I'm trying to do a `--unified-core` build in prep for rojig, and
it breaks on `psacct` which is trying to write to `/var`. Let's
use this opportunity to do some more cleaning.
- Update blacklist for new ppc64le specific powerpc-utils and lsvpd
- Explicitly blacklist fprintd-pam with comment
- Looks like NetworkManager-ppp comes in intentionally
3 packages not in workstation-product-environment:
caribou
caribou-gtk2-module
caribou-gtk3-module
1 packages not in manifest:
simple-scan (mandatory, groups: gnome-desktop)
Wrote fedora-workstation-base-pkgs.json
The mental model here is simpler if our base package set is truly a subset of
Workstation.
Extend `comps-sync` to also support deleting packages not in the Workstation
set. The only exception here is that we still want `kernel-modules-extra`
which for some reason is only in `livecd-tools`...I don't understand that.
For now I added a `whitelist`.
The set of resulting changes here generally makes sense. We lose some
random unnecessary stuff like `teamd` and `dracut-network`, and `mactel-boot`.
We gain things like the desktop background packages, `sshpass`, and some `qt`
bits.
```
+ NetworkManager-openconnect-gnome-1.2.4-9.fc28.x86_64 (fedora-rawhide)
- NetworkManager-team-1:1.10.2-1.fc28.x86_64 (fedora-rawhide)
+ NetworkManager-ssh-1.2.7-1.fc28.x86_64 (fedora-rawhide)
+ NetworkManager-ssh-gnome-1.2.7-1.fc28.x86_64 (fedora-rawhide)
- adobe-source-han-sans-cn-fonts-1.004-6.fc28.noarch (fedora-rawhide)
- adobe-source-han-sans-tw-fonts-1.004-7.fc28.noarch (fedora-rawhide)
+ alsa-ucm-1.1.5-2.fc28.x86_64 (fedora-rawhide)
- autogen-libopts-5.18.12-6.fc28.x86_64 (fedora-rawhide)
+ cyrus-sasl-plain-2.1.26-37.fc28.x86_64 (fedora-rawhide)
+ desktop-backgrounds-gnome-27.0.0-2.fc28.noarch (fedora-rawhide)
- dmraid-1.0.0.rc16-37.fc28.x86_64 (fedora-rawhide)
- dmraid-events-1.0.0.rc16-37.fc28.x86_64 (fedora-rawhide)
- dracut-config-generic-046-92.git20180118.fc28.1.x86_64 (fedora-rawhide)
- dracut-network-046-92.git20180118.fc28.1.x86_64 (fedora-rawhide)
- fcoe-utils-1.0.32-3.fc27.x86_64 (fedora-rawhide)
+ f27-backgrounds-base-27.0.1-3.fc28.noarch (fedora-rawhide)
+ f27-backgrounds-gnome-27.0.1-3.fc28.noarch (fedora-rawhide)
- fedora-productimg-workstation-27-2.fc28.x86_64 (fedora-rawhide)
- gnutls-dane-3.6.2-1.fc28.x86_64 (fedora-rawhide)
- gnutls-utils-3.6.2-1.fc28.x86_64 (fedora-rawhide)
- hfsplus-tools-540.1.linux3-15.fc28.x86_64 (fedora-rawhide)
- highlight-3.39-3.fc27.x86_64 (fedora-rawhide)
- libconfig-1.5-9.fc28.x86_64 (fedora-rawhide)
+ libdnet-1.12-25.fc28.x86_64 (fedora-rawhide)
+ libmspack-0.6-0.2.alpha.fc28.x86_64 (fedora-rawhide)
- libnl3-cli-3.4.0-3.fc28.x86_64 (fedora-rawhide)
+ libsane-hpaio-3.17.11-8.fc28.x86_64 (fedora-rawhide)
- libteam-1.27-6.fc28.x86_64 (fedora-rawhide)
- libvirt-client-4.0.0-1.fc28.x86_64 (fedora-rawhide)
- lldpad-1.0.1-9.git036e314.fc28.x86_64 (fedora-rawhide)
- mactel-boot-0.9-16.fc27.x86_64 (fedora-rawhide)
- naver-nanum-fonts-common-3.020-20.20140930.fc28.noarch (fedora-rawhide)
- naver-nanum-gothic-fonts-3.020-20.20140930.fc28.noarch (fedora-rawhide)
+ open-vm-tools-10.2.0-3.fc28.x86_64 (fedora-rawhide)
+ open-vm-tools-desktop-10.2.0-3.fc28.x86_64 (fedora-rawhide)
+ pinentry-gnome3-1.1.0-2.fc28.x86_64 (fedora-rawhide)
+ pulseaudio-module-x11-11.1-11.fc28.x86_64 (fedora-rawhide)
+ pulseaudio-utils-11.1-11.fc28.x86_64 (fedora-rawhide)
+ qt5-qtdeclarative-5.10.1-1.fc28.x86_64 (fedora-rawhide)
+ qt5-qtxmlpatterns-5.10.1-1.fc28.x86_64 (fedora-rawhide)
+ realmd-0.16.3-9.fc28.x86_64 (fedora-rawhide)
- sgpio-1.2.0.10-20.fc28.x86_64 (fedora-rawhide)
+ sshpass-1.06-5.fc28.x86_64 (fedora-rawhide)
- teamd-1.27-6.fc28.x86_64 (fedora-rawhide)
- unbound-libs-1.6.8-3.fc28.x86_64 (fedora-rawhide)
- vlgothic-fonts-20141206-10.fc28.noarch (fedora-rawhide)
+ virtualbox-guest-additions-5.2.6-4.fc28.x86_64 (fedora-rawhide)
+ xmlsec1-openssl-1.2.25-3.fc28.x86_64 (fedora-rawhide)
```
`comps-sync.py` now has support for explicitly syncing *from* the
workstation comps. In order to do this sanely though, we need a
"blacklist" of things we don't want to sync.
There are a few issues here:
- desktop applications
- dubious CLI apps
- dnf
- dubious misc things: e.g. `tcp_wrappers`, `crontabs`
- arch-specific bits (not handled right now)
This script looks for packages not in comps at all, which
helps us lose things that were there only as dependencies.
Also, it now supports showing packages in the workstation environment
but not in the manifest. (I'm not yet taking action on those though)
Some leaf packages do drop out. All of these I believe are right to stop
shipping by default with the possible exception of `media-player-info`...I'm not
sure if that was intentional or not. Anyways let's start this sync process.
```
-Installing 1344 packages:
+Installing 1335 packages:
- bcache-tools-1.0.8-10.fc27.x86_64 (fedora-rawhide)
- isomd5sum-1:1.2.2-1.fc28.x86_64 (fedora-rawhide)
- kexec-tools-2.0.16-3.fc28.x86_64 (fedora-rawhide)
- keybinder3-0.3.2-3.fc27.x86_64 (fedora-rawhide)
- langtable-0.0.38-2.fc28.noarch (fedora-rawhide)
- langtable-data-0.0.38-2.fc28.noarch (fedora-rawhide)
- langtable-python3-0.0.38-2.fc28.noarch (fedora-rawhide)
- lpsolve-5.5.2.0-16.fc27.x86_64 (fedora-rawhide)
- media-player-info-23-1.fc28.noarch (fedora-rawhide)
```
It integrates well with the whole Project Atomic (server/dev) container stack,
and can be used in many places instead of `docker`. It was just recently built
in Fedora.
When pungi injects its repo it does it into the file that it has been
pointed at (i.e. the toplevel json file). We need to move it from the
fedora-workstation-base.json into fedora-atomic-workstation.json
otherwise pungi will end up trying to pull from the 'fedora-rawhide'
repo too and it will fail.
This is useful for at least bootstrapping dev containers; and also in general I
think we should have lots of container tools in the base *workstation* host,
even if not everyone uses all of them. Workstation is far from minimal today
anyways, and the high level goal is: give people lots of tools and means
to containerize.
This is obviously confusing but right now "ostree workstation" is really
"Atomic". I'm not changing the refs or the names of the manifest JSON files yet,
but the high level idea here is we have:
- workstatoin-base (should be like comps...that's another issue)
- atomic (inherits desktop-base, adds rpm-ostree + container tooling)
Also I added a compat symlink so pungi doesn't need an immediate change.
I don't think this is actually right - it seems like the idea is we want it by
default, it's just not a `Requires`, and hence should be in comps? But at least
the tree should compose again.
I hadn't swapped out all the instances of rawhide in the instructions in
my previous PR. Also remove `enforcing=0` since SELinux should work now.
And graphical boot should work fine now as well, but just inherit
whatever is the default from the current `/proc/cmdline`.
Even though this is the `master` branch, I think it still makes more
sense to point folks to the latest *stable* content here when following
instructions.
Also turn on GPG verification since that should work now.
