They are copying sys-libs/libxcrypt from new portage-stable and
updating package masks and USE flags in order to migrate from
glibc-provided libcrypt to libxcrypt-provided libcrypt.
The migration seems to be a bit complicated to do, because
bootstrapping a system using glibc with libxcrypt-provided libcrypt
using a build environment using glibc with glibc-provided libcrypt
results in some slot conflicts. Without the stage1 hooks the failure
happened in stage2. With the hooks, but without the seed SDK update,
the failure happened already in stage1.
Updating the seed SDK to use libxcrypt seems to do the trick. The
update of the seed SDK will happen only when transition happens - if
the seed SDK is already using libxcrypt, these hooks are noops.
Stage1 hooks will receive a path to a file as a third parameter. They
can use it to tell the bootstrap script to set up catalyst to perform
updates on seed SDK. Contents of the file are ignored - what counts is
that the file exists AND is not empty.
It's long overdue and glibc 2.39 will drop crypt stuff altogether. Or
so I heard. Whatever happens, the crypt library in glibc is deprecated
for a long time already.
- take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
- comment out 'dostrip -x' to force the OS image binaries to be stripped
- remove everything glibc wants to put under /etc since we use
baselayout to provide that
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
Enabled user session dbus in base image to support podman rootless mode.
Extension images can now be created from multiple packages by seperating
them with a comma. The podman sysext includes app-containers/podman and
net-misc/passt.
It can be enabled by adding podman to /etc/flatcar/enabled-sysext.conf.
Potential TODO: gpgme had to be added as BDEPEND to podman ebuild.
The if-up-down to trigger the DHCP request causes problems. It's better
to directly ask systemd-networkd to issue the request. It seems that
one needs to use "reconfigure" instead of "forcerenew", so I went with
only that instead of somehow trying to see if "forcerenew" has an
effect.
This reverts commit 9556c7f94b
because waagent looks for internal hostname changes and wants to
propagate them to the Azure VM properties by issuing a new DHCP request.
The Flatcar extensions get built by the GitHub PR CI but only their
content files get archived. Add the .raw image itself so that one can
copy it into the image (downloading it at boot time won't work because
this uses bincache - so one could get an extension image in case the but
version happens to match but it won't be the one that was built in the
GitHub CI).
