Missed this in 7231b95a, the update zip should still be built when the
usr partition is extracted for generating updates but build_image itself
is not generating and signing the update.
Takes a filesystem image and generates a update.gz that is signed by N
provided private keys and verified against the N public keys. This is so
we can do keyrotations.
Default to having a high file number limit this can be troublesome[1]
but most containers a based on a new enough glibc that this is OK.
[1] https://github.com/dotcloud/docker/issues/6560
The current generate_update function is now less useful, the important
part that we need is just the partition image now. Also by defaulting to
extracting the partition the old cors_generate_update which is still in
use by devserver can be removed entirely, devserver will just expect the
extracted partition image instead.
This script should be called before running build_image when generating
official production images. Images built with official key will not
accept updates signed with the default development signing key.
Recently added to systemd, configure is detecting elfutils as present
but compilation fails, perhaps a version mismatch. Need to report this
to Gentoo so they can add a proper use flag and dependency.
Attempting to work around an apparent race in mtools, the command
'extlinux' these days is just the install tool for mounted partitions
while 'syslinux' is for unmounted devices.
This includes new bnx2x firmware required by linux 3.15:
* Missing firmware: bnx2x/bnx2x-e2-7.8.19.0.fw (bnx2x.ko)
* Missing firmware: bnx2x/bnx2x-e1h-7.8.19.0.fw (bnx2x.ko)
* Missing firmware: bnx2x/bnx2x-e1-7.8.19.0.fw (bnx2x.ko)
Commits 24cdca8e and 9d2c0169 added options only in 1.6 and later,
breaking compatibility with older versions. Update the minimum version
to make the resulting error more obvious. :)
The coreos-vagrant project already required 1.6 (although not
explicitly, probably should fix that) so most uses probably won't notice.
Evaluating this as a user config causes it to block on
coreos-environment-setup.service which will wait on networking. This
makes it hard to add extra tricks for testing/debugging situations where
networking is failing. For example, to trigger dhcpcd if networkd dies:
#cloud-config
write_files:
- path: /etc/systemd/system/systemd-networkd.service.d/dhcpcd.conf
content: |
[Unit]
OnFailure=dhcpcd.service
[Service]
Restart=no
Only important thing here is that xattr support is now enabled by
default and the libattr dependency is gone. Previously CoreOS didn't
have the feature enabled.
