Update osbuild.py to use 30 GiB disk size#586
Merged
comps merged 1 commit intoRHSecurityCompliance:mainfrom Apr 9, 2026
Merged
Update osbuild.py to use 30 GiB disk size#586comps merged 1 commit intoRHSecurityCompliance:mainfrom
comps merged 1 commit intoRHSecurityCompliance:mainfrom
Conversation
matusmarhefka
force-pushed
the
issue_14551
branch
from
2f6e1c2 to
ded89b4
Compare
Switch to `partitioning_mode = "raw"` to make sure that `/` filesystem is grown to fill any left over space on the partition table which is not the default behavior with `auto-lvm` and filesystem customizations in blueprint, see https://osbuild.org/docs/user-guide/partitioning/ https://osbuild.org/docs/user-guide/blueprint-reference/#partitioning-mode Before this update the disk for imported VM could have been smaller based on filesystem customizations in blueprint and with `auto-lvm` partitioning mode it only allocated 1 GiB for `/` and 2 GiB for `/usr`, if `/usr` was not on a separate partition `/` filesystem was configured to have 3 GiB. This was not enough for some profiles like STIG. Additionally, STIG also uses 10 GiB for `/var/log/audit`. To make sure there is enough space on VM disk update `composer-cli compose start` to always allocate 30 GiB disk which should be enough for all profiles. Note: `virt.Guest.import_image` doesn't specify disk size, it only imports the disk created by `composer-cli`. Resolves ComplianceAsCode/content#14551
matusmarhefka
force-pushed
the
issue_14551
branch
from
ded89b4 to
5167473
Compare
matusmarhefka
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Switch to
partitioning_mode = "raw"to make sure that/filesystem is grown to fill any left over space on the partition
table which is not the default behavior with
auto-lvmand filesystemcustomizations in blueprint, see
https://osbuild.org/docs/user-guide/partitioning/
https://osbuild.org/docs/user-guide/blueprint-reference/#partitioning-mode
Before this update the disk for imported VM could have been smaller
based on filesystem customizations in blueprint and with
auto-lvmpartitioning mode it only allocated 1 GiB for
/and 2 GiB for/usr,if
/usrwas not on a separate partition/filesystem was configuredto have 3 GiB. This was not enough for some profiles like STIG.
Additionally, STIG also uses 10 GiB for
/var/log/audit. To make surethere is enough space on VM disk update
composer-cli compose startto always allocate 30 GiB disk which should be enough for all profiles.
Note:
virt.Guest.import_imagedoesn't specify disk size, it only importsthe disk created by
composer-cli.Resolves ComplianceAsCode/content#14551