build_library: Drop debug symbols and other noise from some sysexts

These were present in containerd, incus, and overlaybd.

Also restore SLSA to the podman sysext as we normally include this.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>

build_library/sysext_mangle_containerd-flatcar

@@ -3,17 +3,21 @@
 set -euo pipefail
 rootfs="${1}"
 
+pushd "${rootfs}"
 
 # No manpages on Flatcar, no need to ship "stress" tool
-echo ">>> NOTICE: $0: removing 'gen-manpages', 'containerd-stress' from sysext"
+rm -rf ./usr/{bin/{containerd-stress,gen-manpages},lib/debug/}
-rm -f "${rootfs}/usr/bin/gen-manpages" "${rootfs}/usr/bin/containerd-stress"
 
-script_root="$(cd "$(dirname "$0")/../"; pwd)"
+dir=$(dirname "${BASH_SOURCE[0]}")
-files_dir="${script_root}/sdk_container/src/third_party/coreos-overlay/coreos/sysext/containerd"
+files_dir="${dir}/../sdk_container/src/third_party/coreos-overlay/coreos/sysext/containerd"
 
 echo ">>> NOTICE $0: installing extra files from '${files_dir}'"
 # ATTENTION: don't preserve ownership as repo is owned by sdk user
-cp -vdR --preserve=mode,timestamps "${files_dir}/"* "${rootfs}"
+cp -vdR --preserve=mode,timestamps "${files_dir}/"* ./
 
-mkdir -p "${rootfs}/usr/lib/systemd/system/multi-user.target.d"
+install -D -m0644 /dev/stdin ./usr/lib/systemd/system/multi-user.target.d/10-containerd-service.conf <<EOF
-{ echo "[Unit]"; echo "Upholds=containerd.service"; } > "${rootfs}/usr/lib/systemd/system/multi-user.target.d/10-containerd-service.conf"
+[Unit]
+Upholds=containerd.service
+EOF
+
+popd

build_library/sysext_mangle_flatcar-incus

@@ -5,6 +5,8 @@ rootfs="${1}"
 
 pushd "${rootfs}"
 
+rm -rf ./usr/{lib/debug,lib64/pkgconfig,include}/
+
 pushd ./usr/lib/systemd/system
 mkdir -p "multi-user.target.d"
 { echo "[Unit]"; echo "Upholds=incus.service"; } > "multi-user.target.d/10-incus.conf"
@@ -23,4 +25,3 @@ mkdir -p ./usr/lib/userdb/
 echo " " > ./usr/lib/userdb/core:incus-admin.membership
 
 popd
-

build_library/sysext_mangle_flatcar-overlaybd

@@ -5,7 +5,11 @@ rootfs="${1}"
 
 pushd "${rootfs}"
 
+rm -rf ./usr/lib/debug/
+
 pushd ./usr/lib/systemd/system
 mkdir -p "multi-user.target.d"
 { echo "[Unit]"; echo "Upholds=overlaybd-tcmu.service overlaybd-snapshotter.service"; } > "multi-user.target.d/10-overlaybd.conf"
 popd
+
+popd

build_library/sysext_mangle_flatcar-podman

@@ -5,7 +5,7 @@ rootfs="${1}"
 
 pushd "${rootfs}"
 
-rm -rf ./usr/{lib/debug/,lib64/cmake/,lib64/pkgconfig,include/,share/fish,share/aclocal,share/SLSA}
+rm -rf ./usr/{lib/debug,lib64/cmake,lib64/pkgconfig,include,share/aclocal,share/fish}/
 
 mkdir -p ./usr/share/podman/etc
 cp -a ./etc/{fuse.conf,containers} ./usr/share/podman/etc/

changelog/bugfixes/2025-11-11-sysext-no-debug.md

@@ -0,0 +1 @@
+- Dropped debug symbols from containerd, incus, and overlaybd system extensions to reduce download size.