mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-24 16:01:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,516 Commits 616 Branches 394 Tags
Commit Graph

3580 Commits

Author SHA1 Message Date
Matthew Garrett
6168fb17cd sec-policy/selinux-virt: Fix build 
Fix a typo that broke the build
 2016-06-13 15:32:03 -07:00
Matthew Garrett
e7a2a92b66 sec-policy/selinux-virt: Grant more permissions on chr_files 
apt seems to use character device nodes for a couple of things, so give the full set
of permissions for them when operating in the container's own context.
 2016-06-01 14:13:11 -07:00
Alex Crawford
ea43677d10 Merge pull request #1992 from ajeddeloh/andrew 
sys-fs/e2fsprogs: Moving to overlay with patch
 2016-06-01 10:23:33 -07:00
Nick Owens
79696c3611 Merge pull request #1993 from mischief/kernel-thunder 
arm64 thunderx kernel updates
 2016-05-31 12:40:25 -07:00
Nick Owens
7db26d65c7 app-emulation/rkt: v1.7.0 2016-05-31 08:13:34 -07:00
Nick Owens
3ec60a5790 sys-kernel/coreos-kernel: merge arm64 changes from cavium for thunderx 2016-05-27 14:35:53 -07:00
Nick Owens
fbbfd180b4 sys-kernel/coreos-kernel: enable EXPERT for arm64 2016-05-27 14:35:53 -07:00
Andrew Jeddeloh
e97fde03b8 sys-fs/e2fsprogs: protect existing filesystems 
Add -p flag to prevent mke2fs from overwriting exisiting filesystems
when run from a script.
 2016-05-27 08:56:47 -07:00
Andrew Jeddeloh
baecad72bc sys-fs/e2fsprogs: Trim unneeded files 2016-05-26 17:36:21 -07:00
Andrew Jeddeloh
eafd56358c sys-fs/e2fsprogs: Move from portage_stable 2016-05-26 17:32:36 -07:00
Matthew Garrett
6dc592af52 sec-policy/selinux-virt: Allow setattr on devpts ptys and grant pipefs access 
Policy was blocking the modification of attributes on devpts ptys, making it
impossible to enter a rkt container interactively. Fix that. In addition,
pipefs access is being blocked which makes Docker unhappy. Fix that too.
 2016-05-23 16:17:42 -07:00
Alex Crawford
148dad4459 Revert "app-emulation/docker: remove new TasksMax limit" 
This reverts commit 345ee26b28a12e8866fa64a5ef7fb80c55cf656b.
 2016-05-23 14:15:29 -07:00
Michael Marineau
c2b2e46f41 update_engine: enable build for arm64 2016-05-20 12:24:19 -07:00
Michael Marineau
8db2df9a69 Merge pull request #1979 from marineam/update-protobuf 
profiles: update protobuf from 1.5 to 1.6
 2016-05-20 12:21:24 -07:00
Michael Marineau
09e7641967 mantle: update to 0.1.5 2016-05-19 10:49:04 -07:00
Nick Owens
c23c9824fe profiles: fix e2fsprogs category botch 2016-05-19 10:33:58 -07:00
Nick Owens
131ae640de profiles: accept newer e2fsprogs to sync with e2fsprogs-libs 2016-05-19 10:11:02 -07:00
Alex Crawford
81287a2716 profiles: accept ~arm64 for e2fsprogs 2016-05-19 09:53:33 -07:00
Alex Crawford
764c089690 Merge pull request #1977 from crawford/ignition 
sys-apps/ignition: bump to v0.6.0
 2016-05-18 17:19:54 -07:00
Alex Crawford
0519456d98 Merge pull request #1976 from crawford/cloudinit 
coreos-base/coreos-cloudinit: bump to v1.11.0
 2016-05-18 17:19:49 -07:00
Alex Crawford
40b69e1113 sys-apps/ignition: bump to v0.6.0 2016-05-18 17:16:44 -07:00
Alex Crawford
aab6171fe7 Merge pull request #1955 from crawford/ignition 
coreos-base/oem-gce: remove legacy scripts
 2016-05-18 17:15:55 -07:00
Alex Crawford
569f038f1f coreos-base/coreos-cloudinit: bump to v1.11.0 2016-05-18 17:11:35 -07:00
Michael Marineau
3660e2edce profiles: stop disabling SHA512 password hashes in PAM 
Likely inherited from ChromeOS but even for them it is a completely
ridiculous flag to disable. We had SHA512 enabled pre-PAM since shadow
does not have this use flag so this restores previous behavior.
 2016-05-18 16:07:07 -07:00
Alex Crawford
b966515b82 coreos-base/oem-gce: remove legacy scripts 
Provisioning will be handled by Ignition and coreos-metadata instead.
 2016-05-18 14:59:39 -07:00
Michael Marineau
82f983f394 coreos-init: update gpg key in coreos-install 2016-05-18 14:52:11 -07:00
Alex Crawford
1ee0a6097c Merge pull request #1953 from crawford/google-compute-daemon 
app-emulation/google-compute-daemon: bump to 1.3.2
 2016-05-18 14:37:08 -07:00
Nick Owens
6ca8d8f064 Merge pull request #1967 from mischief/linux-4.6 
Linux 4.6
 2016-05-18 13:40:37 -07:00
Matthew Garrett
38b0befb11 Merge pull request #1965 from mjg59/pam_fix 
sys-auth/pambase: Fall back to pam_deny in auth
 2016-05-18 13:37:04 -07:00
Michael Marineau
c3b32ec05a Merge pull request #1972 from marineam/drop-protobuf-c 
hard-host-depends: remove protobuf-c, nothing uses it
 2016-05-18 11:14:51 -07:00
Michael Marineau
06b424a5a2 Merge pull request #1971 from marineam/update_engine 
update_engine: update live ebuild for current master
 2016-05-18 11:14:11 -07:00
Michael Marineau
8fbd548a87 rkt: add rkt-admin group, has access to /etc/rkt 2016-05-18 06:38:10 -07:00
Michael Marineau
815193f7ba profiles: update protobuf from 1.5 to 1.6 
The newer version is needed for arm64, and need the same version across
all architectures because the build host and target's version must match.
 2016-05-17 23:31:17 -07:00
Michael Marineau
f53b3ffc81 update_engine: add slot dependency for protobuf 
Ensures that update_engine will get rebuilt when protobuf is upgraded.
 2016-05-17 23:21:41 -07:00
Michael Marineau
5db17fb04d hard-host-depends: remove protobuf-c, nothing uses it 2016-05-17 23:01:56 -07:00
Michael Marineau
4292c9852f update_engine: update live ebuild, adding glog and removing libchrome 2016-05-17 22:04:48 -07:00
Michael Marineau
1f96cbc36d update_engine: split live and current stable ebuilds 
Live ebuild needs different dependencies.

Drop invalid arm64 stable keyword, the old revision of update_engine
doesn't build on arm64. It is in package.provided instead.
 2016-05-17 22:04:43 -07:00
Matthew Garrett
39745a7076 coreos-base/coreos-dev: remove dhcp 
New versions of dhcp are difficult to cross build and we don't need it
anyway
 2016-05-17 16:41:58 -07:00
Nick Owens
5ed74b61d7 app-emulation/rkt: v1.6.0 2016-05-16 15:26:23 -07:00
Nick Owens
3a95c8f18d sys-kernel/coreos-firmware: update to 20160331 2016-05-16 14:55:02 -07:00
Nick Owens
276a7f6d67 sys-kernel/coreos-{sources,kernel}: update to 4.6 2016-05-16 14:55:01 -07:00
Alex Crawford
80d7aed53d app-emulation/google-startup-script: bump to 1.3.2 2016-05-16 14:50:17 -07:00
Alex Crawford
12509babed app-emulation/google-compute-daemon: bump to 1.3.2 2016-05-16 14:50:17 -07:00
Matthew Garrett
a25497dce5 coreos-devel/mantle: Verify that unauthenticated users can't access CoreOS 
Include a test to ensure that users without valid authentication tokens are
unable to log into CoreOS
 2016-05-16 13:36:03 -07:00
Matthew Garrett
3ba6985d62 sys-apps/baselayout: Remove login shell for operator user 2016-05-16 13:36:03 -07:00
Matthew Garrett
3865f77ecd sys-auth/pambase: Fall back to pam_deny in auth 
Setting pam_unix and pam_sss to sufficient means that if both fail,
control will be passed to the following pam module. If this is
pam_permit then permission will be granted even if the previous modules
failed. Switch to pam_deny and require it rather than permitting it to
be optional - if sss or unix succeed, we'll jump out before we get to
this point.
 2016-05-15 21:12:57 -07:00
Nick Owens
4a94f04736 Merge pull request #1961 from mischief/linux-4.5.4 
sys-kernel/coreos-{sources,kernel}: update to 4.5.4
 2016-05-14 13:32:33 -07:00
Nick Owens
948af5c88b sys-kernel/coreos-{sources,kernel}: update to 4.5.4 2016-05-13 15:46:54 -07:00
Nick Owens
6b014521c4 sys-apps/systemd: bump to include DefaultTasksMax fix 2016-05-13 15:21:13 -07:00
Nick Owens
ee3d88085f Merge pull request #1958 from mischief/fix-rkt-stage1 
app-emulation/rkt: use CoreOS alpha 1010.1.0 without PAM
 2016-05-13 10:41:58 -07:00