Compress every kernel module with xz (lzma), to make more free space
in the rootfs.
Before:
```
$ sudo du -s /usr/lib64/modules/$(uname -r)/kernel/
90472 /usr/lib64/modules/5.8.11-flatcar/kernel/
$ df /usr
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/usr 1007760 916024 39720 96% /usr
```
After:
```
$ sudo du -s /usr/lib64/modules/$(uname -r)/kernel/
26908 /usr/lib64/modules/5.8.11-flatcar/kernel/
$ df /usr
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/usr 1007760 845468 110276 89% /usr
```
The use flag enables building audisp, auditd, aureport, ausearch and
probably some other tools. Not sure what's the reason for adding such
a use flag other than disabling the build of the binaries. The daemon
use flag is nowhere set, so these things are not built by default.
The ebuild is in the portage-stable repository but we need this patch in
coreos-overlay to avoid this error:
> The following keyword changes are necessary to proceed:
> (see "package.accept_keywords" in the portage(5) man page for more details)
> # required by sys-apps/systemd-245-r3::coreos[seccomp]
> # required by app-misc/ca-certificates-3.27.1-r1::coreos
> # required by dev-libs/openssl-1.1.1g::coreos
> # required by net-misc/rsync-3.2.3::portage-stable[-libressl,ssl,-static]
> # required by sys-apps/portage-2.3.40-r1::coreos[-build]
> # required by app-admin/perl-cleaner-2.27::portage-stable
> # required by dev-lang/perl-5.26.2::portage-stable
> # required by sys-apps/help2man-1.45.1::portage-stable
> # required by sys-devel/automake-1.16.1-r1::portage-stable
> # required by dev-libs/libxml2-2.9.8::portage-stable
> # required by x11-misc/shared-mime-info-1.4::portage-stable
> # required by dev-libs/gobject-introspection-1.40.0-r1::portage-stable
> # required by sys-auth/polkit-0.113-r5::coreos[introspection]
> =sys-libs/libseccomp-2.5.0 ~amd64
The savedconfig feature reads and, if not set, generates a file under
/etc/portage/savedconfig/ to source a build configuration. We probably
don't want this and specially not on the final image, therefore,
disable reading and also don't write the file to the final image.
These normally would be pulled by systemdctl enable when enabling
systemd-networkd.service, because they are used in Also= options. In
such case, we need to pull them ourselves, so they can be enabled in
/usr, not in /etc.
We are installing systemd from scratch in the image, so there are no
previously enabled units to enable or reenable after
installation. Also, this code would enable the services in /etc, which
we don't want, because /etc is not autoupdated, so the enabled
services could end up still being disabled after the update.
At installation time, we usually want to enable services through
/lib. This change will stop making the installation to put symlinks
for getty in /etc, since we already do it in /lib.
Since v242, this unit is not enabled by default. Currently the
recommended way of initial enablement of the important units is
through `systemctl preset-all` with the preset file from systemd. We
don't want to do it, because this action creates symlinks in /etc, so
we enable those services ourselves by putting the symlinks in /lib.
Since sqlite 3.32 or newer requires dev-lang/tcl to be available in
the Flatcar SDK by default, we should add dev-lang/tcl in the dependency
list of SDK.
Update srctree path to correctly populate the Makefile for sandbox
environments. The patch is to adjusted for 5.x kernels
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
The build for arm64 currently fails because it tries to build the
oslogin package but the package is marked as amd64-only.
Exclude the oslogin package from arm64 images.
