diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/README b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/README deleted file mode 100644 index d128309fef..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/README +++ /dev/null @@ -1,4 +0,0 @@ -These Ignition configs are part of the OEM configuration. Do not modify -them. If you want to write an Ignition config directly to disk, put it in -../config.ign and it will be applied at first boot instead of a config -in userdata. diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/base.ign b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/base.ign deleted file mode 100644 index bf82c0f8a9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/base/base.ign +++ /dev/null @@ -1,45 +0,0 @@ -{ - "ignition": { - "version": "2.1.0" - }, - "storage": { - "files": [ - { - "filesystem": "root", - "path": "/etc/systemd/system/oracle-oci-root-setup.service", - "contents": { - "source": "oem:///units/oracle-oci-root-setup.service" - }, - "mode": 292 - }, - { - "filesystem": "root", - "path": "/etc/systemd/system/oracle-oci-iptables.service", - "contents": { - "source": "oem:///units/oracle-oci-iptables.service" - }, - "mode": 292 - } - ] - }, - "systemd": { - "units": [ - { - "name": "coreos-metadata-sshkeys@.service", - "enabled": true - }, - { - "name": "iscsid.service", - "enabled": true - }, - { - "name": "oracle-oci-root-setup.service", - "enabled": true - }, - { - "name": "oracle-oci-iptables.service", - "enabled": true - } - ] - } -} diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/grub.cfg b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/grub.cfg deleted file mode 100644 index be6c305af9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/grub.cfg +++ /dev/null @@ -1,8 +0,0 @@ -# CoreOS Container Linux GRUB settings - -set oem_id="oracle-oci" - -set linux_console="console=ttyS0,9600" -serial com0 --speed=9600 -terminal_input serial_com0 -terminal_output serial_com0 diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/iptables-rules b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/iptables-rules deleted file mode 100644 index 72fd71d65b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/iptables-rules +++ /dev/null @@ -1,16 +0,0 @@ -# Loaded by oracle-oci-iptables.service -*mangle -:oracle-oci-link-local - --A oracle-oci-link-local -d 169.254.0.2/32 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.2.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.0.2/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.169.254/32 -p udp -m udp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.169.254/32 -p tcp -m tcp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.0.3/32 -p tcp -m owner --uid-owner 0 -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.0.4/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.169.254/32 -p udp -m udp --dport 67 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT --A oracle-oci-link-local -d 169.254.169.254/32 -p udp -m udp --dport 69 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j ACCEPT -# REJECT unavailable in POSTROUTING --A oracle-oci-link-local -d 169.254.0.0/16 -m comment --comment "See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule" -j DROP -COMMIT diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/oem-release b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/oem-release deleted file mode 100644 index c3a6605e43..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/oem-release +++ /dev/null @@ -1,5 +0,0 @@ -ID=oracle-oci -VERSION_ID=@@OEM_VERSION_ID@@ -NAME="Oracle Cloud Infrastructure" -HOME_URL="https://cloud.oracle.com/en_US/bare-metal" -BUG_REPORT_URL="https://issues.coreos.com" diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-iptables.service b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-iptables.service deleted file mode 100644 index b3f82926be..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-iptables.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=Oracle OCI Firewall Rules - -Before=network.target - -After=iptables-restore.service -# Avoid races in case both are queued -Before=iptables-save.service - -[Service] -Type=oneshot -# Load oracle-oci-link-local chain, overwriting any existing contents. -# Invoke rules from mangle/POSTROUTING because fewer firewall tools are -# likely to change it. -ExecStart=/usr/sbin/iptables-restore --noflush /usr/share/oem/iptables-rules -# Insert jump to link-local chain at beginning of mangle/POSTROUTING, only -# if the existing ruleset doesn't have it. -ExecStart=/bin/sh -c "/usr/sbin/iptables -t mangle -C POSTROUTING -d 169.254.0.0/16 -j oracle-oci-link-local 2>/dev/null || iptables -t mangle -I POSTROUTING 1 -d 169.254.0.0/16 -j oracle-oci-link-local" - -[Install] -WantedBy=basic.target diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-root-setup.service b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-root-setup.service deleted file mode 100644 index 5a42ced164..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/files/units/oracle-oci-root-setup.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Configure Oracle OCI Root Disk -ConditionPathExists=!/etc/iscsi/nodes/iqn.2015-02.oracle.boot:uefi - -Before=iscsid.service - -[Service] -Type=oneshot -# This starts its own iscsid until the unit finishes and systemd kills it -# again. That's not ideal, but sequencing this unit after iscsid.service -# has been observed to result in parameters not propagating to the kernel -# iSCSI session (presumably due to a race with session recovery). -ExecStart=/usr/sbin/iscsiadm -m node -o new -T iqn.2015-02.oracle.boot:uefi -p 169.254.0.2:3260,1 -# Never automatically log out of the root disk -ExecStart=/usr/sbin/iscsiadm -m node -T iqn.2015-02.oracle.boot:uefi -o update -n node.startup -v onboot -# Root-on-iSCSI settings from open-iscsi README -ExecStart=/usr/sbin/iscsiadm -m node -T iqn.2015-02.oracle.boot:uefi -o update -n node.conn[0].timeo.noop_out_interval -v 0 -ExecStart=/usr/sbin/iscsiadm -m node -T iqn.2015-02.oracle.boot:uefi -o update -n node.conn[0].timeo.noop_out_timeout -v 0 -ExecStart=/usr/sbin/iscsiadm -m node -T iqn.2015-02.oracle.boot:uefi -o update -n node.session.timeo.replacement_timeout -v 86400 - -[Install] -RequiredBy=iscsid.service diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/metadata.xml b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/metadata.xml deleted file mode 100644 index 097975e3ad..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/metadata.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/oem-oracle-oci-0.2.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/oem-oracle-oci-0.2.1.ebuild deleted file mode 100644 index 7841d287b2..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-oracle-oci/oem-oracle-oci-0.2.1.ebuild +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2017 CoreOS, Inc.. All rights reserved. -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 - -DESCRIPTION="OEM suite for Oracle OCI images" -HOMEPAGE="" -SRC_URI="" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="amd64 arm64 x86" - -# no source directory -S="${WORKDIR}" - -src_prepare() { - sed -e "s\\@@OEM_VERSION_ID@@\\${PVR}\\g" \ - "${FILESDIR}/oem-release" > "${T}/oem-release" || die -} - -src_install() { - insinto "/usr/share/oem" - doins "${FILESDIR}/grub.cfg" - doins "${FILESDIR}/iptables-rules" - doins "${T}/oem-release" - doins -r "${FILESDIR}/base" - doins -r "${FILESDIR}/units" -}