diff --git a/Containerfile-asrock-x570 b/Containerfile-asrock-x570 index 2c9484b..5e823ba 100644 --- a/Containerfile-asrock-x570 +++ b/Containerfile-asrock-x570 @@ -10,11 +10,11 @@ RUN echo "%_without_kmod_nvidia_detect 1" > /etc/rpm/macros.nvidia-kmod && \ chmod 777 /var/tmp && \ /usr/sbin/akmods --force --kernels "$(rpm -qa kernel --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}')" -# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones from the base image). +# The first check makes sure that we have exactly 10 gpg pubkeys trusted in the rpmdb (the ones manually imported above) (Brave adds 6, apparently?). # Any more than that means that dnf automatically added a new one, which is shady! # Then: cleanup image for linting # Finally: verify image is good # FIXME - remove the `--skip nonempty-run-tmp` when it's no longer needed -RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ +RUN [[ 10 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ rm -rf /var /boot && mkdir /var /boot && \ bootc container lint --fatal-warnings --skip nonempty-run-tmp diff --git a/Containerfile-lenovo-16arh7h b/Containerfile-lenovo-16arh7h index 660b021..e2fe497 100644 --- a/Containerfile-lenovo-16arh7h +++ b/Containerfile-lenovo-16arh7h @@ -24,11 +24,11 @@ RUN git clone https://github.com/johnfanv2/LenovoLegionLinux.git && \ echo legion-laptop > /etc/modules-load.d/legion_laptop.conf && \ rm -rf LenovoLegionLinux -# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones from the base image). +# The first check makes sure that we have exactly 10 gpg pubkeys trusted in the rpmdb (the ones manually imported above) (Brave adds 6, apparently?). # Any more than that means that dnf automatically added a new one, which is shady! # Then: cleanup image for linting # Finally: verify image is good # FIXME - remove the `--skip nonempty-run-tmp` when it's no longer needed -RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ +RUN [[ 10 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ rm -rf /var /boot && mkdir /var /boot && \ bootc container lint --fatal-warnings --skip nonempty-run-tmp