diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r65.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r66.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r65.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r66.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild index e6f987cbcd..2012913b2c 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild @@ -1,6 +1,8 @@ # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. # Distributed under the terms of the GNU General Public License v2 +EAPI=5 + inherit useradd DESCRIPTION="ChromeOS specific system setup" @@ -30,6 +32,9 @@ RDEPEND="${DEPEND} sys-apps/systemd " +# no source directory +S="${WORKDIR}" + # Remove entry from /etc/group # # $1 - Group name @@ -94,15 +99,16 @@ pkg_setup() { } src_install() { - insinto /etc - #doins "${FILESDIR}"/sysctl.conf || die + dodir /usr/lib/sysctl.d + insinto /usr/lib/sysctl.d + newins "${FILESDIR}"/sysctl.conf ${PN}.conf + + # Add a /srv directory for mounting into later + dodir /srv + keepdir /srv # target-specific fun if ! use cros_host ; then - # Add a /srv directory for mounting into later - dodir /srv - keepdir /srv - # Make mount work in the way systemd prescribes dosym /proc/mounts /etc/mtab @@ -123,8 +129,8 @@ src_install() { insinto /etc/vim doins "${FILESDIR}"/vimrc - # Symlink /etc/localtime to something on the stateful partition, which we - # can then change around at runtime. + # Symlink /etc/localtime to something on the stateful partition, + # which we can then change around at runtime. dosym /var/lib/timezone/localtime /etc/localtime || die # We use mawk in the target boards, not gawk. diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sysctl.conf b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sysctl.conf index af9bc7f29b..696d4fe516 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sysctl.conf +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sysctl.conf @@ -1,69 +1,13 @@ -# /etc/sysctl.conf -# -# For more information on how this file works, please see -# the manpages sysctl(8) and sysctl.conf(5). -# -# In order for this file to work properly, you must first -# enable 'Sysctl support' in the kernel. -# -# Look in /proc/sys/ for all the things you can setup. -# +# sysctl defaults for CoreOS -# -# Original Gentoo settings: -# +# Enable IPv4 forwarding to support NAT in containers +net.ipv4.ip_forward = 1 -# Disables packet forwarding -net.ipv4.ip_forward = 0 -# Disables IP dynaddr -#net.ipv4.ip_dynaddr = 0 -# Disable ECN -#net.ipv4.tcp_ecn = 0 # Enables source route verification net.ipv4.conf.default.rp_filter = 1 # Enable reverse path net.ipv4.conf.all.rp_filter = 1 -# Enable SYN cookies (yum!) -# http://cr.yp.to/syncookies.html -#net.ipv4.tcp_syncookies = 1 - -# Disable source route -#net.ipv4.conf.all.accept_source_route = 0 -#net.ipv4.conf.default.accept_source_route = 0 - -# Disable redirects -#net.ipv4.conf.all.accept_redirects = 0 -#net.ipv4.conf.default.accept_redirects = 0 - -# Disable secure redirects -#net.ipv4.conf.all.secure_redirects = 0 -#net.ipv4.conf.default.secure_redirects = 0 - -# Ignore ICMP broadcasts -#net.ipv4.icmp_echo_ignore_broadcasts = 1 - -# Perform PLPMTUD only after detecting a "blackhole" in old-style PMTUD -net.ipv4.tcp_mtu_probing = 1 - -# Disables the magic-sysrq key -#kernel.sysrq = 0 -# When the kernel panics, automatically reboot in 3 seconds -#kernel.panic = 3 -# Allow for more PIDs (cool factor!); may break some programs -#kernel.pid_max = 999999 - -# You should compile nfsd into the kernel or add it -# to modules.autoload for this to work properly -# TCP Port for lock manager -#fs.nfs.nlm_tcpport = 0 -# UDP Port for lock manager -#fs.nfs.nlm_udpport = 0 - -# -# ChromeOS specific settings: -# - # Set watchdog_thresh kernel.watchdog_thresh = 5 # When the kernel panics, automatically reboot to preserve dump in ram @@ -71,26 +15,5 @@ kernel.panic = -1 # Reboot on oops as well kernel.panic_on_oops = 1 -# Disable shrinking the cwnd when connection is idle -net.ipv4.tcp_slow_start_after_idle = 0 - -# Protect working set in order to avoid thrashing. -# See http://crosbug.com/7561 for details. -vm.min_filelist_kbytes = 50000 - -# Allow full memory overcommit as we rather close or kill tabs than -# refuse memory to arbitrary core processes. -vm.overcommit_memory = 1 - -# Use laptop mode settings always -vm.dirty_background_ratio = 1 -vm.dirty_expire_centisecs = 60000 -vm.dirty_ratio = 60 -vm.dirty_writeback_centisecs = 60000 -vm.laptop_mode = 0 - # Disable kernel address visibility to non-root users. kernel.kptr_restrict = 1 - -# Increase shared memory segment limit for plugins rendering large areas -kernel.shmmax = 134217728