Extend rpm-ostree install to have --noscripts

[bexelbie]

I would like to be able to install overlay rpms, like those provided by Grafana for Grafana Agent. The %post scriptlet does some things OSTree doesn't like. I think they are acceptable to do once the install of the bits is complete. A --noscripts option would let this install complete until such time as we can work with third-parties to repattern their software.

For reference, here is the %post: https://github.com/grafana/agent/blob/main/packaging/rpm/control/postinst

[cgwalters]

Yeah, though with https://fedoraproject.org/wiki/Changes/OstreeNativeContainerStable note this model completely changes because we no longer try to restrict package scripts beyond what happens in a stock container build - and relatedly, in a Dockerfile today you can do e.g. rpm -Uvh --noscripts grafana.rpm.

[kurczynski]

Do you know what exactly rpm-ostree doesn't like about the Grafana Agent RPM's post-install script? Or maybe a better question is, what does rpm-ostree want the RPM's post-install script to do instead?

[bexelbie]

I haven't tested this in a while, but my recollection is that it was the chown and chmod in the attached post, but it may have been the user and group manipulation. I'll work on testing this again, but it won't be today.