mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 09:56:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,613 Commits 629 Branches 394 Tags 166 MiB
3a9c9ede2d
Commit Graph

7770 Commits

Author SHA1 Message Date
Kai Lüke
3a9c9ede2d Merge pull request #1622 from flatcar-linux/kai/systemd-disable-manage-foreign-routes-and-rules 
sys-apps/systemd: add downstream patch to disable foreign route mgmt
 2022-02-10 17:33:13 +01:00
Kai Lueke
98d2469b60 coreos-base/update_engine: fix flatcar-postinst migration notice 
This pulls in
https://github.com/flatcar-linux/update_engine/pull/16
to fix a small template error in the cgroup v2 migration notice.
 2022-02-10 13:31:17 +01:00
Mathieu Tortuyaux
0c2a064bfb Merge pull request #1635 from flatcar-linux/tormath1/vim 
profiles/base: stabilize vim
 2022-02-10 11:38:30 +01:00
Mathieu Tortuyaux
4f4137b33d profiles/base: stabilize vim 
this is required to pull recent versions of vim which fix CVEs.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-09 18:02:47 +01:00
Flatcar Buildbot
1bd580a3d6 sys-kernel: Upgrade Kernel 5.15.19 to 5.15.22 2022-02-09 16:39:45 +00:00
Kai Lueke
e89bb5652c sys-apps/systemd: add downstream patch to disable foreign route mgmt 
This new downstream patch disables the ManageForeignRoutes and
ManageForeignRoutingPolicyRules systemd-netword settings by default to
ensure that CNIs don't get their routes or routing policy rules
discarded on network reconfiguration events.

https://github.com/flatcar-linux/Flatcar/issues/620
 2022-02-07 17:56:54 +01:00
Sayan Chowdhury
563b295ed7 Merge pull request #1610 from flatcar-linux/linux-5.15.19-main 
Upgrade Linux Kernel in main from 5.15.18 to 5.15.19
 2022-02-03 13:17:14 +05:30
Mathieu Tortuyaux
fcd640e6f0 dev-libs/cyrus-sasl: apply flatcar patches 
- remove unecessary ebuild
- apply cross compiling patch

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-02 13:43:03 +01:00
Flatcar Buildbot
6229b0f4d2 sys-kernel: Upgrade Kernel 5.15.18 to 5.15.19 2022-02-02 07:22:08 +00:00
Mathieu Tortuyaux
7727932905 dev-libs/cyrus-sasl: sync with ::gentoo 
Commit-Ref: c64e42b0da7ce4c4189c8868ce0a5170f044468f

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 16:37:03 +01:00
Mathieu Tortuyaux
58cfec0d2b Merge pull request #1603 from flatcar-linux/tormath1/sbsigntools 
app-crypt/sbsigntools: bump to 0.9.4
 2022-02-01 09:39:20 +01:00
Mathieu Tortuyaux
bf127a3a35 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:28 +01:00
Mathieu Tortuyaux
25c3360eee app-crypt/sbsigntools: apply flatcar changes 
- remove unecessary ebuilds
- mark sbsigntools-0.9.4.ebuild as stable for arm64/amd64
- apply OpenSSLv3 patch from: https://groups.io/g/sbsigntools/topic/patch_fix_openssl_3_0_issue/85903418?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,85903418,previd=1632756467394580924,nextid=1591489833755102589&previd=1632756467394580924&nextid=1591489833755102589
- remove -Werror from Makefile.am for OpenSSLv3 compilation

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:14 +01:00
Kai Lüke
51c4f8338f Merge pull request #1602 from flatcar-linux/kai/enable-fips 
sys-kernel: allow fips mode to be enabled
 2022-01-31 19:51:07 +01:00
Flatcar Buildbot
b51049bc89 sys-kernel: Upgrade Kernel 5.15.17 to 5.15.18 2022-01-31 18:48:44 +01:00
Mathieu Tortuyaux
258e8530ba app-crypt/sbsigntools: sync with ::gentoo 
Commit-Ref: bc01370226f4b5f773ae0da7d49ae09b90622666

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-31 16:59:44 +01:00
Kai Lueke
38a01288e1 sys-kernel: allow fips mode to be enabled 
With this kernel config, users can boot with fips=1 set in
`/usr/share/oem/grub.cfg`:
```
set linux_append="fips=1"
```

Which triggers various behaviors, for FIPS 200 certification.

with this config compiled in, and that boot parameter, users can can
that fips is enabled with:
```
flatcar ~ # cat /proc/sys/crypto/fips_enabled
1
```
 2022-01-31 15:07:36 +01:00
Dongsu Park
19a486c58d Merge pull request #1596 from flatcar-linux/dongsu/glibc-2.33-r10 
sys-libs/glibc: update to 2.33-r10
 2022-01-28 16:58:45 +01:00
Krzesimir Nowak
9582e2e795 Merge pull request #1595 from flatcar-linux/linux-5.15.17-main 
Upgrade Linux Kernel in main from 5.15.16 to 5.15.17
 2022-01-28 16:13:55 +01:00
Kai Lüke
456efdeb9a Merge pull request #1589 from flatcar-linux/kai/ipv6-ra 
coreos-cloudinit and bootengine: accept IPv6 RA for default net configs
 2022-01-28 11:08:46 +01:00
Dongsu Park
27bd0429a0 changelog: add changelog for glibc 2.33-r10 2022-01-28 08:43:44 +01:00
Krzesimir Nowak
a752947aec sys-libs/glibc: Apply Flatcar modifications 
- unmask amd64 and arm64
  - take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
  - don't run sanity checks in pkg_pretend to prevent gcc checks when
    only the binary package is installed.
  - comment out 'dostrip -x' to force the OS image binaries to be stripped
  - remove everything glibc wants to put under /etc since we use
    baselayout to provide that
 2022-01-28 08:43:44 +01:00
Dongsu Park
2301479ae7 sys-libs/glibc: sync with Gentoo for 2.33-r10 
Update sys-libs/glibc to 2.33-r10, mainly to address CVE-2021-3998,
CVE-2021-3999, CVE-2022-23218, CVE-2022-23219.

Gentoo ref: 7ba56d4da4e3fd2bc0d2c1012f2dc02e448c77d4
 2022-01-28 08:43:40 +01:00
Flatcar Buildbot
e4a527aa27 sys-kernel: Upgrade Kernel 5.15.16 to 5.15.17 2022-01-28 07:22:45 +00:00
Mathieu Tortuyaux
eefde75413 changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 18:08:23 +01:00
Mathieu Tortuyaux
0ce5422e6e sys-auth/polkit: apply Flatcar patches 
- apply duktape patchset from https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/97
 `.gitlab-ci.yml` patch has been removed since file is not shipped in
 archive.
- fix config install paths, use systemd-tmpfiles (All configs should
be installed to /usr and tmpfiles should be used to create and fix
directory permissions instead of the ebuild's postinst.)

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 18:08:20 +01:00
Kai Lueke
d341a5b51d coreos-cloudinit and bootengine: accept IPv6 RA for default net configs 
This pulls in
https://github.com/flatcar-linux/coreos-cloudinit/pull/12
and
https://github.com/flatcar-linux/bootengine/pull/30
(https://github.com/flatcar-linux/init/pull/51 is already in)
to also accept Router Advertisements in our default DHCP network
configurations.
 2022-01-27 17:17:12 +01:00
Mathieu Tortuyaux
3bcd2510bc sys-auth/polkit: sync with ::gentoo 
Ref-Commit: 4dbf4f80da2ee7c5e3325d4f25512dc0ed1a4b48

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 14:25:53 +01:00
Kai Lueke
e2d87f0d26 coreos-base/coreos-init/coreos-init: pull in latest changes 
This pulls in
https://github.com/flatcar-linux/init/pull/58
(bin/flatcar-update: don't assume $USER is set up, only use $EUID)
and
https://github.com/flatcar-linux/init/pull/51
network: Enable the RAs to fix IPv6 address assignment
 2022-01-26 17:15:03 +01:00
Dongsu Park
66e00de1db Merge pull request #1581 from flatcar-linux/rust-1.58.1-main 
Upgrade dev-lang/rust in main from 1.57.0 to 1.58.1
 2022-01-26 11:27:23 +01:00
Dongsu Park
0652a4584c changelog: add security changelog for Rust 1.58.1 2022-01-25 10:25:12 +01:00
Sayan Chowdhury
44e7c99fe3 Merge pull request #1586 from flatcar-linux/linux-5.15.16-main 
Upgrade Linux Kernel in main from 5.15.15 to 5.15.16
 2022-01-24 23:50:13 +05:30
Mathieu Tortuyaux
4842771f2f Merge pull request #1578 from flatcar-linux/tormath1/krb 
app-crypt/mit-krb5: move to `::portage-stable`
 2022-01-21 11:22:16 +01:00
Mathieu Tortuyaux
adfb599a8a app-crypt/mit-krb5: move to ::portage-stable 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-21 10:25:54 +01:00
Flatcar Buildbot
fcf915f066 sys-kernel: Upgrade Kernel 5.15.15 to 5.15.16 2022-01-21 07:22:58 +00:00
Flatcar Buildbot
0907be99dc dev-lang: Upgrade dev-lang/rust 1.57.0 to 1.58.1 2022-01-21 06:49:01 +00:00
Jeremi Piotrowski
0f908837b9 sys-kernel: backport hyper-v PCI patches from v5.17-rc1 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-01-20 14:44:47 +00:00
Jeremi Piotrowski
d29ae37389 Merge pull request #1576 from flatcar-linux/runc-1.1.0-main 
Upgrade Runc in main from 1.0.3 to 1.1.0
 2022-01-20 11:45:59 +01:00
Krzesimir Nowak
7ae17b938f Merge pull request #1525 from flatcar-linux/krnowak/no-eapi-update 
Get rid of EAPI 0
 2022-01-20 08:17:35 +01:00
Flatcar Buildbot
cf042a7e72 app-emulation: Upgrade Runc 1.0.3 to 1.1.0 2022-01-19 11:14:29 +00:00
Mathieu Tortuyaux
746b47fc24 Merge pull request #1572 from flatcar-linux/tormath1/openssl 
dev-libs/openssl: sync with the upstream
 2022-01-18 18:05:49 +01:00
Mathieu Tortuyaux
9bb21c4ce1 profiles/keywords: remove openssl 
openssl is marked as stable directly into the Flatcar modifications
commit.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-18 17:03:58 +01:00
Mathieu Tortuyaux
6b16187adc profiles/coreos: unmask openssl-3 
upstream has masked openssl-3 for tracking build failures. Since we are
not impacted by this failures, we can safely unmask openssl-3.

See: https://github.com/flatcar-linux/Flatcar/issues/418 for Flatcar's
dependencies.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-18 16:59:40 +01:00
Mathieu Tortuyaux
b172cf5e6a changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-18 16:59:40 +01:00
Mathieu Tortuyaux
1a76d69d8d dev-libs/openssl: Apply Flatcar modifications 
- drop `pkg_postint`
- create `/etc/ssl` with tmpfiles
- remove unecessary files
- mark openssl as stable for arm64 and amd64

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-18 16:59:40 +01:00
Krzesimir Nowak
b1018c0c3d Merge pull request #1573 from flatcar-linux/krnowak/eapi-update 
Changes related to app-arch updates
 2022-01-18 16:02:16 +01:00
Flatcar Buildbot
5a4e61fcd0 sys-kernel: Upgrade Kernel 5.15.14 to 5.15.15 2022-01-17 19:15:49 +01:00
Krzesimir Nowak
d4af97831d profiles: Drop keywords for app-arch/pigz 
The updated version is stable for both amd64 and arm64.
 2022-01-17 18:41:32 +01:00
Krzesimir Nowak
65d14d65d4 profiles: Drop keywords for app-arch/pbzip2 
The updated version is stable for both amd64 and arm64.
 2022-01-17 18:40:12 +01:00
Mathieu Tortuyaux
42aec3a36b dev-libs/openssl: sync with the upstream 
Commit-Ref: b258e2593e406538c8ca5029d027f315edc44843

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-17 17:00:31 +01:00