Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-96073

[image-mode] content in /var missing systemd tmpfiles.d entries

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • corosync-3.1.9-2.el10
    • No
    • Low
    • rhel-ha
    • 18
    • 24
    • 3
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      bootc (rhel image mode) linter reports missing systemd tmpfiles.d entries for corosync's installed /var/lib/corosync directory:

      $ bootc container lint --no-truncate
Lint warning: var-tmpfiles: Found content in /var missing systemd tmpfiles.d entries:
  L /var/lib/unbound/root.key - - - - ../../../etc/unbound/dnssec-root.key
  d /var/lib/corosync 0755 root root - -
  d /var/lib/dnf 0755 root root - -
  d /var/lib/net-snmp 0755 root root - -
  d /var/lib/net-snmp/cert_indexes 0755 root root - -
  d /var/lib/net-snmp/mib_indexes 0755 root root - -
  d /var/lib/pacemaker 0750 hacluster haclient - -
  d /var/lib/pacemaker/blackbox 0750 hacluster haclient - -
  d /var/lib/pacemaker/cib 0750 hacluster haclient - -
  d /var/lib/pacemaker/cores 0750 hacluster haclient - -
  d /var/lib/pacemaker/pengine 0750 hacluster haclient - -
  d /var/lib/pcsd 0700 root root - -
  d /var/lib/sepolgen 0755 root root - -
  d /var/lib/unbound 0755 unbound unbound - -
  d /var/log/cluster 0755 root root - -
  d /var/log/pacemaker 0770 hacluster haclient - -
  d /var/log/pacemaker/bundles 0770 hacluster haclient - -
  d /var/log/pcsd 0700 root root - -
Found non-directory/non-symlink files in /var:
  var/lib/rhsm/repo_server_val/redhat.repo
  var/lib/rhsm/productid.js
  var/lib/rhsm/cache/productid_repo_mapping.json
  var/lib/dnf/history.sqlite
  var/lib/dnf/history.sqlite-wal
  var/lib/dnf/history.sqlite-shm
  var/lib/sepolgen/perm_map
  var/cache/ldconfig/aux-cache
Checks passed: 11
Checks skipped: 1
Warnings: 1

      What is the impact of this issue to you?

      the linter describes the issue as:

      Check for content in /var that does not have corresponding systemd tmpfiles.d entries.
This can cause a problem across upgrades because content in /var from the container
image will only be applied on the initial provisioning.

Instead, it's recommended to have /var effectively empty in the container image,
and use systemd tmpfiles.d to generate empty directories and compatibility symbolic links
as part of each boot.

      Please provide the package NVR for which the bug is seen:

      corosync-3.1.9-1.el10_0.1

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. build a rhel bootc image with the corosync package included
      2. run `bootc container lint --no-truncate`

      Expected results

      no issue reported for content belonging to the corosync packages

      Actual results

      missing tmpfiles.d entry reported for /var/lib/corosync

              rhn-support-phagara Patrik Hagara
              rhn-support-phagara Patrik Hagara
              Jan Friesse Jan Friesse
              Patrik Hagara Patrik Hagara
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: