mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-09 14:31:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,922 Commits 597 Branches 399 Tags
Commit Graph

26922 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthew Garrett
1911ea81e7 Enable SELinux for Docker 
We ship appropriate SELinux policy for Docker, but the daemon isn't using
it. Make sure Docker is built with SELinux support and turn it on at daemon
startup time.
 2015-11-11 14:54:08 -08:00
Michael Marineau
cff534fd0e Merge pull request #1631 from marineam/kernel 
coreos-kernel: update fs and security options
 2015-11-11 10:38:49 -08:00
Michael Marineau
58ea72b512 coreos-kernel: more security option updates 
- Enable RANDOMIZE_BASE, hopefully Xen is ok with this now.
 - Disable HIBERNATE/KEXEC_JUMP, we don't need these features.
 - Fix RO/NX settings in the arm64 kernel.
 2015-11-11 10:35:18 -08:00
Michael Marineau
9f0fb176fd Merge pull request #474 from marineam/kernel 
kernel_menuconfig: new script to simplify kernel config changes
 2015-11-11 10:20:01 -08:00
Michael Marineau
b0c14f99b1 kernel_menuconfig: new script to simplify kernel config changes 2015-11-10 18:06:49 -08:00
Michael Marineau
71fd1532e9 coreos-kernel: update fs and security options 
- Switched overlay from built-in to a module.
 - Squashfs was missing xattr support, required for filesystem
   capabilities to work. ping should now work in PXE and ISO images.
 - We never switched to stackprotector string when we updated to GCC 4.9
 - Enable extra credential and selinux checks (DEBUG_CREDENTIALS)
 - Enable RODATA and syn cookies on arm64.
 2015-11-10 17:58:24 -08:00
Brian Waldon
ec46ea71cb Merge pull request #1618 from coreos/bump-kubelet 
app-admin/kubelet: bump to v1.0.7
 2015-11-09 15:14:50 -08:00
Vito Caputo
4029cd6291 Merge pull request #1628 from vcaputo/bump-bootengine-disk-guid-param 
sys-kernel/bootengine: bump for coreos.randomize_disk_guid guid as param
 2015-11-06 15:05:34 -08:00
Vito Caputo
bd83d4f7f8 sys-kernel/bootengine: bump for coreos.randomize_disk_guid guid as param 
Cleanup
 2015-11-06 15:02:31 -08:00
Vito Caputo
a9c2ef6c61 Merge pull request #471 from vcaputo/grub_supply_guid_to_randomize 
grub: supply disk guid to randomize in coreos.randomize_disk_guid
 2015-11-06 14:59:10 -08:00
Vito Caputo
f67fa9ce6c grub: supply disk guid to randomize in coreos.randomize_disk_guid 2015-11-06 14:58:00 -08:00
Vito Caputo
b1d4cb7d23 Merge pull request #1626 from vcaputo/bump-bootengine-randomize-disk-guid 
sys-kernel/bootengine: bump for coreos.randomize_disk_guid support
 2015-11-05 23:48:53 -08:00
Vito Caputo
f0a9acafff sys-kernel/bootengine: bump for coreos.randomize_disk_guid support 
Fixes https://github.com/coreos/bugs/issues/955
 2015-11-05 23:17:59 -08:00
Vito Caputo
822edbd080 Merge pull request #469 from vcaputo/explicitly_randomize_disk_guid 
grub: add and set coreos.randomize_disk_guid kernel param
 2015-11-05 23:14:56 -08:00
Vito Caputo
68f1b407c6 grub: add and set coreos.randomize_disk_guid kernel param 
coreos.first_boot=1 will no longer trigger disk-guid randomization, so
manual ignition triggers in diskless/pxe scenarios may succeed.  Instead
we explicitly request the randomization when first_boot=1 was added by
grub finding the 00000000-0000-0000-0000-000000000001 disk-guid.
 2015-11-05 21:04:31 -08:00
Nick Owens
09cb97d0be Merge pull request #1624 from mischief/locksmith 
app-admin/locksmith: bump to v0.3.4
 2015-11-05 18:09:47 -08:00
mischief
633462a157 app-admin/locksmith: bump to v0.3.4 2015-11-05 17:37:21 -08:00
Nick Owens
3b820dec7f Merge pull request #364 from mischief/nspr 
bump(dev-libs/nspr): sync with upstream
 2015-11-05 13:12:06 -08:00
Nick Owens
ab558e9dc1 bump(dev-libs/nspr): sync with upstream 
no glsa yet, but the upstream bug is
https://bugs.gentoo.org/show_bug.cgi?id=564834
 2015-11-05 09:32:08 -08:00
kayrus
756d3f9159 coreos-kernel: Enabled dm-cache kernel module 2015-11-04 14:16:09 +01:00
Nick Owens
c1ccb976a2 Merge pull request #363 from mischief/automake-wrapper 
bump(sys-devel/automake-wrapper): sync with upstream
 2015-11-03 18:21:45 -08:00
Nick Owens
2fc83a4fa6 bump(sys-devel/automake-wrapper): sync with upstream 2015-11-03 17:35:48 -08:00
Nick Owens
a891c401c3 Merge pull request #362 from mischief/pixman 
bump(x11-libs/pixman): sync with upstream
 2015-11-03 17:31:15 -08:00
Nick Owens
8219bff2c3 Merge pull request #361 from mischief/automake 
bump(sys-devel/automake): sync with upstream
 2015-11-03 17:31:09 -08:00
Nick Owens
542bcf5e4a Merge pull request #360 from mischief/libpng 
bump(media-libs/libpng): sync with upstream
 2015-11-03 17:30:56 -08:00
Nick Owens
ac8222ac32 Merge pull request #359 from mischief/libyaml 
bump(dev-libs/libyaml): sync with upstream
 2015-11-03 17:30:49 -08:00
Nick Owens
b3419e7528 Merge pull request #309 from mischief/net-firewall-iptables 
bump(net-firewall/iptables): sync with upstream
 2015-11-03 17:30:43 -08:00
Nick Owens
55a91d4835 bump(x11-libs/pixman): sync with upstream 
https://security.gentoo.org/glsa/201402-03
 2015-11-03 17:02:34 -08:00
Nick Owens
0f336d8c65 bump(sys-devel/automake): sync with upstream 
https://security.gentoo.org/glsa/201310-15
 2015-11-03 16:57:03 -08:00
Nick Owens
4be5993b89 bump(media-libs/libpng): sync with upstream 
https://security.gentoo.org/glsa/201502-10
 2015-11-03 16:52:43 -08:00
Nick Owens
a35c9a6889 bump(dev-libs/libyaml): sync with upstream 
https://security.gentoo.org/glsa/201405-27
 2015-11-03 16:51:07 -08:00
Brian Waldon
adf1da35f7 app-admin/kubelet: bump to v1.0.7 2015-11-03 09:31:28 -08:00
kayrus
bec0d600fc Automatically create /etc/sysusers.d directory 2015-11-03 16:48:04 +01:00
Michael Marineau
6389c19a10 Merge pull request #1616 from marineam/gsutil 
gsutil and gcutil update
 2015-10-29 11:08:55 -07:00
Michael Marineau
ce9808df33 Merge pull request #358 from marineam/gsutil 
gsutil and gcutil update
 2015-10-29 11:08:52 -07:00
Michael Marineau
8e22a55fe2 chore(metadata): Regenerate cache 2015-10-28 14:32:24 -07:00
Michael Marineau
f910633c63 net-misc/gcutil: add gcutil ebuild 2015-10-28 14:31:59 -07:00
Michael Marineau
0e76d3e362 bump(dev-python/setuptools): sync with upstream 2015-10-28 14:22:22 -07:00
Michael Marineau
a3c37a307d dev-python: add dependencies for gcutil 
Packages updated:
  dev-python/ipaddr
  dev-python/iso8601
  dev-python/pyyaml
 2015-10-28 14:14:12 -07:00
Michael Marineau
6c8ba69ce9 bump(net-misc/gsutil): sync with upstream 
Packages updated:
  dev-python/boto
  dev-python/cffi
  dev-python/crcmod
  dev-python/cryptography
  dev-python/enum34
  dev-python/gcs-oauth2-boto-plugin
  dev-python/google-api-python-client
  dev-python/google-apitools
  dev-python/google-apputils
  dev-python/httplib2
  dev-python/idna
  dev-python/ipaddress
  dev-python/oauth2client
  dev-python/ply
  dev-python/protorpc
  dev-python/py
  dev-python/pyasn1
  dev-python/pyasn1-modules
  dev-python/pycparser
  dev-python/pyopenssl
  dev-python/pytest
  dev-python/python-gflags
  dev-python/pytz
  dev-python/retry-decorator
  dev-python/rsa
  dev-python/six
  dev-python/socksipy
  dev-python/uritemplate
  net-misc/gsutil
 2015-10-28 14:09:23 -07:00
Michael Marineau
f4aa39f06d profiles: update keywords for gsutil and dependencies 2015-10-28 14:08:29 -07:00
Michael Marineau
994800a886 chore(metadata): Regenerate cache 2015-10-28 13:44:44 -07:00
Michael Marineau
1b8648f468 eclass: hack in python3_5 so new ebuilds don't fail 
eclasses and profiles are due for an update but that is more than I want
to bite off today. In order to import current python ebuilds we just
need 3.5 to be considered valid.
 2015-10-28 13:43:35 -07:00
Alex Crawford
2e032b987d Merge pull request #1615 from crawford/coreos-cloudinit 
coreos-base/coreos-cloudinit: bump to v1.7.1
 2015-10-28 12:53:36 -07:00
Alex Crawford
9e80b67bb6 coreos-base/coreos-cloudinit: bump to v1.7.1 2015-10-27 22:29:14 -07:00
Nick Owens
d64344a5ec Merge pull request #1614 from coreos/revert-1613-open-iscsi-3 
Revert "coreos-base/coreos: pull sys-block/open-iscsi into coreos"
 2015-10-27 16:57:37 -07:00
Nick Owens
1a734aa124 Revert "coreos-base/coreos: pull sys-block/open-iscsi into coreos" 2015-10-27 16:55:02 -07:00
Nick Owens
4e3fc19f7b Merge pull request #1613 from mischief/open-iscsi-3 
coreos-base/coreos: pull sys-block/open-iscsi into coreos
 2015-10-27 16:07:20 -07:00
Nick Owens
da2906b8d6 coreos-base/coreos: pull sys-block/open-iscsi into coreos 2015-10-27 15:57:49 -07:00
Nick Owens
1f05a4ef79 Merge pull request #467 from dolfdijkstra/master 
Fixed typo on URI for DEFAULT_ETCD_DISCOVERY.
 2015-10-27 01:07:36 -07:00