When telinit is run and doesn't detect the host systemd, it falls
back to executing a default fallback program that is detected by
meson. In this case, it detects itself at /sbin/telinit, so it
enters an infinite exec loop. Change the default fallback program
to a non-existent path so that telinit just fails in the SDK.
Drop EFI lockdown patches and options to reduce maintenance overhead.
They can be re-added from Fedora's efi-lockdown.patch when we pick up
the Secure Boot work again.
BLK_CPQ_CISS_DA was removed in 253d2464df446456c0bba5ed4137a7be0b278aa8
in favor of SCSI_HPSA. /dev/cciss/* devices will be remapped to /dev/sd*.
NFT_FIB_NETDEV is a new nftables lookup type.
SLAB_FREELIST_HARDENED obfuscates pointers in the slab cache freelists.
RC_CORE enables support for IR and RF transceivers, and is enabled by
defconfig.
This should be a no-op for what is actually built into the images, but
we should aim to have correct ebuilds. It also ensures Ignition is
emerged after util-linux.
iproute was in the overlay for a patch, but as of 4.13 that patch has
been merged upstream (commit d6a4076b6ba6547d7e52c377a7c58c56eb5ea16e).
Move iproute2 back to portage-stable.
coreos-init versions older than 0.0.1-r152 still have the
update-ssh-keys shell script which means the update-ssh-keys package
fails to install. to fix this, we make coreos-base/update-ssh-keys block
on versions of coreos-init that are too old.
This is being added in no small part to better support running the
kubelet in more ways.
It adds up to a few hundred kbs of disk usage, and the benefit is some
tooling which desires to install the kubelet as a static binary on the
host can do so with fewer problems.
We could have picked either readline or ssl as a thing to remove in
package.use since the license issue is ssl XOR readline.
I arbitrarily picked ssl. The primary consumer of socat, the kubelet,
needs neither.
The changes in the commits shouldn't make a difference here, but it
is built from the same source as the gmerge package, so this makes
it look in sync.
