I want to integrate a systemd service in my template to auto-mount the encrypted part.
Unfortunately the build service fails when I add the following script to the Containerfile:
#!/bin/bash
set -ouex pipefail
tee /etc/systemd/startup-script.service <<EOF
[Unit]
Description=Mount encrypted part and run startup script after that
After=network.target
[Service]
Type=oneshot
ExecStart=/bin/bash -c ‘/encrypted/mount_encrypted.sh && /encrypted/mountpoint/startup.sh’
RemainAfterExit=yes
User=root
[Install]
WantedBy=multi-user.target
EOF
systemctl enable startup-script.service
What did I wrong?
Can you paste the build log?
The relevant part is:
+ systemctl enable startup-script.service
Failed to enable unit: Unit startup-script.service does not exist
Error: building at STEP "RUN --mount=type=bind,from=ctx,source=/,target=/ctx --mount=type=cache,dst=/var/cache --mount=type=cache,dst=/var/log --mount=type=tmpfs,dst=/tmp /ctx/build.sh && /ctx/setup_startup_service.sh": while running runtime: exit status 1
Error: Error: buildah exited with code 1
I think, maybe the path of the service-file is wrong?
I’m not sure, where to place such a file in a template for an immutable system…
/etc isn’t immutable but I thought at the build process it has to be considered like a distrobox image and the considerations because immutability become valid after that.
/etc/systemd/… looks wrong.
Instead you should try to create /usr/lib/systemd/system/startup-script.service
2 Likes
Thank you very much! That was the solution!
The laptops will have to work with the Brother HL-3142CW Printer.
I‘m afraid, that it won‘t be possible without this proprietary drivers from Brother:
How can I integrate them in my image legally? Do I have to put a warning into my README.md about the proprietary driver? Maybe link the end user agreement and write: „If you use this image, you agree with EULA of the Brother HL-3142CW printer driver“ ?
Technically I would add a command for each rpm in my build.sh:
dnf install https://link.to.the/driver.rpm
(It hasn‘t changed since 2016 so I‘m not afraid that it will change frequently)
I think there should be a legally possible solution, when it‘s possible to ship the NVIDIA Driver with Bluefin/Aurora/Baztite…
IANAL but one would think that if its a private repo and just for you (and not public) you would not have to have something in the readme.
1 Like
Now the encrypted img file has become so large, that I have to use Git LFS. And now only the LFS-pointer-file is built in into the image. How can I correct this?
The file is here: