What were you trying to do that didn't work?

Installing softhsm on a machine already deployed in image-mode.

More details about the root cause and possible solutions:[ https://bootc-dev.github.io/bootc/filesystem.html#var|https://bootc-dev.github.io/bootc/filesystem.html#var]

What is the impact of this issue to you?

softhsm tokens can not be created in the default location

Please provide the package NVR for which the bug is seen:

softhsm-2.6.1-14.el10.1

How reproducible is this bug?:

always

Steps to reproduce

1. Run a machine in Image Mode. For example there are images used by testing-farm.

$ tmt run provision -h virtual --image http://images.osci.redhat.com/RHEL-10.1-image-mode-x86_64.qcow2 login

.... snip

bash-5.2# bootc status
● Booted image: images.paas.redhat.com/testingfarm/rhel-bootc:10.1
        Digest: sha256:007ea1cbc9f4899e554f4c422ee6be40c6fc6a54a633fae6e3abf771820b2029 (amd64)
        Version: 10.1 (2025-05-15T21:45:31Z)
bash-5.2# 

2 .Prepare a Containerfile and build it

bash-5.2# cat Containerfile
FROM images.paas.redhat.com/testingfarm/rhel-bootc:10.1
RUN dnf -y install softhsm && dnf -y clean all
bash-5.2#
bash-5.2# podman build -t localhost/test .
STEP 1/2: FROM images.paas.redhat.com/testingfarm/rhel-bootc:10.1
Trying to pull images.paas.redhat.com/testingfarm/rhel-bootc:10.1...
...

Installed:
ldns-1.8.3-18.el10.x86_64
opencryptoki-3.24.0-8.el10.x86_64
opencryptoki-ccatok-3.24.0-8.el10.x86_64
opencryptoki-libs-3.24.0-8.el10.x86_64
opendnssec-2.1.14-1.el10.x86_64
softhsm-2.6.1-14.el10.1.x86_64
sqlite-3.46.1-3.el10.x86_64

Complete!
41 files removed
COMMIT localhost/test
--> d2528d957a95
Successfully tagged localhost/test:latest
d2528d957a951a1a48450812f2fca88298fc650233d51ee1fce04cd45e52025c

3. Switch to the new version and reboot so the new image is applied
bash-5.2# bootc switch --transport containers-storage localhost/test
layers already present: 0; layers needed: 68 (1.7 GB)
Fetched layers: 1.56 GiB in 13 seconds (119.96 MiB/s) Deploying: done (3 seconds) Queued for next boot: ostree-unverified-image:containers-storage:localhost/test
Version: 10.1
Digest: sha256:89e3b3c3cf5d810eced66dbfdad104e4256ae409ba235eb7f8f67c63171d30a1

 
4. Check the softhsm package installation

$ tmt run --last login
bash-5.2# bootc status
● Booted image: containers-storage:localhost/test
Digest: sha256:89e3b3c3cf5d810eced66dbfdad104e4256ae409ba235eb7f8f67c63171d30a1 (amd64)
Version: 10.1 (2025-05-30T12:43:53Z)

Rollback image: images.paas.redhat.com/testingfarm/rhel-bootc:10.1
Digest: sha256:007ea1cbc9f4899e554f4c422ee6be40c6fc6a54a633fae6e3abf771820b2029 (amd64)
Version: 10.1 (2025-05-15T21:45:31Z)

bash-5.2# rpm -q softshm
package softshm is not installed
bash-5.2# rpm -q softhsm
softhsm-2.6.1-14.el10.1.x86_64
bash-5.2#
bash-5.2# rpm -V softhsm
...
missing /var/lib/softhsm
missing /var/lib/softhsm/tokens

Expected results

All dirs and files in /var/ are created.

Note

I have not tested but I expect that when the softhsm package is created during the initial image creation all files and dirs are created as expected. The issue is present only when the existing image is updated.