mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 15:31:05 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,050 Commits 616 Branches 394 Tags
Commit Graph

4008 Commits

Author SHA1 Message Date
Matthew Garrett
50f4b6a49e app-emu/runc: enable selinux 
runc needs to have selinux enabled for docker to be confined.
 2016-11-29 13:28:24 -08:00
David Michael
fce6deecff profiles: fix GLSA 201611-17 (rpcbind) on arm64 2016-11-23 11:09:10 -08:00
David Michael
32fc376cdd profiles: fix GLSA 201611-01 (unzip) on arm64 2016-11-22 11:59:15 -08:00
Nick Owens
7b18191cbb net-misc/ntp: bump to 4.2.8p9 
the dropped patch was merged into 4.2.8p9 and the manual pages are
dropped because they were not available on the given mirror.
 2016-11-21 09:41:53 -08:00
Geoff Levand
2e92b3b6ac spidermonkey: Update arm64 48 bit VA fix 
An updated fix for the arm64 48 bit VA problem that
causes polkit to crash on arm64.

Fixes arm64 runtime problems like these:

  polkitd: unhandled level 3 translation fault (11)

  systemd[1]: polkit.service: Main process exited, code=killed, status=11/SEGV
  systemd[1]: Failed to start Authorization Manager.
  systemd[1]: polkit.service: Unit entered failed state.

Signed-off-by: Geoff Levand <geoff@infradead.org>
 2016-11-18 11:12:19 -08:00
Alex Crawford
a56e9393fd sys-apps/systemd: bump to include backports 2016-11-16 14:47:44 -08:00
Alex Crawford
31c56b1891 Merge pull request #2272 from lucab/to-upstream/env-bash-getcwd-malloc 
coreos/config/env: fix bash cross-compilation
 2016-11-16 14:42:11 -08:00
Alex Crawford
58a35133a1 Merge pull request #2275 from crawford/flannel 
app-admin/flannel-wrapper: use oneshot for opts
 2016-11-16 14:24:11 -08:00
Alex Crawford
0a5f6f0afb app-admin/flannel-wrapper: use oneshot for opts 
docker.service shouldn't be allowed to run until
flannel-docker-opts.service _finishes_ (since it is actually writing the
flags for Docker).
 2016-11-16 11:57:23 -08:00
Alex Crawford
28a1d0fe88 profiles: enable seccomp support in docker 2016-11-16 11:17:09 -08:00
Alex Crawford
8517d24bad app-emulation/docker: disable optimizations 
With optimizations enabled, seccomp fails to compile with errors like:

  error: enumerator value for '__cgo_enum__0' is not an integer constant

This is due to https://github.com/golang/go/issues/14669.
 2016-11-16 11:11:37 -08:00
Luca Bruno
e23d709cf0 app-shells/bash: bump to 4.3_p46-r2 2016-11-16 17:59:10 +00:00
Luca Bruno
4b4666963b coreos/config/env: fix bash cross-compilation 
When cross-compiling bash, configure script is not able to tell
if `getcwd()` supports dynamic paths (internally malloc-ed buf),
thus defaulting to an internal version which may break in
overlong scenarios.

glibc supports this mode, so this commit turns on the corresponding
bash feature.
 2016-11-13 18:00:16 +00:00
Alex Crawford
f164555111 coreos-base/coreos-metadata: bump to v0.6.2 2016-11-09 11:35:19 -08:00
David Michael
6b331149df profiles: use the same smartmontools version on arm64 2016-11-08 17:33:10 -08:00
Alex Crawford
c8bd1f4d11 *: remove coreos-doc 
This functionality was never actually used.
 2016-11-04 15:18:01 -07:00
Dmitry Chepurovskiy
e0ccea9271 sys-kernel/coreos-modules: add support for asix usb 2016-11-05 00:05:57 +03:00
Alex Crawford
8caf9f9f7c profiles: accept ~arm64 for curl 2016-11-02 16:55:45 -07:00
Nick Owens
fef558683d Merge pull request #2233 from mischief/go-1.7.2 
dev-lang/go: bump to 1.7.3
 2016-11-02 14:54:07 -07:00
Nick Owens
41bf215f90 Merge pull request #2264 from mischief/rkt-1.18 
app-emulation/rkt: bump to v1.18.0
 2016-11-02 14:53:54 -07:00
Nick Owens
24ceb4c963 app-emulation/rkt: bump to v1.18.0 2016-11-02 14:51:30 -07:00
Alex Crawford
afe7028573 app-emulation/docker: bump to v1.12.3 2016-11-01 16:59:32 -07:00
Alex Crawford
d40c30335c coreos-base/coreos-metadata: bump to v0.6.1 2016-11-01 16:33:38 -07:00
Nick Owens
b904f4ead8 sys-kernel/coreos-{sources,modules,kernel}: bump to v4.8.6 2016-11-01 14:24:17 -07:00
Nick Owens
cf658d7be7 sys-auth/sssd: move config permissions into tmpfiles 
since tmpfiles is copying the example config to /etc, it should also set
the right permissions.
 2016-10-31 11:06:50 -07:00
Joe Bowers
2a9276f90b coreos-devel/sdk-depends: require kola-data (for old docker client test) 2016-10-28 12:07:55 -07:00
Joe Bowers
ba406a810e coreos-devel/kola-data: support data for testing with old docker 2016-10-28 11:51:02 -07:00
Alex Crawford
db803a5ac1 sys-kernel/coreos-kernel: bump to v4.8.4 2016-10-27 10:55:14 -07:00
Alex Crawford
bcca9ace87 sys-kernel/coreos-modules: bump to v4.8.4 2016-10-27 10:55:14 -07:00
Alex Crawford
cff9f0be8f sys-kernel/coreos-sources: bump to v4.8.4 2016-10-27 10:55:14 -07:00
Michael Marineau
ed4545f65f update_engine: bump to 0.4.1 2016-10-26 16:47:55 -07:00
Michael Marineau
9338a95ffa Merge pull request #2242 from marineam/grub 
Grub update for TPM and Xen issues
 2016-10-25 12:40:55 -07:00
Alex Crawford
53427343ff dev-libs/openssl: apply CoreOS changes 2016-10-25 12:16:34 -07:00
Alex Crawford
7f80e66a95 dev-libs/openssl: bump to 1.0.2j 
Addresses CVE-2016-8610.
 2016-10-25 12:16:34 -07:00
David Michael
8294692dc8 coreos-base/oem-gce: change some host bind mounts 
This drops two mounts that are not needed anymore, since the ACI is
built with emerge and gets those data dependencies now.  It adds a
new mount for home directories to be created.

Two existing mounts remain: one for /etc, and one for /run/systemd
so the /dev/log link works.
 2016-10-20 16:19:44 -07:00
Joe Bowers
0de4f04368 app-emulation/{containerd,docker}: separately managed containerd unit 2016-10-20 12:51:38 -07:00
Michael Marineau
46dc51a06a sys-boot/grub: update, fixes TPM errors and verity on Xen 2016-10-19 21:06:46 -07:00
Michael Marineau
d871860850 sys-boot/grub: remove old dependency on xen-tools 
These days GRUB bundles the Xen headers but I missed the change.
 2016-10-19 21:06:30 -07:00
Alex Crawford
e92aa0a2b1 Revert "dev-lang/spidermonkey: Better fix for CONFIG_ARM64_VA_BITS_48" 2016-10-19 17:25:18 -07:00
Alex Crawford
02bf4f9ba2 Merge pull request #2237 from crawford/kernel 
sys-kernel/coreos-*: bump to 4.8.2
 2016-10-19 14:14:19 -07:00
Alex Crawford
7fbd6afb5a Merge pull request #2239 from crawford/digitalocean 
coreos-base/oem-digitalocean: use ignition
 2016-10-19 14:07:19 -07:00
Nick Owens
9cee1b6a98 dev-lang/go: bump to 1.7.3 2016-10-19 13:13:51 -07:00
Alex Crawford
5fde07a903 sys-apps/systemd: include zero-length dbus fix 2016-10-19 13:03:45 -07:00
Alex Crawford
c3c77b2197 sys-kernel/coreos-kernel: bump to 4.8.2 2016-10-19 10:20:50 -07:00
Alex Crawford
da87e72d71 sys-kernel/coreos-modules: bump to 4.8.2 2016-10-19 10:20:50 -07:00
Alex Crawford
2035a9daf9 sys-kernel/coreos-sources: bump to 4.8.2 2016-10-19 10:17:43 -07:00
Alex Crawford
e5abdd41cd coreos-base/oem-digitalocean: use ignition 
This relies on Ignition to do the provisioning instead of
coreos-cloudinit.
 2016-10-19 09:11:30 -07:00
Nick Owens
ee82a4a156 app-admin/locksmith: bump to v0.4.2 2016-10-18 18:37:57 -07:00
David Michael
f4f9107cae app-emulation/google-compute-engine: use a config template 
The configuration template needs to be written by the service
itself in the current setup.  The host's /etc is mounted into the
ACI to provide all of the user's system configuration and to allow
the GCE scripts to make their modifications, so the template can't
be included in the ACI.  It can't be written to the host's /etc
either, since it is read-only in the SDK when OEM packages are
being installed.
 2016-10-18 18:06:27 -07:00
David Michael
517455f35e profiles: don't mask packages for the oem-aci sub-profile 
The build complains about the wildcard masks, even though they are
explicitly listed as valid in portage(5).  Just remove them, since
the type of packages that go into containers don't tend to depend
on boot packages anyway.
 2016-10-18 18:06:25 -07:00