mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-23 22:51:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
30,045 Commits 630 Branches 403 Tags
Commit Graph

30045 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Marineau
af38bc6df4 Merge pull request #536 from marineam/assert-keys 
prod_image_util: do not check update keys on arm64
 2016-05-05 17:56:37 -07:00
Michael Marineau
20541226bf prod_image_util: do not check update keys on arm64 
arm64-usr doesn't have update_engine yet so this isn't valid.
 2016-05-05 17:33:11 -07:00
Matthew Garrett
c60a99dce7 Merge pull request #1947 from mjg59/selinux_enforce 
sec-policy: Permit execmem in selinux policy
 2016-05-05 23:05:11 +01:00
Michael Marineau
92059efbe1 Merge pull request #1948 from marineam/ccache 
profiles: tell ccache to rewrite paths relative to $S
 2016-05-05 12:30:35 -07:00
Michael Marineau
24553ea073 Merge pull request #1946 from mjg59/sssd 
sys-auth/pambase: Change pam_sss handling for account stanza
 2016-05-05 12:27:32 -07:00
Michael Marineau
bb492a027e profiles: tell ccache to rewrite paths relative to $S 
There are a number of ways the absolute path to a source file can make
it into the compiler output, some of which can prevent cached results
from being used when compiling related code in different locations.
The default source directory $S contains the package version so paths
need to be relative to it in order to work between package versions.

Previously attempted in 8259b77fc8eba8cfda54da565882283953bfd61a, should
be safe now that QEMU has been upgraded to 1.5. I've been using this
setting on my Gentoo machines and haven't found any other issues.
Also reverts commit 661ceb0fa114c499fa99b653bccb6d011c0d0b49.
 2016-05-05 12:21:25 -07:00
Matthew Garrett
ce550930d0 sec-policy: Permit execmem in selinux policy 
polkit is failing when selinux is enforcing as it is attempting to mmap
pages as both writable and executable and selinux is forbidding this.
Since we want selinux for container isolation rather than general system
confinement, the easiest fix for now is to just add the selinux boolean
to permit execmem.

The selinux eclass is modified to hardcode the gentoo patchset that we're
basing our policy on - otherwise bumping the revision for our local
builds tries to pull down versions that don't exist.
 2016-05-05 13:32:57 +01:00
Matthew Garrett
71b330e9d4 sys-auth/pambase: Change pam_sss handling for account stanza 
Having this be effectively required isn't appropriate when we default to
having sssd be disabled.
 2016-05-05 13:25:52 +01:00
Michael Marineau
3d851911c5 Merge pull request #535 from marineam/static 
setup_board: fix running build_image with an empty board root
 2016-05-04 17:50:38 -07:00
Michael Marineau
6c7c063474 setup_board: fix running build_image with an empty board root 2016-05-04 17:13:29 -07:00
Alex Crawford
571317c3d3 Merge pull request #1942 from crawford/ignition 
sys-apps/ignition: bump to v0.5.0
 2016-05-04 14:50:38 -07:00
Alex Crawford
758672abca Merge pull request #1941 from crawford/cloudinit 
coreos-base/coreos-cloudinit: bump to v1.10.1
 2016-05-04 14:50:33 -07:00
Alex Crawford
89b43c5bfa sys-apps/ignition: bump to v0.5.0 2016-05-04 13:57:21 -07:00
Alex Crawford
f4a13eedea coreos-base/coreos-cloudinit: bump to v1.10.1 2016-05-04 10:14:44 -07:00
Alex Crawford
463e00a188 Merge pull request #1940 from crawford/init 
coreos-base/coreos-init: bump coreos-install
 2016-05-04 09:52:15 -07:00
Alex Crawford
143eeb2dc2 coreos-base/coreos-init: bump coreos-install 2016-05-04 09:46:42 -07:00
Leno Hou
67dca5d3df eclass/coreos-go: add ppc64 and x86 arch to go_get_arch 
This patch enabled ppc64 and x86 arch detection. i.e. When use go-1.6.2 compiler,
we can build go app on ppc64 and x86 arch.
 2016-05-04 06:21:07 +00:00
Nick Owens
e8e93e6287 Merge pull request #1938 from mischief/sbsigntool-binutils 
app-crypt/sbsigntool: fix dependency on bfd from binutils-libs
 2016-05-03 19:51:22 -07:00
Nick Owens
212f9bc1df Merge pull request #419 from mischief/sbsigntool-deps 
sbsigntool deps
 2016-05-03 18:38:10 -07:00
Nick Owens
d3abe73128 app-crypt/sbsigntool: fix dependency on bfd from binutils-libs 2016-05-03 18:34:34 -07:00
Nick Owens
62d999dc27 bump(sys-libs/binutils-libs): sync with upstream 2016-05-03 18:27:36 -07:00
Nick Owens
2c295e6a95 bump(app-admin/eselect): sync with upstream 2016-05-03 18:27:36 -07:00
Geoff Levand
c053521e37 build_image: Fix image type conditional 
PROD_IMAGE is a flag that indicates a production image should be
built, and will be set for dev builds if the user specifies that
both dev and prod images should be built.  build_image was
incorrectly using the PROD_IMAGE variable to conditionaly do some
setup depending on the image type.

Add a new variable IMAGE_BUILD_TYPE that can be tested for the type
of image currently being built and replace the PROD_IMAGE usage.

Signed-off-by: Geoff Levand <geoff@infradead.org>
 2016-05-03 14:06:14 -07:00
Nick Owens
b08d3f8ded Merge pull request #1936 from mischief/openssl-1032 
openssl 1.0.2h in build-1032
 2016-05-03 12:07:54 -07:00
Michael Marineau
eeae2b17c9 dev-libs/openssl: apply CoreOS changes 2016-05-03 12:06:05 -07:00
Alex Crawford
7cc59c3cd8 dev-libs/openssl: bump to 1.0.2h 2016-05-03 12:06:05 -07:00
Alex Crawford
3871e2234a Merge pull request #1933 from crawford/openssl 
dev-libs/openssl: bump to 1.0.2h
 2016-05-03 11:14:33 -07:00
Michael Marineau
f04b56fc75 dev-libs/openssl: apply CoreOS changes 2016-05-03 10:31:18 -07:00
Alex Crawford
3b85977ed2 dev-libs/openssl: bump to 1.0.2h 2016-05-03 09:25:42 -07:00
Michael Marineau
50252177d1 Merge pull request #1932 from marineam/https 
coreos-init: update coreos-install to use HTTPS
 2016-05-02 20:43:45 -07:00
Michael Marineau
0e41fcd02c coreos-init: update coreos-install to use HTTPS 2016-05-02 20:41:00 -07:00
Michael Marineau
67b14a463a coreos-init: fix ebuild name/symlink 
Previous update renamed the live ebuild instead of symlink by mistake.
 2016-05-02 20:41:00 -07:00
Michael Marineau
bfb5618261 Merge pull request #533 from marineam/https 
*: convert assorted download references to https
 2016-05-02 20:24:19 -07:00
Michael Marineau
3ff92f4bc3 bootstrap_sdk: use http instead of https 
Using https gives us a bit of a dep issue, cannot download the sources
required to build ssl support when ssl hasn't been built yet!
 2016-05-02 20:23:30 -07:00
Nick Owens
e9dd14134d Merge pull request #1921 from mischief/rkt-1.5.0 
app-emulation/rkt: v1.5.1
 2016-05-02 20:18:13 -07:00
Michael Marineau
582361b30c catalyst: allow GENTOO_MIRRORS to be passed in through the environment 2016-05-02 20:12:27 -07:00
Michael Marineau
bad34243ef *: convert assorted download references to https 2016-05-02 19:19:06 -07:00
Nick Owens
dc56ae2912 Merge pull request #1906 from mischief/arm64-nfsd 
sys-kernel/coreos-kernel: enable kernel NFSD for arm64
 2016-05-02 18:11:25 -07:00
Matthew Garrett
99b8ff4993 Merge pull request #1930 from mjg59/sssd 
sys-apps/baselayout: Fix argument order to sed
 2016-05-02 18:10:18 -07:00
Matthew Garrett
f56ec1cf49 sys-apps/baselayout: Fix argument order to sed 
I've been doing this for 20 years I'm a trained professional
 2016-05-02 17:56:40 -07:00
Matthew Garrett
92ce4cd200 Merge pull request #1928 from mjg59/sssd 
sys-apps/baselayout: fix arm64 builds
 2016-05-02 16:47:56 -07:00
Matthew Garrett
0e7293eb7f sys-apps/baselayout: fix arm64 builds 
The symlink for nsswitch can't be resolved during build, so use the target
instead.
 2016-05-02 16:31:49 -07:00
Michael Marineau
41adf5e105 Merge pull request #532 from marineam/no-verity-on-arm 
build_image: disable verity on arm64
 2016-05-02 15:02:39 -07:00
Matthew Garrett
5baa1b49ae Merge pull request #1927 from mjg59/sssd 
Sssd
 2016-05-02 14:27:46 -07:00
Matthew Garrett
4845527b9d sys-apps/baselayout: enable sss 
Turn on sss by default in nsswitch.conf
 2016-05-02 14:09:36 -07:00
Matthew Garrett
6c54d01946 sys-auth/pambase: enable sss 
Turn on sss by default in the PAM configuration
 2016-05-02 14:09:36 -07:00
Nick Owens
3829c56da7 Merge pull request #1926 from mischief/accept-jq 
profiles: accept jq ebuild with heap overflow fix
 2016-05-02 14:03:08 -07:00
Nick Owens
2f57d11e0b Merge pull request #415 from mischief/jq 
bump(app-misc/jq): sync with upstream
 2016-05-02 14:02:52 -07:00
Matthew Garrett
2a1dd03ca4 sys-auth/pambase: Sync with upstream ebuild 
We need to ship a modified PAM configuration, so pull this in.
 2016-05-02 13:46:29 -07:00
Nick Owens
176d88b841 profiles: accept jq ebuild with heap overflow fix 2016-05-02 13:44:45 -07:00