1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#!/bin/sh
# image-customize script to prepare a bots VM for cockpit-podman testing
set -eu
if grep -q ID.*debian /usr/lib/os-release; then
# Debian does not enable user namespaces by default
echo kernel.unprivileged_userns_clone = 1 > /etc/sysctl.d/00-local-userns.conf
systemctl restart systemd-sysctl
# disable services that get in the way of /var/lib/containers
if systemctl is-enabled docker.service; then
systemctl disable docker.service
fi
# tuned is installed for testing cockpit; but it causes funny bugs, and we are not testing this here
# https://launchpad.net/bugs/1774000 https://launchpad.net/bugs/1925765
systemctl disable tuned
fi
# don't force https:// (self-signed cert)
printf "[WebService]\\nAllowUnencrypted=true\\n" > /etc/cockpit/cockpit.conf
if type firewall-cmd >/dev/null 2>&1; then
firewall-cmd --add-service=cockpit --permanent
fi
. /usr/lib/os-release
# Remove extra images, tests assume our specific set
# Since 4.0 podman now ships the pause image
podman images --format '{{.Repository}}:{{.Tag}}' | grep -Ev 'localhost/test-|pause|cockpit/ws' | xargs -r podman rmi -f
# copy images for user podman tests; podman insists on user session
loginctl enable-linger $(id -u admin)
images=$(podman images --format '{{.Repository}}:{{.Tag}}')
for img in $images; do
podman save $img | sudo -i -u admin podman load
done
loginctl disable-linger $(id -u admin)
# 15minutes after boot tmp files are removed and podman stores some tmp lock files
systemctl disable --now systemd-tmpfiles-clean.timer
systemctl --global disable systemd-tmpfiles-clean.timer
|
