That way we can see a report of what emerge is going to do and the
status of the use flags for the installed packages. The downside is
that we are going to have reports about using deprecated and
unsupported profile in even more places.
Emerge flags are cryptic in general, but short flags even more so, so
expand them. While at it, I noticed some places where bash arrays
could be used, so convert those places too.
- add static-libs, openmp
'static-libs' and 'opempn' are added to the bootstrap emerge USE
flags (stage 3 of the bootstrap-sh script, which is run in stage 2
of the SDK catalyst bootstrapping process):
- 'static-libs' un-breaks the zlib build: zlib installed has this
flag set and zlib requested per emerge command line in
bootstrap.sh stage 3 needs this flag to prevent a slot conflict.
- 'openmp' is to honor requirements of newer versions of GCC and is
added according to Gentoo guidelines published here:
https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki%27s_EFI_Install_Guide/Building_the_Gentoo_Base_System_Minus_Kernel#Gentoo_Bootstrap_Remix:_Progressing_from_Stage_1_to_Stage_2
- install curl before baselayout
Now that Github rejects access to an unauthenticated URL with
`git://`, we have to make git and libcurl work with
`https://`. However, during the SDK stage2, curl is not explicitly
installed, but just inherited from the stage1. As a result, curl is
built without the `ssl` USE flag. So installation of baselayout
fails with:
```
git fetch https://github.com/flatcar-linux/baselayout.git --prune +HEAD:refs/git-r3/HEAD
fatal: unable to access 'https://github.com/flatcar-linux/baselayout.git/':
Protocol "https" not supported or disabled in libcurl
```
To resolve the issue, we need to install curl with `BOOTSTRAP_USE=ssl`
before trying to install baselayout.
- update openssl before stage3
Right now our bootstrap flow is different then gentoo's - we don't
update the seed when building stage1 and use a different ebuilds
snapshot for stage1 compared to stage2 and stage3. This is causing
us trouble now, because we introduced openssl-3, but seed/stage1
still contains openssl-1.1. During `emerge -e @system` in stage3,
some packages that depend on openssl may build against the stage1
version, which results in an error during depcleaning (they would
need to be rebuilt instead). Stage3 is not extensible, so instead,
explicitly update openssl in stage2. This workaround can be removed
as soon as we release a seed with openssl-3.
- fix bootstrap in verbose mode
Verbose mode does not unset STRAP_RUN, thus the script tries to
prune sys-devel/gcc at the later stage. Currently portage exits with
an exit status 1 if a specific package was requested to be pruned
and there was nothing to do. This results in a bootstrap failure. So
before we try to prune, let's do a dry run to see if anything would
be done.
For the portage code that results in exit status 1, see the
following link:
https://gitweb.gentoo.org/proj/portage.git/tree/lib/_emerge/actions.py?id=bde2a895cf520687dce7a8e92601041a37529ba0#n1700
Fix can be dropped when https://github.com/gentoo/gentoo/pull/29612
gets merged.
Co-authored-by: Dongsu Park <dpark@linux.microsoft.com>
Co-authored-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Co-authored-by: Krzesimir Nowak <knowak@microsoft.com>
- Drop the init.d files.
- Remove the socket unit's rate limiting.
- Mark the package as stable.
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
Signed-off-by: Dongsu Park <dpark@linux.microsoft.com>
Since the new USE flag `cet` became the default in profiles of
portage-stable, SDK bootstrap using gcc 11.3.1_p20221209 started
to fail at `sys-libs/glibc`.
```
in function `dl_open_worker_begin':
dl-open.c:(.text+0xab4c): undefined reference to `_dl_cet_open_check'
```
That is because gcc is not correctly configured for CET.
That issue was fixed in recent upstream GCC versions,
e.g. 11.3.1_p20221209-r1 or 11.3.1_p20230120-r1.
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=016184c289f2cc6c6ade496a700a12f135fbae07https://gitweb.gentoo.org/proj/gcc-patches.git/commit/?id=15daf0510a5fab17cd556261d688a6618391a0c1
However, gcc of Flatcar, 11.3.1_p20221209, does not have the fix.
Update sys-devel/gcc to 11.3.1_p20230120-r1 to fix that issue.
Also accept ~arm64 to keep the same version for both arches.
The get_git_channel function failed to work which resulted in the
Alpha release job skipping the AWS publishing for the Alpha channel
because it defaulted to the developer channel as fallback when git
rejected to work on the directory owned by the build user while running
as root user. A new version of git caused this behavior change and also
prints an error message that explains to have to set safe.directory.
Set the git config entry safe.directory for the /work path when
entering the mantle container where git runs as root while working on
the directory owned by the build user.
- remove unecessary files
- drop `pkg_postint`
- create `/etc/ssl` with tmpfiles
- mark openssl as stable for arm64 and amd64
- continue shipping app-misc/c_rehash
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Signed-off-by: Dongsu Park <dpark@linux.microsoft.com>
The boot log only showed the unit descriptions which made it hard to
know what unit was meant.
Switch to the combined unit status reporting that includes the unit
name.
