Updating submodule packages to drop-ins quadlet files

resolves #674
During latest changes all subpackages use drop-in qudlet files
Under QM etc/containers/systemd/qm.container.d/ dir
Qm nested container quadlets moved to subsystems/ dir
Update to quadlet files

Signed-off-by: Yariv Rachmani <[email protected]>

Makefile

@@ -7,7 +7,8 @@ LIBDIR ?= $(PREFIX)/lib
 SYSCONFDIR?=/etc
 QMDIR=/usr/lib/qm
 SPECFILE=rpm/qm.spec
-SUBSYS := subsystems/kvm subsystems/windowmanager subsystems/sound subsystems/video subsystems/radio subsystems/dvb subsystems/tty7 subsystems/input subsystems/ttyUSB0 subsystems/text2speech subsystems/img_tempdir subsystems/ros2
+# SUBSYS := subsystems/kvm subsystems/windowmanager subsystems/sound subsystems/video subsystems/radio subsystems/dvb subsystems/tty7 subsystems/input subsystems/ttyUSB0 subsystems/text2speech subsystems/img_tempdir subsystems/ros2
+SUBSYS :=
 export RPM_TOPDIR ?= $(PWD)/rpmbuild
 export VERSION ?= $(shell cat VERSION)
 export ROOTDIR ?= $(PWD)

etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_input.conf → etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_input.conf

@@ -41,7 +41,5 @@
 # input device is connected to (useful for distinguishing between
 # identical devices connected to different ports).
 #
-[containers]
-devices = [
-	"/dev/input:/dev/input"
-]
+[Container]
+AddDevice=-/dev/input

etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf → etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_snd.conf

@@ -38,9 +38,5 @@
 # +-------------------------------------------------------------+
 #
 # qm_dropin_mount_bind_snd.conf
-[containers]
-
-# Devices to map for the container (sound device)
-devices = [
-    "/dev/snd:/dev/snd"
-]
+[Container]
+AddDevice=-/dev/snd

etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf → etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_tty7.conf

@@ -6,7 +6,5 @@
 # handling the graphical display, input, and windowing environment.
 # When you start a graphical session (such as GNOME, KDE, etc.),
 # it usually runs on this virtual console.
-[containers]
-devices = [
-	"/dev/tty7:/dev/tty7"
-]
+[Container]
+AddDevice=-/dev/tty7

etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_ttyUSB0.conf → etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_ttyUSB0.conf

@@ -68,7 +68,5 @@
 #      +------------------------------------------------------------+
 #
 #
-[containers]
-devices = [
-	"/dev/ttyUSB0:/dev/ttyUSB0"
-]
+[Container]
+AddDevice=-/dev/ttyUSB0

etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_video.conf → etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_video.conf

@@ -56,7 +56,5 @@
 #          └─────────────────────────────┘
 #
 #
-[containers]
-devices = [
-	"/dev/video0:/dev/video0"
-]
+[Container]
+AddDevice=-/dev/video0

etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_window_manager.conf

@@ -0,0 +1,12 @@
+# Drop-in configuration for Podman to mount bind tty from host to container
+#
+[Container]
+Mount=type=bind,source=/dev/tty0,target=/dev/tty0
+Mount=type=bind,source=/dev/tty1,target=/dev/tty1
+Mount=type=bind,source=/dev/tty2,target=/dev/tty2
+Mount=type=bind,source=/dev/tty3,target=/dev/tty3
+Mount=type=bind,source=/dev/tty4,target=/dev/tty4
+Mount=type=bind,source=/dev/tty5,target=/dev/tty5
+Mount=type=bind,source=/dev/tty6,target=/dev/tty6
+Mount=type=bind,source=/dev/tty7,target=/dev/tty7
+Mount=type=bind,source=/dev/tty0,target=/dev/tty0

rpm/dvb/dvb.spec

@@ -16,12 +16,15 @@ This subpackage installs a drop-in configuration for QM containers to mount bind
 %autosetup -Sgit -n qm-%{version}
 
 %install
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_dvb.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+
+# Install the dvb drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_dvb.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_dvb.conf
 
 %files
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_dvb.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_dvb.conf
 
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>

rpm/input/input.spec

@@ -16,14 +16,17 @@ This sub-package installs drop-in configurations for QM containers to mount bind
 %autosetup -Sgit -n qm-%{version}
 
 %install
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_input.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+
+# Install the KVM drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_input.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_input.conf
 
 %files
 %license LICENSE
 %doc README.md
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_input.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_input.conf
 
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>

rpm/radio/radio.spec

@@ -16,12 +16,14 @@ This subpackage installs a drop-in configuration for QM containers to mount bind
 %autosetup -Sgit -n qm-%{version}
 
 %install
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_radio.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+# Install the KVM drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_radio.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_radio.conf
 
 %files
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_radio.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_radio.conf
 
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>

rpm/sound/sound.spec

@@ -27,19 +27,19 @@ the container and nested containers.
 
 %install
 # Install drop-in configuration for /dev/snd
-install -d %{buildroot}%{_sysconfdir}/containers/containers.conf.d
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
 install -d %{buildroot}%{rootfs_qm}%{_sysconfdir}/containers/systemd
 
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf %{buildroot}%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf
 install -m 644 subsystems/sound/etc/containers/systemd/audio.container %{buildroot}%{rootfs_qm}%{_sysconfdir}/containers/systemd/audio.container
+# Install the sound drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_snd.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_snd.conf
 
 %files
 %license LICENSE
 %doc CODE-OF-CONDUCT.md README.md SECURITY.md
-%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_snd.conf
 %{rootfs_qm}%{_sysconfdir}/containers/systemd/audio.container
 
 %changelog

rpm/tty7/tty7.spec

@@ -21,20 +21,15 @@ This configuration is useful when graphical applications require access to the h
 # No build required for configuration files
 
 %install
-# Create the required directory structure
-install -d %{buildroot}%{_sysconfdir}/containers/containers.conf.d
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
 
-# Install the configuration files
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf \
-    %{buildroot}%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
+# Install the KVM drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_tty7.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_tty7.conf
 
 %files
-%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
-
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_tty7.conf
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>
 - Added drop-in configuration to mount bind /dev/tty7.

rpm/ttyUSB0/ttyUSB0.spec

@@ -16,14 +16,16 @@ This sub-package installs drop-in configurations for QM containers to mount bind
 %autosetup -Sgit -n qm-%{version}
 
 %install
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_ttyUSB0.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+
+# Install the KVM drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_ttyUSB0.conf %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_ttyUSB0.conf
 
 %files
 %license LICENSE
 %doc README.md
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_ttyUSB0.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_ttyUSB0.conf
 
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>

rpm/video/video.spec

@@ -19,17 +19,19 @@ This subpackage installs a drop-in configuration for QM containers to mount bind
 # No build required for configuration files
 
 %install
-install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
-install -d %{buildroot}%{_sysconfdir}/containers/systemd/
-install -m 644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_video.conf \
-    %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_video.conf
+# Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+install -d %{buildroot}%{rootfs_qm}%{_sysconfdir}/containers/systemd
+
+install -m 644 etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_video.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_video.conf
 install -m 644 subsystems/video/etc/containers/systemd/rear-camera.container \
     %{buildroot}%{_sysconfdir}/containers/systemd/rear-camera.container
 
-%files
-%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_video.conf
-%{_sysconfdir}/containers/systemd/rear-camera.container
 
+%files
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_video.conf
+%{rootfs_qm}%{_sysconfdir}/containers/systemd/rear-camera.container
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>
 - Added video mount bind drop-in configuration.

rpm/windowmanager/windowmanager.spec

@@ -16,17 +16,21 @@ This sub-package installs an experimental window manager for the QM environment.
 %autosetup -Sgit -n qm-%{version}
 
 %install
+# Create the directory for drop-in configurations
 install -d  %{buildroot}/%{_sysconfdir}/pam.d/
-install -d %{buildroot}%{_sysconfdir}/containers/containers.conf.d
-install -m 644 ./subsystems/windowmanager/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_window_manager.conf \
-			%{buildroot}/%{_sysconfdir}/containers/containers.conf.d/
-install -m 644 ./subsystems/windowmanager/etc/pam.d/wayland %{buildroot}/%{_sysconfdir}/pam.d/
+install -d %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d
+
+# Install the Window manager drop-in configuration file
+install -m 644 %{_builddir}/qm-%{version}/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_window_manager.conf \
+    %{buildroot}%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_window_manager.conf
+install -m 644 ./qm-windowmanager/etc/pam.d/wayland %{buildroot}/%{_sysconfdir}/pam.d/
 
 %files
 %license LICENSE
 %doc README.md
 %{_sysconfdir}/pam.d/wayland
-%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_window_manager.conf
+%{_sysconfdir}/containers/systemd/qm.container.d/qm_dropin_mount_bind_window_manager.conf
+
 
 %changelog
 * Fri Jul 21 2023 RH Container Bot <[email protected]>

subsystems/dvb/Makefile

@@ -11,7 +11,7 @@ dist: ##             - Creates the QM dvb package
 		../qm/SECURITY.md \
 		../qm/LICENSE \
 		../qm/ \
-		../qm/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_dvb.conf
+		../qm/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_dvb.conf
 	cd $(ROOTDIR) && mv /tmp/qm-dvb-${VERSION}.tar.gz ./rpm
 
 .PHONY: rpm

subsystems/input/Makefile

@@ -11,7 +11,7 @@ dist: ##             - Creates the QM input package
 		../qm/SECURITY.md \
 		../qm/LICENSE \
 		../qm/ \
-		../qm/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_input.conf
+		../qm/etc/containers/systemd/qm.container.d/qm_dropin_mount_bind_input.conf
 	cd $(ROOTDIR) && mv /tmp/qm-input-${VERSION}.tar.gz ./rpm
 
 .PHONY: rpm

subsystems/qm-windowmanager/qm-windowmanager/etc/containers/systemd/gnome_mutter.container

@@ -0,0 +1,39 @@
+[Unit]
+After=qm-dbus.socket
+Description=mutter container
+Requires=qm-dbus.socket
+
+[Container]
+ContainerName=mutter
+Environment=XDG_RUNTIME_DIR=/run/user/0
+Environment=XDG_SESSION_TYPE=wayland
+Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/dbus/qm_bus_socket
+Exec=mutter --no-x11 --wayland --sm-disable --wayland-display=wayland-0
+Image=quay.io/qm-images/wm_mutter:latest
+SecurityLabelType=qm_container_wayland_t
+Volume=/run/systemd:/run/systemd:ro
+Volume=/run/udev:/run/udev:ro
+Volume=/run/dbus/qm_bus_socket:/run/dbus/qm_bus_socket
+Volume=/run/dbus/system_bus_socket:/run/dbus/system_bus_socket
+Volume=/run/user/0:/run/user/0
+AddDevice=/dev/dri/renderD128
+AddDevice=/dev/dri/card0
+AddDevice=/dev/tty0
+AddDevice=/dev/tty1
+AddDevice=/dev/tty2
+AddDevice=/dev/tty3
+AddDevice=/dev/tty4
+AddDevice=/dev/tty5
+AddDevice=/dev/tty6
+AddDevice=/dev/tty7
+AddDevice=/dev/input/event0
+AddDevice=/dev/input/event1
+AddDevice=/dev/input/event2
+AddDevice=/dev/input/event3
+AddDevice=/dev/input/event4
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Restart=always

subsystems/qm-windowmanager/qm-windowmanager/etc/containers/systemd/session-activate.container

@@ -0,0 +1,20 @@
+[Unit]
+Description=session-activate container
+
+[Container]
+ContainerName=session-activate
+Environment=XDG_RUNTIME_DIR=/run/user/0
+Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/dbus/system_bus_socket
+Image=quay.io/qm-images/wm_active_session:latest
+SecurityLabelType=qm_container_wayland_t
+Volume=/run/systemd:/run/systemd:ro
+Volume=/run/dbus/system_bus_socket:/run/dbus/system_bus_socket
+Volume=/run/user/0:/run/user/0
+
+Exec=/usr/share/qm/qm_windowmanager_activate_session
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Restart=always

subsystems/qm-windowmanager/qm-windowmanager/etc/containers/systemd/wayland-extra-devices.conf

@@ -0,0 +1,17 @@
+[Container]
+AddDevice=/dev/dri/renderD128
+AddDevice=/dev/dri/card0
+AddDevice=/dev/tty0
+AddDevice=/dev/tty1
+AddDevice=/dev/tty2
+AddDevice=/dev/tty3
+AddDevice=/dev/tty4
+AddDevice=/dev/tty5
+AddDevice=/dev/tty6
+AddDevice=/dev/tty7
+AddDevice=/dev/input/event0
+AddDevice=/dev/input/event1
+AddDevice=/dev/input/event2
+AddDevice=/dev/input/event3
+AddDevice=/dev/input/event4
+Volume=/run/udev:/run/udev:ro,Z

subsystems/qm-windowmanager/qm-windowmanager/etc/containers/systemd/weston_terminal.container

@@ -0,0 +1,19 @@
+[Unit]
+After=mutter.service
+Description=weston_terminal container
+Requires=mutter.service
+
+[Container]
+ContainerName=weston_terminal
+Environment=XDG_RUNTIME_DIR=/run/user/0
+Environment=WAYLAND_DISPLAY=wayland-0
+Exec=/usr/bin/weston-terminal
+Image=localhost/weston_terminal:latest
+SecurityLabelType=qm_container_wayland_t
+Volume=/run/user/0:/run/user/0
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Restart=always

subsystems/qm-windowmanager/qm-windowmanager/etc/pam.d/wayland

@@ -0,0 +1,12 @@
+#%PAM-1.0
+auth       substack     system-auth
+auth       include      postlogin
+account    required     pam_nologin.so
+account    include      system-auth
+password   include      system-auth
+session    required     pam_loginuid.so
+session    required     pam_namespace.so
+session    optional     pam_keyinit.so force revoke
+session    include      system-auth
+session    include      postlogin
+-session   optional     pam_ck_connector.so