An updated fix for the arm64 48 bit VA problem that
causes polkit to crash on arm64.
Fixes arm64 runtime problems like these:
polkitd: unhandled level 3 translation fault (11)
systemd[1]: polkit.service: Main process exited, code=killed, status=11/SEGV
systemd[1]: Failed to start Authorization Manager.
systemd[1]: polkit.service: Unit entered failed state.
Signed-off-by: Geoff Levand <geoff@infradead.org>
With optimizations enabled, seccomp fails to compile with errors like:
error: enumerator value for '__cgo_enum__0' is not an integer constant
This is due to https://github.com/golang/go/issues/14669.
When cross-compiling bash, configure script is not able to tell
if `getcwd()` supports dynamic paths (internally malloc-ed buf),
thus defaulting to an internal version which may break in
overlong scenarios.
glibc supports this mode, so this commit turns on the corresponding
bash feature.
This drops two mounts that are not needed anymore, since the ACI is
built with emerge and gets those data dependencies now. It adds a
new mount for home directories to be created.
Two existing mounts remain: one for /etc, and one for /run/systemd
so the /dev/log link works.
The configuration template needs to be written by the service
itself in the current setup. The host's /etc is mounted into the
ACI to provide all of the user's system configuration and to allow
the GCE scripts to make their modifications, so the template can't
be included in the ACI. It can't be written to the host's /etc
either, since it is read-only in the SDK when OEM packages are
being installed.
The build complains about the wildcard masks, even though they are
explicitly listed as valid in portage(5). Just remove them, since
the type of packages that go into containers don't tend to depend
on boot packages anyway.
This adds the GCE ACI meta-package to board-packages so a binary
package gets built for it on the first build_packages run.
It also moves the CoreOS-specific glibc dependencies from the GCE
Python ebuild onto the meta-package.
