OCI Image: Fedora 41, Integration Test Target (ITT)

Fedora 41 (Linux) for integration testing.

Main features:

• Fully functional systemd (not a shim)
• Unprivileged execution support

The image aims to replicate a "VM-like" operating system environment while maintaining container portability, making it ideal for:

• DevOps validation (like testing Ansible collections, roles, and playbooks)
• CI pipeline testing for quick smoke tests (e.g. before running full VM integration test)
• Development environments requiring systemd
• Testing system services and daemons

Table of contents

• Tags
• How to build
• How to use
• Notes
• Licensing, copyright
  • Container configuration, repository
  • Container image
• Author information

Tags

• latest: Latest release of this image.

How to build

To build the image locally, do the following:

1. Install Podman.
2. Clone or pull the latest changes from this Git repository.
3. Change into the directory and execute the build command:

   podman build -t oci-fedora41-itt .

How to use

1. Install Podman.
2. Use the image you built earlier or pull the image from a registry:
   • Quay:

     podman pull quay.io/foundata/oci-fedora41-itt:latest

   • Docker Hub:

     podman pull docker.io/foundata/oci-fedora41-itt:latest

3. Run a container from the image:

   podman run --detach --systemd=always oci-fedora41-itt:latest "/usr/sbin/init"

   Note: On SELinux-enabled systems, systemd attempts to write to the cgroup filesystem, which is typically denied by default security policies. To allow this operation, you must enable the container_manage_cgroup boolean on the host system: sudo setsebool -P container_manage_cgroup 1
4. You can now work with the container, e.g. open a Bash terminal:

   podman ps
   podman exec -it "<container-id-or-name>" "/bin/bash"

   Look around and check if systemd is really working:

   cat /etc/os-release
   systemctl status

Notes

This image is built and tested with Podman only.

We currently do not support Docker (but it might work with sudo and --privileged --volume=/sys/fs/cgroup/systemd:/sys/fs/cgroup/systemd:rw --cgroupns=host --env container=docker instead of --systemd=always).

Important: This image is not hardened or optimized for production use. It prioritizes compatibility and functionality over security and performance and is for usage in isolated environments only.

Licensing, copyright

Container configuration, repository

Copyright (c) 2025 foundata GmbH (https://foundata.com)

This project is licensed under the GNU General Public License v3.0 or later (SPDX-License-Identifier: GPL-3.0-or-later), see LICENSES/GPL-3.0-or-later.txt for the full text.

The REUSE.toml file provides detailed licensing and copyright information in a human- and machine-readable format. This includes parts that may be subject to different licensing or usage terms, such as third-party components. The repository conforms to the REUSE specification. You can use reuse spdx to create a SPDX software bill of materials (SBOM).

Container image

The pre-built image itself bundles various software components along with direct and indirect dependencies, which are subject to their respective licenses. When using the pre-built image, you are responsible for ensuring that your usage complies with all relevant licenses for the software contained within the image.

For further licensing information about the software contained in this image, please refer to the following resources:

• https://fedoraproject.org/wiki/Licensing:Main

Author information

This project was created and is maintained by foundata GmbH (https://foundata.com).