Commit 01eea0f of PR https://github.com/flatcar/scripts/pull/3555
introduced build issue for bootengine and coreos-init; the source
tarball filename reflected in the manifest does not correspond to the
filename used in the ebuild. Hence, the checksum verification fails.
Also, the version symlinks were not updated by the original change.
This change uses the correct filename and checksums and updates the
versions.
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
For A/B-updated /etc contents we used a custom overlay mount that
provides the default files through a lowerdir loaded from /usr. Since
then we upstreamed mutable systemd-confext support and now we can switch
to it.
This pulls in https://github.com/flatcar/init/pull/138 and
https://github.com/flatcar/bootengine/pull/115 together with backported
systemd patches that have opened or merged upstream PRs to fix --root=
issues and add a refresh skip check to prevent boot disruptions due to
the multiple daemon reloads and - more important - the missing atomic
remount that would mean /etc is gone for a few milliseconds during boot.
The skip logic works best with verity hashes and thus the default
confext must be a verity extension image.
User-provided confext don't work well yet unless they use verity due to
the missing atomic remount and reliance on the skipping logic. We also
need to look into stacking order and other mutabiliy settings.
The backported systemd patches relate to the following upstream PRs:
https://github.com/systemd/systemd/pull/39843 for
vpick-Don-t-use-openat-directly-but-resolve-symlinks
discover-image-Follow-symlinks-in-a-given-root
sysext-Use-correct-image-name-for-extension-release
test-Add-tests-for-handling-symlinks-with-systemd-sy
Note that the patch in the PR relies on
0859fe3f32774f1e0c787974cc252ff922a1b868 but the backport patch not.
https://github.com/systemd/systemd/pull/39980 for
sysext-Create-mutable-directory-with-the-right-mode
sysext-Skip-refresh-if-no-changes-are-found
https://github.com/systemd/systemd/pull/39991 for
sysext-Get-verity-user-certs-from-given-root
https://github.com/systemd/systemd/pull/40063 for
sysext-Fix-config-file-support-with-root
which relies on https://github.com/systemd/systemd/pull/38250 for
man-sysext.conf-add-systemd-sysext-config-files
sysext-introduce-global-config-file
sysext-support-ImagePolicy-global-config-option
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
This leverages the branding eclass that was recently added to Gentoo.
Since originally preparing this commit, these fields were added to our
make.conf, but setting them in the profile is more versatile, allowing
for downstreams.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
In next weekly updates batch, pillow gained a dependency on
dev-python/pybind11, which pulls in dev-cpp/eigen, which pulls in some
eclasses and more deps. This is too annoying for a tool that is
effectively of no use for Flatcar. We should be able to get away with
just "providing" the package, since docutils (the only package that
pulls dev-python/pillow) is documented to handle missing pillow
gracefully.
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
This is needed to support modern terminals like foot and Alacritty.
These take up around 7.5MB more, but the btrfs compression should reduce
this considerably.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
This time in overlaybd itself. Also regenerate the offline build
patch, so it can be easily applied using `git am`.
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
It is not exactly a cross fix, but it may serve as a single place for
photon fixes. This time overlaybd stopped compiling with gcc15 due to
missing inclusion of cstdint to get a definition of uint64_t. Most
likely some other header used to pull it in, but now it does not.
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
