Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-78157

Allow system roles to be used during container/bootc build time

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • use system roles at container build time
    • Hide

      All system roles can be used at image build time to install packages, configure services, write config files, update any other files/directories in the image.

      Show
      All system roles can be used at image build time to install packages, configure services, write config files, update any other files/directories in the image.
    • Red Hat Enterprise Linux
    • 21% To Do, 0% In Progress, 79% Done
    • rhel-system-roles
    • False
    • Hide

      None

      Show
      None

      Goal

      Allow using system roles at image or container (bootc) build time. This would allow users to install packages, configure services, write config files, add other files that would be used when the image starts up.

      The role should work both without any dbus/systemd services running and with dbus/systemd services running.

      The role should work for image builder and bootc Containerfile builds.

      The system role should be able to detect if it is running in such an environment and act accordingly, similar to how they can now detect if running on an ostree system by looking at /run/ostree-booted.

      Support status

      This has a second column for end-to-end test as the capability for e2e tests was added only recently. For new work, please add an end-to-end test right away in the PR that adds support for bootc.

      Role container (bootc) build end-to-end test
      ad_integration TODO
      aide TODO
      bootloader TODO
      certificate PR; hard, see RHEL-93207
      cockpit PR PR
      crypto_policies PR PR
      fapolicyd TODO
      firewall PR; hard, see RHEL-88425 PR
      gfs2 TODO
      ha_cluster TODO
      image_builder TODO
      journald TODO
      kdump TODO
      kernel_settings TODO
      keylime_server TODO
      logging PR PR
      metrics PR ; see RHEL-98911
      mssql PR PR
      nbde_client TODO; hard, see RHEL-98905
      nbde_server PR
      network TODO; hard, WIP branch available, see RHEL-100303
      pam_pwd PR PR
      podman PR PR
      postfix TODO
      postgresql PR PR
      rhc TODO
      selinux RHEL-93205 PR PR
      snapshot TODO
      ssh PR PR
      storage ❌ N/A, needs hardware ❌ N/A
      sudo PR PR
      systemd TODO
      template PR does not make much sense IMHO?
      timesync PR PR
      tlog PR PR
      tuned TODO
      vpn TODO

      Steps for converting a role

      See https://linux-system-roles.github.io/2025/06/role-bootc-support

              rmeggins@redhat.com Richard Megginson
              rmeggins@redhat.com Richard Megginson
              Richard Megginson Richard Megginson
              David Jez David Jez
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: