Make /tmp be tmpfs

History dates back to PR containers#30, in 2020.

Podman *really* needs /tmp to be tmpfs. Let's make it so.

All the /tmp->/var/tmp changes are because Rawhide build
failed on reboot, because (duh) /tmp does not survive reboot

Signed-off-by: Ed Santiago <[email protected]>

.cirrus.yml

@@ -102,7 +102,7 @@ container_images_task: &container_images
         REG_PASSWORD: ENCRYPTED[255ec05057707c20237a6c7d15b213422779c534f74fe019b8ca565f635dba0e11035a034e533a6f39e146e7435d87b5]
     script: ci/make_container_images.sh;
     package_cache: &package_cache
-        folder: "/tmp/automation_images_tmp/.cache/**"
+        folder: "/var/tmp/automation_images_tmp/.cache/**"
         fingerprint_key: "${TARGET_NAME}-cache-version-1"
 
 

IMG_SFX

@@ -1 +1 @@
-20240320t153921z-f39f38d13
+20240327t192406z-f39f38d13

base_images/cloud.yml

@@ -187,23 +187,23 @@ provisioners:  # Debian images come bundled with GCE integrations provisioned
     - type: 'shell'
       inline:
         - 'set -e'
-        - 'mkdir -p /tmp/automation_images'
+        - 'mkdir -p /var/tmp/automation_images'
 
     - type: 'file'
       source: '{{ pwd }}/'
-      destination: '/tmp/automation_images/'
+      destination: '/var/tmp/automation_images/'
 
     - except: ['debian']
       type: 'shell'
       inline:
         - 'set -e'
-        - '/bin/bash /tmp/automation_images/base_images/fedora_base-setup.sh'
+        - '/bin/bash /var/tmp/automation_images/base_images/fedora_base-setup.sh'
 
     - only: ['debian']
       type: 'shell'
       inline:
         - 'set -e'
-        - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /tmp/automation_images/base_images/debian_base-setup.sh'
+        - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /var/tmp/automation_images/base_images/debian_base-setup.sh'
 
 post-processors:
     # Must be double-nested to guarantee execution order

base_images/debian_base-setup.sh

@@ -148,7 +148,22 @@ $SUDO chmod 755 /usr/bin/version_find_latest
 #     https://bugzilla.redhat.com/show_bug.cgi?id=2230127
 # 2024-01-25 dfsg-3 also has the bug
 timebomb 20240330 "prevent us from getting broken tar-1.35+dfsg-3"
-( set -x; $SUDO apt-mark hold tar; )
+cat >/etc/apt/preferences.d/$(date +%Y%m%d-tar) <<EOF
+Package: tar
+Pin: version 1.35+dfsg-[23]
+Pin-Priority: -1
+EOF
+
+# 2024-03-27 grub 2.12-1+b1 causes VM boot failures:
+#    error: file `/boot/grub/x86_64-efi/bli.mod' not found.
+#    BBS Table full.
+# Block it. Previous grub works fine.
+timebomb 20240330 "prevent us from getting broken grub"
+cat >/etc/apt/preferences.d/$(date +%Y%m%d-grub) <<EOF
+Package: grub2-common
+Pin: version 2.12-1+b1
+Pin-Priority: -1
+EOF
 
 echo "Upgrading to SID"
 ( set -x; $SUDO apt-get -q -y full-upgrade; )

base_images/fedora_base-setup.sh

@@ -95,10 +95,4 @@ if ! ((CONTAINER)); then
         /lib/$METADATA_SERVICE_PATH | $SUDO tee -a /etc/$METADATA_SERVICE_PATH
 fi
 
-if [[ "$OS_RELEASE_ID" == "fedora" ]] && ((OS_RELEASE_VER>=33)); then
-    # Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783509
-    echo "Disabling automatic /tmp (tmpfs) mount"
-    $SUDO systemctl mask tmp.mount
-fi
-
 finalize

cache_images/cloud.yml

@@ -183,30 +183,30 @@ provisioners:
     - type: 'shell'
       inline:
         - 'set -e'
-        - 'mkdir -p /tmp/automation_images'
+        - 'mkdir -p /var/tmp/automation_images'
 
     - type: 'file'
       source: '{{ pwd }}/'
-      destination: "/tmp/automation_images"
+      destination: "/var/tmp/automation_images"
 
     - only: ['rawhide']
       type: 'shell'
       expect_disconnect: true  # VM will be rebooted at end of script
       inline:
         - 'set -e'
-        - '/bin/bash /tmp/automation_images/cache_images/rawhide_setup.sh'
+        - '/bin/bash /var/tmp/automation_images/cache_images/rawhide_setup.sh'
 
     - except: ['debian']
       type: 'shell'
       inline:
         - 'set -e'
-        - '/bin/bash /tmp/automation_images/cache_images/fedora_setup.sh'
+        - '/bin/bash /var/tmp/automation_images/cache_images/fedora_setup.sh'
 
     - only: ['debian']
       type: 'shell'
       inline:
         - 'set -e'
-        - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /tmp/automation_images/cache_images/debian_setup.sh'
+        - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /var/tmp/automation_images/cache_images/debian_setup.sh'
 
 post-processors:
     # This is critical for human-interaction.  Copntents will be used

cache_images/fedora_packaging.sh

@@ -194,7 +194,8 @@ msg "Installing general build/test dependencies"
 bigto $SUDO dnf install -y "${INSTALL_PACKAGES[@]}"
 
 # 2024-03-18 new pasta, built today, not yet stable anywhere
-timebomb 20240325 "package not yet in stable for fc38"
+# 2024-03-25 still not stable
+timebomb 20240330 "package not yet in stable"
 if [[ "$OS_RELEASE_VER" -le 41 ]]; then
     arch=$(uname -m)
     n=passt

ci/Containerfile

@@ -8,7 +8,7 @@ FROM registry.fedoraproject.org/fedora:${FEDORA_RELEASE}
 ARG PACKER_VERSION
 MAINTAINER https://github.com/containers/automation_images/ci
 
-ENV CIRRUS_WORKING_DIR=/tmp/automation_images \
+ENV CIRRUS_WORKING_DIR=/var/tmp/automation_images \
     PACKER_INSTALL_DIR=/usr/local/bin \
     PACKER_VERSION=$PACKER_VERSION \
     CONTAINER=1

image_builder/gce.yml

@@ -45,16 +45,16 @@ provisioners:
     - type: 'shell'
       inline:
         - 'set -e'
-        - 'mkdir -p /tmp/automation_images'
+        - 'mkdir -p /var/tmp/automation_images'
 
     - type: 'file'
       source: '{{ pwd }}/'
-      destination: '/tmp/automation_images/'
+      destination: '/var/tmp/automation_images/'
 
     - type: 'shell'
       inline:
         - 'set -e'
-        - '/bin/bash /tmp/automation_images/image_builder/setup.sh'
+        - '/bin/bash /var/tmp/automation_images/image_builder/setup.sh'
 
 post-processors:
     # Must be double-nested to guarantee execution order