Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Unexpected state: /run/ostree-booted found, but no /boot/loader directory #1899

Unanswered
gouldadam asked this question in Q&A
Discussion options

Hi all,

I am new to bootc and customising my first image.

  1. I have build a containerfile and built the image using gitlab which I then push it to my self-hosted docker registry
  2. I use bootc-image-builder to create a qcow2 file using container from my self-hosted docker registry
  3. I start that image using KVM

When I log into my virtual machines and execute 'sudo bootc status' I receive the error "Unexpected state: /run/ostree-booted found, but no /boot/loader directory". Here is the containerfile;
Note: I remove a bunch of package install stuff for brevity

FROM registry.example.com.au/rhel10/rhel-bootc:latest
ARG TIMEZONE='Australia/Sydney'
# policycoreutils-python-utils is required to SELinux labelling
ARG INSTALL_PACKAGES='restic tmux policycoreutils-python-utils cloud-init firewalld tuned bash-completion just'
ARG REMOVE_PACKAGES='subscription-manager'
COPY ./bin/install /usr/local/bin/
COPY ./system-files/ /tmp/system-files/
RUN <<EOF
	set -xeuo pipefail
	
	#################################################
	# Configure Local Yum Repositories
	#################################################
	install -D --group=root --owner=root --mode=0644 /tmp/system-files/yum.repos.d/*.repo --target-directory=/etc/yum.repos.d/
	dnf remove --assumeyes ${REMOVE_PACKAGES}
	dnf install --assumeyes ${INSTALL_PACKAGES}
	
	#################################################
	# Configure Private Registry and Pull Secret
	#################################################
	install -D --group=root --owner=root --mode=0644 /tmp/system-files/podman/registry.example.com.au.conf /etc/containers/registries.conf.d/
	# Note: The pull secret is a pre-autheticated token for reguser to registry.example.com.au
	install -D --group=root --owner=root --mode=0600 /tmp/system-files/podman/auth.json /usr/lib/ostree/
	#################################################
	# Configure Transient / and /etc Partitions
	#################################################
	sed -Ezi '/(\n|^)\[root\]\ntransient = true/!s/$/[root]\ntransient = true\n/' /usr/lib/ostree/prepare-root.conf
	sed -Ezi '/(\n|^)\[etc\]\ntransient = true/!s/$/[etc]\ntransient = true\n/' /usr/lib/ostree/prepare-root.conf
	# Configure the initramfs to apply transient / and /etc
	set -x; kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver
	#################################################
	# BootC Workarounds and Fixes
	#################################################
	# rpm-ostree-fix-shadow is a unit created in response to a bug in rpm-ostree where the /etc/shadow, /etc/shadow-,
	# /etc/gshadow and /etc/gshadow files in have the world-readable bit set as per CVE-2024-2905. Reviewing the
	# files idenitifed that the default state is to have permissions zeroed out which is correct. The unit was 
	# failing at boot time. The presence of the follow file is a condition that prevents the service running, i.e;
	# ConditionPathExists=!/etc/.rpm-ostree-shadow-mode-fixed2.stamp
	install -D --group=root --owner=root --mode=0644 /dev/null /etc/.rpm-ostree-shadow-mode-fixed2.stamp
	# Service published bootc facts to Red Hat Subscription Manager, we are not using Red Hat Subscription Manager
	# and therefore disabling the service
	systemctl disable bootc-publish-rhsm-facts.service
	#########################################
	# Post Build Clean Up Tasks
	########################################
	# Remove uneeded build binaries
	rm -rf /tmp/system-files /usr/local/bin/install
	# Clean dnf cache
	dnf clean all
	# Remove caches and build logs
	rm -rf /var/{cache,log} /var/lib/{dnf,rhsm}
	# Commit ostree changes
	ostree container commit
	# Run a linter over the container file
	bootc container lint	
EOF

Appreciate any points to where the issues lies.

Thanks,

Adam
You must be logged in to vote

Replies: 1 comment

Comment options

The workaround I have identified is to mount boot again

sudo mount /dev/disk/by-label/boot /boot

This then resolves the issue but my concern is this may be symptomatic of another larger issue.

A simpler containerfile to replicate the problem is;

This occurs with RHEL, CentOS and Fedora bootc images.

FROM quay.io/centos-bootc/centos-bootc:stream9
RUN useradd adam
RUN echo "adam:password" | chpasswd
RUN echo -e ‘[etc]\ntransient=true’ >> /usr/lib/ostree/prepare-root.conf && set -x; kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver

The qcow is being generated as follows. I have tried this on my Fedora Silverblue 43 system and a RHEL 10 virtual machine

 podman run \
 --rm \
 -it \
 --privileged \
 --pull=newer \
 --security-opt label=type:unconfined_t \
 -v ./output:/output \
 -v /var/lib/containers/storage:/var/lib/containers/storage \
 quay.io/centos-bootc/bootc-image-builder:latest \
 --type qcow2 \
 --use-librepo=True \
 https://my-private-repo/bootc-test

I am hoping I am just making a silly mistake otherwise I assume everyone playing with bootc would be experiencing this.
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
1 participant

AltStyle によって変換されたページ (->オリジナル) /