Now that Docker 1.12 is gone, we can delete go 1.6 completely.
Note, we do not delete go 1.7, which is still needed by containerd 0.2.6
and docker 17.03.
Now that docker 1.12 is gone, we can delete `app-emulation/runc`
1.0.0_rc2, which had dependency on docker 1.12.
Note, we do not delete `app-emulation/docker-runc` 1.0.0_rc2, because
that one is needed by Docker 17.03.
Delete torcx config file needed only for Docker 1.12.
Note, let's keep the remaining file name as before,
`docker-1.12-no.json`, to be consistent with naming scheme of
the torcx repo itself of Flatcar.
One of the torcx profiles in Flatcar is for docker 1.12, which is
outdated since a long time. It takes ~27 MB of space in production
images almost for no reason.
We can and should delete docker 1.12.
After deletion:
```
$ df -h /usr
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/usr 985M 843M 91M 91% /usr
```
ROOT_OVERLAY variable is defined in terms of TEMPDIR. The TEMPDIR
variable is set to an empty value by catalyst.sh, which the two
scripts import. So ROOT_OVERLAY always ended up being located in
toplevel directory (i.e. `/`). But the TEMPDIR variable gets a
meaningful value after calling the catalyst_init function, so define
the ROOT_OVERLAY after the function is called.
I have no idea how this thing worked before - the repos never were in
/usr/portage nor in /usr/local/portage… But the newer version of
portage seems to be pretty picky about the validity of repos location,
so fix them.
Using the change in https://github.com/kinvolk/init/pull/34
we can show the OEM on the motd, and by including "Pro" in the OEM
name we can also show whether it is a Pro image or not. Later this
may be revisited if the /usr/../os-release file is the place for it.
Update to 1.19.0, to keep up with recent releases of cri-tools.
Note that we should not simply update to 1.20.0, because its crictl
binary file is 30M, so bigger than the usual size.
On the other hand, crictl 1.19.0 is only 21M.
To optimize the binary size of crictl, make use of the existing
helpers provided by `coreos-go.eclass`.
Add "-X $(PROJECT)/pkg/version.Version=$(VERSION)" to GO_LDFLAGS,
as the original cri-tools Makefile does.
Note, we cannot run the native command like `emake crictl`, because
the cri-tools Makefile does not allow custom env variables like
BUILDTAGS or GO_LDFLAGS to be configured.
Add `arm64` to ACCEPTED_KEYWORDS.
Remove unnecessary files from installation, as well as the bash
completion eclass.
The bootstrapping script relies on /etc/docker existing, but this
directory doesn't exist on vanilla Flatcar. Add the missing call to
mkdir -p /etc/docker before the directory gets used.
Also, update the upstream files to their latest version.
The systemd.eclass was not finding the systemd pkg-config file to
figure out the system unit directory, so it was falling back to a
hardcoded default (`/lib/systemd/system`). In one case (when
overriding the `default.target` symlink), we tried to fix that by
specifying the `PKG_CONFIG_LIBDIR` environment variable, but that
still did not help.
Using functions from `systemd.eclass` in a systemd ebuild is working
only by chance here. This eclass is usually meant for ebuilds that
depend on systemd and rely on systemd being already installed in the
root filesystem.
The functions in `systemd.eclass` that need to figure out some values
from systemd's pkg-config file (like system unit directory) assume
that systemd is already installed in the root filesystem, which is not
the case when we actually are building and installing systemd.
To add an insult to the injury, `systemd.eclass` is not using
pkg-config directly, but rather a shell script that wraps pkg-config
(for example `/usr/bin/x86_64-cros-linux-gnu-pkg-config`). The script
clobbers the environment variables like `PKG_CONFIG_PATH` or
`PKG_CONFIG_LIBDIR`, which is why overriding them did not work when
fixing up the `default.target` symlink. Thus `systemd.eclass` was
actually falling back to a hardcoded default value. The only way to
control the script is through either SYSROOT or ROOT environment
variables. So do so.
This fixes merging the installed files into root file system using a
newer version of portage. The failure was that systemd build system
installs the `default.target` symlink in `/usr/lib/systemd/system`
pointing to `graphical.target`, while we later try to override it to
point it to `multi-user.target`. But instead of overriding a symlink,
we installed a new symlink in `/lib/systemd/system`. Both `/lib` and
`/usr/lib` are separate directories in the temporary installation
directory, but in root filesystem, both are symlinks pointing to the
same directory. Which means that we ended up with two different
symlinks in temporary installation directory, and the new portage
version could not decide which one to use during the merge into the
root filesystem. I'm not sure what old portage version did here,
likely worked by chance too.
The security patch that was brought in has stricter permission checks
which cause the service to fail:
ERROR: TCSD config file (/etc/tcsd.conf) must be user/group root/tss
Set the expected file ownership and permissions.
https://github.com/kinvolk/Flatcar/issues/335
