lbzip2 is surprisingly fast and is particularly useful for dealing with
large archives and filesystem images. In a similar vein pbzip2 has been
used for handling binary packages for a while but lbzip2 seems a bit
better. Since I plan on using the heck out of lbzip2 add it to the build
and system package sets. While mucking around might as well start
swapping pbzip2 for lbzip2 for consistency's sake although it doesn't
seem to matter much for binary packages. For now we can only switch
make.conf for targets, the host make.conf can't change till everyone's
SDK has lbzip2 installed.
Previously only targets were being built with bindist but we should
build the SDK with it as well. This avoids the re-compile of openssl,
openssh, and freetype when creating a new chroot since the SDK tarballs
are already built with the bindist flag. Also turn the bindist flag back
on for freetype in the target profile, we don't need ClearType sub-pixel
rendering on our systems. :)
This places a dev signing key on disk for testing purposes. As noted in
the ebuild a production key will replace this key when building official
images.
Update to latest release. cros_sdk is still using this file instead of
version.txt in the manifest because it needs a tarball that already
exists when building a new version for the first time. At some point
that will work differently but for now we'll have to keep this file.
We were already using the default for CFLAGS, etc. LDFLAGS had
--as-needed but that has gone into the default Gentoo profile so we
ought to move it there as well. Also, ld's -O1 and -O2 are equivalent so
use the profile default -O1.
The version will now be tracked in the manifest so the old
coreos_version.sh needs to source it from there. Also export variables
with a COREOS_ prefix in addition to CHROMEOS_ since the latter name
isn't really correct. This is particularly true for the data published
via lsb_release.
This includes a new gsutil verison which is not yet in upstream portage
along with new ebuilds for a couple of its dependencies that are also
not in portage:
dev-python/google-api-python-client
dev-python/socksipy-branch
Also, dev-python/python-gflags is included here to apply two extra
patches that fix some unit tests and add mark that it conflicts with the
old version of dev-cpp/gflags that we had been using up until now.
Hopefully all this will be merged upstream soon:
https://bugs.gentoo.org/show_bug.cgi?id=468080
Docker seems to be working fine now under systemd. Some recent code
changes have fixed the problems we were running into before.
What has been tested while running docker directly under systemd:
1. docker run
2. docker pull
3. docker images
4. docker rm
These two mirrors are generated specifically from our own overlays so
they should always include everything we need. The default Gentoo mirror
is provided simply as a sane backup.
emirrordist will refuse to handle files that are not included in the
Manifest file. To keep things happy just sweep across the tree adding
them. (A lot of these packages could actually go away, but that is a
different project for another day).
When installing with the default make.conf in full effect
/etc/init.d/functions.sh will be excluded which is the whole point of
the efunctions package in the first place. This should fix that.
Replace ChromiumOS target binhosts with our own. The auto-generated
files have been stubbed out and configs for targets we don't currently
support have been removed. MARCH_TUNE is now defined here.
After this change target binhosts will defined here and
/etc/make.conf.board and overlay-amd64-generic/make.conf are no longer
used. The new setup_board only creates /etc/make.conf.board_setup.
Building our own packages so we don't want the old ones! This is just a
first stage, automated builds aren't going yet and I'm not covering
amd64-generic and its cross toolchain, just the sdk.
The old binhost/host/*.conf files are just stubbed out until I'm
positive nothing else is referring to them.
As-is catalyst and cros-workon's live ebuilds don't mix since the
catalyst chroot does not provide /mnt/host like the sdk chroot does.
Besides, only people actively working on a project should use the live
versions since anyone else will install it one time and then never
upgrade after that, even when the version marked stable is actually
newer than their old live build.
For SDK builds this means not accepting ~amd64 for core-admin and
update_engine and adding a stable ebuild for core-admin. (update_engine
already has a stable ebuild which is even up-to-date)
Despite the big scary warning saying otherwise upstream Gentoo has
actually included shadow in this list since 2011 (while also forgetting
to delete the warning, cute!). Not having it here runs the risk of
causing a failure during catalyst builds if something tries to add a
system user or group before shadow gets installed.
Upstream commit:
http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/profiles/default/linux/packages.build?r1=1.5&r2=1.6
This version of efunctions does not depend on cros workon and git to
install and thus is suitable for bootstrapping. It also uses the
original author as the upstream rather than a coreos mirror. Since it is
not coreos specific any more I've moved it to sys-apps.
Added to both system and bootstrap package sets.
For extra fun it is also in my new systemd-only Gentoo overlay:
https://github.com/marineam/systemd-only-overlay
The old-style virtual/portage is gone and replaced by a new-style
virtual/package-manager in Gentoo. For now just use sys-apps/portage
since that's all we want anyway.
Enable:
CONFIG_MACVLAN=m
CONFIG_MACVTAP=m
CONFIG_VETH=m
Docker needs VETH, and might use MACVLAN in the future, it can't hurt to
enable them, they take up no running space if not used.
This feature forces emerge to only fetch sources from mirrors, never the
SRC_URI provided in actual ebuilds. Disabling this should fix our issues
with portage tarballs vanishing. :-D
Build in a few ACPI drivers, and remove some hardware-specific drivers
that the boot kernel will never see.
Also disable CONFIG_WATCHDOG, as the boot kernel should never be alive
long enough for a watchdog to need to kick in.
