mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,654 Commits 625 Branches 396 Tags
Commit Graph

8654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thilo Fromm
33e49eaeec sys-apps/glibc-(2.32|2.33): add Flatcar changes 
2.33
- unmask amd64 and arm64
- remove tmpfiles from ebuild inherit so we don't run into a circular
  dep with systemd
- take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
- Don't run sanity checks in pkg_pretend to prevent gcc checks when
  only the binary package is installed.
- comment out 'dostrip -x' to force the OS image binaries to be stripped
- remove everything glibc wants to put under /etc since we use
  baselayout to provide that

2.32
sys-libs/glibc-2.32,targets/sdk: backport to EAPI6, add Flatcar changes

Backport the glibc recipe to EAPI6 to work around BDEPEND emerge
issue, add flatcar specific changes to the build recipe.
Move PYTHON_DEPS to DEPEND so things can build.

Don't run sanity checks in pkg_pretend
(similar change as in glibc-2.29) to prevent
gcc checks when only the binary package is installed.

Also, force the "crypt" use flag for all builds so libcrypt is built.
(Upstream gentoo does the same)

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2021-06-29 09:27:59 +02:00
Thilo Fromm
3baf9c2c44 sys-libs/glibc upstream sync: add 2.33 remove 2.29 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2021-06-28 17:31:39 +02:00
Flatcar Buildbot
99dca5debb app-emulation: Upgrade Runc 1.0.0_rc95 to 1.0.0 2021-06-24 08:01:13 +00:00
Mathieu Tortuyaux
aae132d3de Merge pull request #1069 from kinvolk/tormath1/curl-7.77 
Revert "profiles: Update the accept keywords for curl 7.76.1"
 2021-06-23 10:46:25 +02:00
Mathieu Tortuyaux
169d025f84 Revert "profiles: Update the accept keywords for curl 7.76.1" 
This reverts commit 8d56fd17957540e764ca491285776d2dbb73c38e.
 2021-06-22 11:55:13 +02:00
Sayan Chowdhury
0249137fa4 Merge pull request #1065 from kinvolk/linux-5.10.45-main 
Upgrade Linux Kernel in main from 5.10.43 to 5.10.45
 2021-06-21 13:01:32 +05:30
Flatcar Buildbot
8375a98a76 sys-kernel: Upgrade Kernel 5.10.43 to 5.10.45 2021-06-19 07:12:03 +00:00
Iago López Galeiras
9a5b486219 Merge pull request #1055 from kinvolk/iaguis/remove-nnp-patch 2021-06-15 16:57:35 +02:00
Sayan Chowdhury
b1414fdcf1 Merge pull request #1053 from kinvolk/linux-5.10.43-main 
Upgrade Linux Kernel in main from 5.10.42 to 5.10.43
 2021-06-15 12:46:56 +05:30
Iago Lopez Galeiras
3f354a1114 app-emulation/docker: disable SELinux 
We disable SELinux because Flatcar doesn't properly support it and it
was causing labeling problems when running runc containers with
NoNewPrivileges or seccomp.
 2021-06-14 16:23:00 +02:00
Iago Lopez Galeiras
9b18f05723 app-emulation/runc: remove patches disabling NNP and seccomp 
These were included as a workaround for SELinux issues on Flatcar.
However, they also disable NoNewPrivileges and seccomp support, which
reduces security.

Instead, we'll disable SELinux support in the Docker daemon in the next
commit.
 2021-06-14 16:22:55 +02:00
Flatcar Buildbot
5575a1bc42 sys-kernel: Upgrade Kernel 5.10.42 to 5.10.43 2021-06-11 07:12:11 +00:00
Sayan Chowdhury
b6435d8d5a Merge pull request #1047 from kinvolk/linux-5.10.42-main 
Upgrade Linux Kernel in main from 5.10.41 to 5.10.42
 2021-06-11 11:00:55 +05:30
Dongsu Park
7632c0af3a Merge pull request #1049 from kinvolk/go-1.16.5-main 
Upgrade Go in main from 1.16.4 to 1.16.5
 2021-06-07 17:22:31 +02:00
Flatcar Buildbot
93e421ae8b dev-lang: Upgrade Go 1.16.4 to 1.16.5 2021-06-07 07:58:17 +00:00
Dongsu Park
8bfbc7f5e7 Merge pull request #1041 from kinvolk/dongsu/update-torcx-crypto-net 
app-arch/torcx: update crypto and net, fix build issues
 2021-06-03 17:19:12 +02:00
Flatcar Buildbot
a40e21c292 sys-kernel: Upgrade Kernel 5.10.41 to 5.10.42 2021-06-03 07:40:08 +00:00
Dongsu Park
84a931cb50 app-arch/torcx: update to 0.2.0-r4 
Pulls in https://github.com/kinvolk/torcx/pull/10 .

It is mainly to address security issues like CVE-2020-29652 and
CVE-2021-31525 .
 2021-06-01 10:29:08 +02:00
Dongsu Park
39b7edb4b2 app-arch/torcx: fix Go import path 
Go import path of torcx has changed from coreos to flatcar-linux,
aef371c76b

So we need to fix the import path also in torcx ebuilds.
Otherwise build will simply fail due to wrong import paths.
 2021-06-01 10:27:45 +02:00
Dongsu Park
54735b6a95 Merge pull request #1035 from kinvolk/dongsu/libxml2-2.9.12 
profiles: accept keywords ~amd64 and ~arm64 for libxml2 2.9.12-r2
 2021-06-01 09:29:31 +02:00
Sayan Chowdhury
4263631db6 Merge pull request #1040 from kinvolk/linux-5.10.41-main 
Upgrade Linux Kernel in main from 5.10.39 to 5.10.41
 2021-05-31 12:57:41 +05:30
Flatcar Buildbot
16228d8bd4 sys-kernel: Upgrade Kernel 5.10.39 to 5.10.41 2021-05-29 07:40:07 +00:00
Dongsu Park
252216b14c profiles: accept keywords ~amd64 and ~arm64 for libxml2 2.9.12-r2 2021-05-27 17:16:37 +02:00
Mathieu Tortuyaux
877433ad0c Merge pull request #1029 from kinvolk/tormath1/bump-update-engine 
coreos-base/update_engine: bump commit ID
 2021-05-27 16:37:16 +02:00
Mathieu Tortuyaux
85d52f1711 coreos-base/update_engine: bump commit ID 
related to https://github.com/kinvolk/update_engine/pull/9

Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
 2021-05-27 16:27:29 +02:00
Dongsu Park
71eeaa90cc Merge pull request #1023 from kinvolk/dongsu/openssh-8.6 
net-misc/openssh: update to 8.6
 2021-05-27 11:49:07 +02:00
Sayan Chowdhury
bbd4ea5e30 Merge pull request #1028 from kinvolk/linux-5.10.39-main 
Upgrade Linux Kernel in main from 5.10.38 to 5.10.39
 2021-05-24 21:12:16 +05:30
Flatcar Buildbot
9fe59c8e35 sys-kernel: Upgrade Kernel 5.10.38 to 5.10.39 2021-05-23 07:14:37 +00:00
Kai Lüke
60f34fe8b9 net-misc/openssh: Apply Flatcar changes 
- Drop the init.d files.
- Remove the socket unit's rate limiting.

Instead of dropping bindist, enable it with the profiles now so it
doesn't need to be modified on future updates.

Imported commit 6c0c1c8806bedcc164e5bd3541ab50b2c21e2498 .
 2021-05-21 14:11:40 +02:00
Dongsu Park
cf2b332856 profiles: accept openssh 8.6_p1-r1 for both amd64 and arm64 2021-05-21 14:11:40 +02:00
Dongsu Park
0e66a70f6a net-misc/openssh: update to 8.6_p1, sync with Gentoo 
Update net-misc/openssh to 8.6_p1, by syncing with upstream Gentoo.
 2021-05-21 14:11:40 +02:00
Dongsu Park
1f9c794749 Merge pull request #1022 from kinvolk/sayan/update-binutils-2.36 
profiles,sys-boot: fix grub2 for binutils 2.36
 2021-05-21 10:04:43 +02:00
Dongsu Park
430a8eafcc Merge pull request #1006 from kinvolk/containerd-1.5.1-main 
Upgrade Containerd in main from 1.4.4 to 1.5.2
 2021-05-21 09:28:10 +02:00
Dongsu Park
80e8ad9b35 Merge pull request #1021 from kinvolk/runc-1.0.0_rc95-main 
Upgrade Runc in main from 1.0.0_rc93 to 1.0.0_rc95
 2021-05-21 09:27:23 +02:00
Kai Lüke
4272466762 Merge pull request #1020 from kinvolk/linux-5.10.38-main 
Upgrade Linux Kernel in main from 5.10.37 to 5.10.38
 2021-05-20 16:48:48 +02:00
Dongsu Park
5700fa12e6 app-emulation/containerd: update to 1.5.2 2021-05-20 15:57:16 +02:00
Dongsu Park
e63de2ea31 app-emulation/containerd: set GOFLAGS to -mod=vendor 
Since containerd 1.5 started to turn on Go module, we need to pass
`-mod=vendor` to the go build command.
Otherwise, go build will fail because it would try to fetch missing
go deps from remote repos. It would not work inside of sandbox.

We cannot set `COREOS_GO_MOD=vendor` because containerd ebuild calls
`emake` instead of `go_build`.
 2021-05-20 15:56:39 +02:00
Flatcar Buildbot
8a0da2857b app-emulation: Upgrade Containerd 1.4.4 to 1.5.1 2021-05-20 14:13:45 +02:00
Dongsu Park
63031a2ebc app-emulation/docker-runc: adjust patches for 1.0.0-rc95 2021-05-20 14:07:09 +02:00
Flatcar Buildbot
b02b5cd0e6 app-emulation: Upgrade Runc 1.0.0_rc93 to 1.0.0_rc95 2021-05-20 13:43:39 +02:00
Dongsu Park
67b3af83f3 Revert "app-emulation/docker-runc: Embargoed patch for CVE-2021-30465" 
This reverts commit 66f77b50879dded97b48c8f95277f18c6089022c.
 2021-05-20 13:43:39 +02:00
Dongsu Park
447212cb30 sys-boot/grub: fix build error with binutils 2.36 
With binutils 2.36, build of grub fails like that:

```
ld: section .note.gnu.property VMA [0000000000400158,0000000000400187]
overlaps section .bss VMA [000000000000e000,000000000041d207]
```

It is caused by assembler, as it generates the GNU property notes section
by default. Use the assmbler option `-mx86-used-note=no` to disable the
section from being generated to workaround the ensuing linker issue.

Patch was originally written by OpenSUSE.

https://sourceware.org/bugzilla/show_bug.cgi?id=27377
https://bugzilla.opensuse.org/show_bug.cgi?id=1181741
https://build.opensuse.org/package/view_file/Base:System/grub2/0001-Fix-build-error-in-binutils-2.36.patch
 2021-05-20 09:27:49 +02:00
Sayan Chowdhury
1f7935ec72 profiles: Update the package accept_keywords 
Signed-off-by: Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
 2021-05-20 09:25:30 +02:00
Dongsu Park
fffa7c216d Merge pull request #1004 from kinvolk/firmware-20210511-main 
Upgrade Linux Firmware in main from 20210315 to 20210511
 2021-05-20 09:20:52 +02:00
Dongsu Park
58ed505831 sys-kernel/coreos-firmware: fix broken symlinks to cxgb4 firmware files 
Since coreos-firmware 20210511, `cxgb4/t[4-6]fw*.bin` files have a new
version '1.25.4.0'. We need to update the file name pointed by symlinks.
Otherwise build fails due to broken symlinks.
 2021-05-20 09:18:49 +02:00
Flatcar Buildbot
aa5a113a3a sys-kernel: Upgrade Linux Firmware 20210315 to 20210511 2021-05-20 09:18:49 +02:00
Flatcar Buildbot
cbc07cd946 sys-kernel: Upgrade Kernel 5.10.37 to 5.10.38 2021-05-20 07:14:42 +00:00
Kai Lüke
9d8aa1a9a9 app-emulation/docker-runc: Embargoed patch for CVE-2021-30465 2021-05-19 22:52:27 +02:00
Dongsu Park
d7dbc6dde7 Merge pull request #997 from kinvolk/rust-1.52.1-main 
Upgrade dev-lang/rust in main from 1.51.0 to 1.52.1
 2021-05-17 19:37:30 +02:00
Dongsu Park
116fec4eef Merge pull request #1011 from kinvolk/linux-5.10.37-main 
Upgrade Linux Kernel in main from 5.10.34 to 5.10.37
 2021-05-17 16:19:14 +02:00