Updating libc6 in CI runners hangs

[apyrgio]

We are experiencing a transient error in the Debian Trixie CI. When building a dev environment with ./dev_scripts/env.py --distro debian --version trixie build-dev, it gets stuck at:

Preparing to unpack .../libc6_2.37-14_amd64.deb ...
Unpacking libc6:amd64 (2.37-14) over (2.37-13) ...         
Setting up libc6:amd64 (2.37-14) ...  

With ps, we can see that a spawned process (telinit u) makes it hang. It seems that telinit u runs as a post install script of libc, to make the init process (PID 1) re-exec itself, and thus use the new libc6 library (see https://bugs.debian.org/545179).

Note that the same error in a regular Debian Trixie container image does not happen. Tested with:

podman run --rm -it debian:trixie bash -c 'apt-get update && apt-get install -y libc6'

This error seems to affect the Debian Trixie environment for two reasons:

1. The container image that is currently provided in Dockerhub has been updated 19 days ago, and a new libc6 version has been released in the meantime.
2. We install Podman in that image first, which in Debian Trixie also installs Systemd, which in turn brings the telinit command. If that command does not exist, then the postinst script never hangs.

[apyrgio]

There are two solutions here:

1. Update libc6 in our container images before anything else. This way, there will be no telinit package, and the update will not hang.
   • This solution is subpar, as we may want to update a Debian Trixie build environment at some point manually. Also, the presence of Systemd in the container may bring other problems forward.
2. Install only the necessary recommended packages for Podman. Through trial and error, these seem to be uidmap and slirp4netns.
   • A newer Podman version may need more optional dependencies for rootless containers, and thus we may need to find a new set of packages to install.

Ultimately, the second solution is more explicit than the first, so it's best to go with that.