diff --git a/IMG_SFX b/IMG_SFX
index afcec888..f7c2459b 100644
--- a/IMG_SFX
+++ b/IMG_SFX
@@ -1 +1 @@
-20240529t141726z-f40f39d13
+20240620t153000z-f40f39d13
diff --git a/Makefile b/Makefile
index cd378f4a..a79f2549 100644
--- a/Makefile
+++ b/Makefile
@@ -140,7 +140,7 @@ timebomb-check:
 	@now=$$(date --utc +%Y%m%d); \
 	    found=; \
 	    while read -r bomb; do \
-	        when=$$(echo "$$bomb" | awk '{print $$2}'); \
+	        when=$$(echo "$$bomb" | sed -e 's/^.*timebomb \([0-9]\+\).*/\1/'); \
 	        if [ $$when -le $$now ]; then \
 	            echo "$$bomb"; \
 	            found=found; \
diff --git a/cache_images/fedora_packaging.sh b/cache_images/fedora_packaging.sh
index 75c9756e..9384ed77 100644
--- a/cache_images/fedora_packaging.sh
+++ b/cache_images/fedora_packaging.sh
@@ -208,3 +208,11 @@ cd -
 
 # It was observed in F33, dnf install doesn't always get you the latest/greatest
 lilto $SUDO dnf update -y
+
+# Gah. FIXME 2024-06-20: rawhide now includes rpm-plugin-ima,
+# which causes rootless podman pods to fail.
+# https://github.com/containers/podman/issues/18543
+if ! ((CONTAINER)); then
+    timebomb 20240710 "Temporary workaround for signed rpms (ima) in rawhide"
+    $SUDO setfattr -x  security.ima /usr/libexec/catatonit/catatonit || true
+fi
diff --git a/cache_images/rawhide_setup.sh b/cache_images/rawhide_setup.sh
index 58509d1e..693fc99b 100644
--- a/cache_images/rawhide_setup.sh
+++ b/cache_images/rawhide_setup.sh
@@ -39,6 +39,10 @@ $SUDO sed -i -r -e 's/^gpgcheck=.+/gpgcheck=0/' /etc/yum.repos.d/*.repo
 $SUDO dnf5 -y distro-sync --releasever=rawhide --allowerasing
 $SUDO dnf5 upgrade -y
 
+# As of May 2024 composefs is heating up
+timebomb 20241231 "At some point, composefs should be available on all fedoras"
+$SUDO dnf5 -y install composefs
+
 # A shared fedora_packaging.sh script is called next that doesn't always support dnf5
 $SUDO ln -s $(type -P dnf5) /usr/local/bin/dnf