mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 07:21:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2336 from marineam/update

Browse Source 
Profile updates/cleanups in preparation for a portage-stable update
This commit is contained in:
Michael Marineau 2016-12-28 19:46:52 -08:00 committed by GitHub
commit 6a776e66a7
11 changed files with 32 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/generic/use.mask vendored Normal file
View File

@ -0,0 +1,2 @@
# Unmask selinux so it can be enabled selectively in package.use
-selinux

2
sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/package.use.force vendored
View File

@ -1,2 +0,0 @@
# Do not force this flag, we don't need XATTR_PAX
sys-apps/portage -xattr

1
sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/usr/parent vendored
View File

@ -1 +0,0 @@
:coreos/amd64/generic

3
sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force vendored
View File

@ -1,6 +1,3 @@
# Do not force this flag, we don't need XATTR_PAX
sys-apps/portage -xattr
sys-auth/polkit -introspection sys-auth/polkit -introspection
sys-apps/systemd -introspection sys-apps/systemd -introspection
sys-fs/udev-init-scripts -introspection sys-fs/udev-init-scripts -introspection

2
sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/use.mask vendored Normal file
View File

@ -0,0 +1,2 @@
# TODO(marineam): remove after portage-stable/profiles is updated.
-seccomp

1
sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/usr/parent vendored
View File

@ -1 +0,0 @@
:coreos/arm64/generic

11
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/make.defaults vendored
View File

@ -32,16 +32,13 @@ USE="${USE} -zeroconf"
# No need for OpenMP support in GCC and other apps # No need for OpenMP support in GCC and other apps
USE="${USE} -openmp" USE="${USE} -openmp"
# Test enabling some flags globally prior to syncing other profile changes.
# TODO(marineam): remove after portage-stable/profiles is updated.
USE="${USE} seccomp xattr"
# Set SELinux policy # Set SELinux policy
POLICY_TYPES="targeted mcs mls" POLICY_TYPES="targeted mcs mls"
# Override upstream's python settings
USE="$USE python_targets_python2_7 python_single_target_python2_7"
USE="$USE -python_targets_python3_2 -python_single_target_python3_2"
USE="$USE -python_targets_python3_3 -python_single_target_python3_3"
BOOTSTRAP_USE="$BOOTSTRAP_USE -python_targets_python3_2"
BOOTSTRAP_USE="$BOOTSTRAP_USE -python_targets_python3_3"
# Disable packages or optional features with distribution issues. # Disable packages or optional features with distribution issues.
ACCEPT_RESTRICT="* -bindist -mirror" ACCEPT_RESTRICT="* -bindist -mirror"
USE="${USE} bindist" USE="${USE} bindist"

7
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use vendored
View File

@ -36,8 +36,9 @@ net-analyzer/nmap ncat -lua
# removes mta dependencies # removes mta dependencies
app-admin/sudo -sendmail app-admin/sudo -sendmail
# use lzma which is the default on non-gentoo systems # use lzma which is the default on non-gentoo systems, avoid pulling in gnutls
sys-apps/systemd curl gcrypt lzma -lz4 sys-apps/systemd curl gcrypt lzma -lz4 -ssl
net-libs/libmicrohttpd -ssl
# disable kernel config detection and module building # disable kernel config detection and module building
net-firewall/ipset -modules net-firewall/ipset -modules
@ -79,3 +80,5 @@ dev-cpp/glog gflags
# enable rpc for rpc.rquotad # enable rpc for rpc.rquotad
sys-fs/quota rpc sys-fs/quota rpc
# Don't bother building portage w/xattr, we don't need XATTR_PAX
sys-apps/portage -xattr

3
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.force vendored
View File

@ -1,2 +1,5 @@
# Copyright (c) 2014 The CoreOS Authors. All rights reserved. # Copyright (c) 2014 The CoreOS Authors. All rights reserved.
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
# Do not force this flag, we don't need XATTR_PAX
sys-apps/portage -xattr

10
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/use.mask vendored
View File

@ -1,2 +1,10 @@
# Never enable experimental code
kdbus kdbus
-selinux
# Block python3 for now
python_targets_python3_3
python_targets_python3_4
python_targets_python3_5
python_single_target_python3_3
python_single_target_python3_4
python_single_target_python3_5

13
sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use vendored
View File

@ -22,11 +22,11 @@ sys-libs/ncurses minimal
sys-libs/pam -berkdb sys-libs/pam -berkdb
sys-libs/gdbm berkdb sys-libs/gdbm berkdb
# enable journal gateway and container features, avoid pulling in gnutls # enable journal gateway and container features
sys-apps/systemd audit importd http nat -ssl sys-apps/systemd audit importd http nat
# epoll is needed for systemd-journal-remote to work. coreos/bugs#919 # epoll is needed for systemd-journal-remote to work. coreos/bugs#919
net-libs/libmicrohttpd epoll -ssl net-libs/libmicrohttpd epoll
sys-boot/syslinux -custom-cflags sys-boot/syslinux -custom-cflags
@ -41,7 +41,8 @@ app-shells/bash -net vanilla
# disable nss utilities # disable nss utilities
dev-libs/nss -utils dev-libs/nss -utils
# enable seccomp support in docker # needed by docker
app-emulation/docker seccomp
app-emulation/containerd seccomp
sys-libs/libseccomp static-libs sys-libs/libseccomp static-libs
# bind-tools' configure script breaks when cross-compiling with seccomp enabled
net-dns/bind-tools -seccomp