flatcar-scripts

mirror of https://github.com/flatcar/scripts.git synced 2025-08-19 13:31:28 +02:00

Author	SHA1	Message	Date
Flatcar Buildbot	9929f5b294	dev-lang/rust: Update from 1.72.0 to 1.72.1	2023-09-26 09:34:57 +02:00
Dongsu Park	4c7eaff8a6	changelog: add changelog for qcow2 inline compression Add missing changelog of https://github.com/flatcar/scripts/pull/1132. See also https://github.com/flatcar/Flatcar/issues/1135.	2023-09-26 09:29:50 +02:00
Dongsu Park	a7e5f1f903	overlay sys-kernel/coreos-modules: delete configs CONFIG_NET_CLS_RSVP* Build fails in >= 6.1.55 like below, because upstream stable Kernels deleted the Kernel configs CONFIG_NET_CLS_RSVP. ``` ERROR: sys-kernel/coreos-modules-6.1.55::coreos failed (configure phase): * Requested options not enabled in build: * CONFIG_NET_CLS_RSVP * CONFIG_NET_CLS_RSVP6 ``` Fix that by deleting the Kernel configs.	2023-09-26 09:14:36 +02:00
Flatcar Buildbot	17c4efdbc7	sys-kernel/coreos-sources: Update from 6.1.54 to 6.1.55	2023-09-26 09:14:36 +02:00
Dongsu Park	e6209c4c2b	Merge pull request #1185 from flatcar/mantle-update-main Upgrade mantle container image to latest HEAD in main	2023-09-26 09:10:02 +02:00
Flatcar Buildbot	eddc306c94	Update mantle container image to latest HEAD	2023-09-25 21:00:46 +00:00
flatcar-ci	19a6ca049d	New version: main-3738.0.0-nightly-20230925-2100	2023-09-25 21:00:25 +00:00
Kai Lüke	9ffceaf3fe	Merge pull request #1132 from krishjainx/qcow2-inline-compression Allow use qcow2 inline compression	2023-09-25 17:37:15 +02:00
Krzesimir Nowak	c593d76e7a	Merge pull request #1146 from flatcar/krnowak/vmware-sysext Sysext image for VMware OEM	2023-09-25 14:51:02 +02:00
Krzesimir Nowak	ffe2d0e177	changelog: Update an entry Co-authored-by: Kai Lüke <pothos@users.noreply.github.com>	2023-09-25 14:50:45 +02:00
Krzesimir Nowak	1ccd915bbf	changelog: Update an entry Co-authored-by: Kai Lüke <pothos@users.noreply.github.com>	2023-09-25 14:45:31 +02:00
Kai Lüke	04dbadea3b	disk_layout: use btrfs for the /usr partition The compression feature of btrfs allows us to store more in the size-limited /usr and OEM partitions. The size should of course still be monitored to not bloat the image but more headroom helps to try things out quickly without hitting the hard limit which fails the build. Use btrfs with zstd compression for the /usr partition. While for ext2 a hack exists to force read-only mounts by manipulating some bytes of the filesystem, on btrfs we can use the subvolume read-only flag instead which also works for the default top level subvolume. However, it also makes also sense to mount the filesystem with the "norecovery" mount option to prevent any write attempts even when the "ro" option is set (not needed when using dm-verity in read-only mode but when directly mounting without dm-verity). A new subvolumes is not created because subvolumes don't offer anything special as long as we use the A/B partition update mechanism (but they could be an alternative for that). Note that switching to the btrfs on the /usr partition is only possible when the Flatcar Stable release has all patches in update-engine and seismograph's rootdev.	2023-09-25 12:56:04 +02:00
Kai Lüke	315d72eccc	Merge pull request #1181 from flatcar/mantle-update-main Upgrade mantle container image to latest HEAD in main	2023-09-25 12:49:37 +02:00
Flatcar Buildbot	2167131336	Update mantle container image to latest HEAD	2023-09-25 10:48:10 +00:00
flatcar-ci	8a0fa6c3b2	New version: main-3735.0.0-nightly-20230922-2100-INTERMEDIATE	2023-09-25 09:00:02 +00:00
Krzesimir Nowak	04e7ab37a0	Merge pull request #1178 from flatcar/krnowak/glibc-fix coreos sys-libs/glibc: Update manifest for changed patch set	2023-09-25 10:04:16 +02:00
Krzesimir Nowak	d98a89536b	coreos sys-libs/glibc: Update manifest for changed patch set	2023-09-25 09:49:06 +02:00
flatcar-ci	59f2ca5fc6	New version: main-3735.0.0-nightly-20230922-2100-INTERMEDIATE	2023-09-22 21:00:29 +00:00
Thilo Fromm	8e3144af19	Merge pull request #1171 from flatcar/t-lo/update-glibc-patchlevel sys-libs/glibc: update to patchlevel 2.37-rc5	2023-09-22 17:06:13 +02:00
Thilo Fromm	a6c9180371	glibc: changelog for CVE-2023-4527, CVE-2023-4806 Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>	2023-09-22 17:03:19 +02:00
Mathieu Tortuyaux	3c0708d7fd	Merge pull request #1165 from flatcar/mantle-update-main Upgrade mantle container image to latest HEAD in main	2023-09-22 16:07:02 +02:00
Flatcar Buildbot	89aca40503	Update mantle container image to latest HEAD	2023-09-22 14:06:28 +00:00
Mathieu Tortuyaux	0b705e9e04	Merge pull request #1168 from flatcar/tormath1/selinux-size overlay sys-libs/libsemanage: set compression on	2023-09-22 16:06:08 +02:00
Thilo Fromm	b7e7da18c3	sys-libs/glibc: Apply Flatcar modifications - take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles. - comment out 'dostrip -x' to force the OS image binaries to be stripped - remove everything glibc wants to put under /etc since we use baselayout to provide that - un-mask amd64 and arm64 Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>	2023-09-22 15:16:28 +02:00
Thilo Fromm	9ae20fd41f	sys-libs/glibc: import upstream 2.37-r5 Imported from commit 406ab36652e8f9cac3f6e61990fb00c861a86a28 Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>	2023-09-22 15:04:11 +02:00
Kai Lüke	4272a41039	Merge pull request #1160 from flatcar/kai/fallback-update-key sys-kernel/bootengine: Use update key for initrd sysext download	2023-09-22 12:17:31 +02:00
Kai Lüke	0b14db27b6	Merge pull request #1161 from flatcar/kai/cloudinit-vm-userdata coreos-base/coreos-cloudinit: Workaround for user-configvirtfs.service	2023-09-22 12:17:14 +02:00
Mathieu Tortuyaux	d0562c1e4a	overlay sys-libs/libsemanage: set compression on otherwise it blows from 3MB to 33MB on `/usr/lib/selinux/policy/mcs/` for example. Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-22 11:37:11 +02:00
Dongsu Park	13ddc2d85d	Merge pull request #1159 from flatcar/firmware-20230919-main Upgrade Linux Firmware in main from 20230804 to 20230919	2023-09-22 09:36:06 +02:00
flatcar-ci	55f512dd7a	New version: main-3734.0.0-nightly-20230921-2100	2023-09-21 21:00:29 +00:00
Kai Lueke	8777c54b0b	sys-kernel/bootengine: Use update key for initrd sysext download This pulls in https://github.com/flatcar/bootengine/pull/71 to switch the extension download to use the update server and the update key for verification of the payloads.	2023-09-21 17:30:38 +02:00
Kai Lueke	8f45b6bb98	coreos-base/coreos-cloudinit: Workaround for user-configvirtfs.service This pulls in https://github.com/flatcar/coreos-cloudinit/pull/24 as a workaround to use Upholds= which eventually starts user-configvirtfs.service.	2023-09-21 17:29:38 +02:00
Dongsu Park	8b0e46c1cc	overlay sys-kernel/coreos-firmware: update cxgb4 version to 1.27.4.0 Fix build issues of coreos-firmware, by bumping the cxgb4 firmware version to 1.27.4.0.	2023-09-21 16:27:09 +02:00
Flatcar Buildbot	30b42fa62b	sys-kernel/coreos-firmware: Update from 20230804 to 20230919	2023-09-21 07:12:51 +00:00
flatcar-ci	4c4ec0226b	New version: main-3733.0.0-nightly-20230920-2100	2023-09-20 21:00:37 +00:00
Mathieu Tortuyaux	233758055d	Merge pull request #917 from flatcar/tormath1/selinux-policy-update selinux: update	2023-09-20 12:35:23 +02:00
Mathieu Tortuyaux	c3ba668ece	.github: add more packages to automation Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	0d3c1a5131	coreos-base/misc-files: add SELinux config Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	678dfd7f79	sys-apps/semodule-utils: sync with Gentoo Commit-Ref: `a8d934769f` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	a07620c0d9	changelog: add entries Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	077dd2363e	sec-policys/selinux-dbus: add new package it's a dependency from ssh module: ``` Failed to resolve typeattributeset statement at /var/lib/selinux/mcs/tmp/modules/400/ssh/cil:127 Failed to resolve AST ``` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	af5400ce64	sec-policy/selinux-unconfined: sync with Gentoo Commit-Ref: `ea4cd1f216` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux	eed7eb6d21	sec-policy/selinux-sssd: sync with Gentoo Commit-Ref: `ea4cd1f216` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	206b71a48f	coreos/user-patches: add selinux-container apply Flatcar patch (including the kernel_t transition that should be removed once we have a system labelled) Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	1306dfefec	sec-policy/selinux-container: add new package it comes in replacement of selinux-virt Commit-Ref: `ea4cd1f216` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	1e2b1c999d	sec-policy/selinux-virt: drop ebuild it's now replaced by selinux-container Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	2af995d2dc	coreos/user-patches: add selinux-base-policy Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	6b7c24719b	sec-policy/selinux-base-policy: sync with Gentoo Commit-Ref: `ea4cd1f216` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux	ac520d6588	coreos/user-patches: add selinux-base * add selinux patches (icmp-bind, relabel and kernel permissions) * ship our own config file Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux	3de5229a3c	sec-policy/selinux-base: sync with Gentoo Commit-Ref: `ea4cd1f216` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>	2023-09-20 12:33:38 +02:00

... 24 25 26 27 28 ...

24810 Commits