fonts-1.004-6.fc28.noarch (fedora-rawhide)
- adobe-source-han-sans-tw-fonts-1.004-7.fc28.noarch (fedora-rawhide)
+ alsa-ucm-1.1.5-2.fc28.x86_64 (fedora-rawhide)
- autogen-libopts-5.18.12-6.fc28.x86_64 (fedora-rawhide)
+ cyrus-sasl-plain-2.1.26-37.fc28.x86_64 (fedora-rawhide)
+ desktop-backgrounds-gnome-27.0.0-2.fc28.noarch (fedora-rawhide)
- dmraid-1.0.0.rc16-37.fc28.x86_64 (fedora-rawhide)
- dmraid-events-1.0.0.rc16-37.fc28.x86_64 (fedora-rawhide)
- dracut-config-generic-046-92.git20180118.fc28.1.x86_64 (fedora-rawhide)
- dracut-network-046-92.git20180118.fc28.1.x86_64 (fedora-rawhide)
- fcoe-utils-1.0.32-3.fc27.x86_64 (fedora-rawhide)
+ f27-backgrounds-base-27.0.1-3.fc28.noarch (fedora-rawhide)
+ f27-backgrounds-gnome-27.0.1-3.fc28.noarch (fedora-rawhide)
- fedora-productimg-workstation-27-2.fc28.x86_64 (fedora-rawhide)
- gnutls-dane-3.6.2-1.fc28.x86_64 (fedora-rawhide)
- gnutls-utils-3.6.2-1.fc28.x86_64 (fedora-rawhide)
- hfsplus-tools-540.1.linux3-15.fc28.x86_64 (fedora-rawhide)
- highlight-3.39-3.fc27.x86_64 (fedora-rawhide)
- libconfig-1.5-9.fc28.x86_64 (fedora-rawhide)
+ libdnet-1.12-25.fc28.x86_64 (fedora-rawhide)
+ libmspack-0.6-0.2.alpha.fc28.x86_64 (fedora-rawhide)
- libnl3-cli-3.4.0-3.fc28.x86_64 (fedora-rawhide)
+ libsane-hpaio-3.17.11-8.fc28.x86_64 (fedora-rawhide)
- libteam-1.27-6.fc28.x86_64 (fedora-rawhide)
- libvirt-client-4.0.0-1.fc28.x86_64 (fedora-rawhide)
- lldpad-1.0.1-9.git036e314.fc28.x86_64 (fedora-rawhide)
- mactel-boot-0.9-16.fc27.x86_64 (fedora-rawhide)
- naver-nanum-fonts-common-3.020-20.20140930.fc28.noarch (fedora-rawhide)
- naver-nanum-gothic-fonts-3.020-20.20140930.fc28.noarch (fedora-rawhide)
+ open-vm-tools-10.2.0-3.fc28.x86_64 (fedora-rawhide)
+ open-vm-tools-desktop-10.2.0-3.fc28.x86_64 (fedora-rawhide)
+ pinentry-gnome3-1.1.0-2.fc28.x86_64 (fedora-rawhide)
+ pulseaudio-module-x11-11.1-11.fc28.x86_64 (fedora-rawhide)
+ pulseaudio-utils-11.1-11.fc28.x86_64 (fedora-rawhide)
+ qt5-qtdeclarative-5.10.1-1.fc28.x86_64 (fedora-rawhide)
+ qt5-qtxmlpatterns-5.10.1-1.fc28.x86_64 (fedora-rawhide)
+ realmd-0.16.3-9.fc28.x86_64 (fedora-rawhide)
- sgpio-1.2.0.10-20.fc28.x86_64 (fedora-rawhide)
+ sshpass-1.06-5.fc28.x86_64 (fedora-rawhide)
- teamd-1.27-6.fc28.x86_64 (fedora-rawhide)
- unbound-libs-1.6.8-3.fc28.x86_64 (fedora-rawhide)
- vlgothic-fonts-20141206-10.fc28.noarch (fedora-rawhide)
+ virtualbox-guest-additions-5.2.6-4.fc28.x86_64 (fedora-rawhide)
+ xmlsec1-openssl-1.2.25-3.fc28.x86_64 (fedora-rawhide)
```
`comps-sync.py` now has support for explicitly syncing *from* the
workstation comps. In order to do this sanely though, we need a
"blacklist" of things we don't want to sync.
There are a few issues here:
- desktop applications
- dubious CLI apps
- dnf
- dubious misc things: e.g. `tcp_wrappers`, `crontabs`
- arch-specific bits (not handled right now)