mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-20 05:51:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,345 Commits 626 Branches 394 Tags
Commit Graph

1887 Commits

Author SHA1 Message Date
Michael Marineau
6cd01aa6f0 Merge pull request #906 from carmstrong/enable_cephfs 
coreos-kernel: enable Ceph FS
 2014-10-13 16:03:23 -07:00
Michael Marineau
1ca106674c Merge pull request #916 from marineam/nokexec 
update_engine: support disabling kexec on any platform
 2014-10-13 11:08:14 -07:00
Michael Marineau
75d48882cc update_engine: support disabling kexec on any platform 2014-10-12 22:44:15 -07:00
Alex Crawford
49cdf03f1c Merge pull request #911 from crawford/waagent 
azure: update wa-linux-agent
 2014-10-12 22:19:39 -07:00
Alex Crawford
bc23d8fcc5 coreos-base/coreos-cloudinit: bump to v0.10.6 2014-10-12 22:01:53 -07:00
Alex Crawford
5482bcac59 coreos-base/oem-azure: use cloud-init --oem flag 2014-10-11 09:21:31 -07:00
Alex Crawford
47fdbb3507 app-emulation/wa-linux-agent: bump agent and allow config of 'core' 
Patches have been merged upstream. Add a special case for 'core' user, allowing
the agent to configure it.
 2014-10-10 18:28:19 -07:00
Vito Caputo
7ce8b2a90c locksmith: Stop leaking dbus.Conn in etcdActive 
Fixes ooms in locksmithd.
 2014-10-10 15:59:37 -04:00
Chris Armstrong
facc50b43e coreos-kernel: enable Ceph FS 2014-10-10 10:36:18 -06:00
Michael Marineau
d152564ef6 Merge pull request #908 from brianredbeard/mmc-sd-driver 
coreos-kernel: Adding MMC/SDHCI drivers
 2014-10-09 12:22:39 -07:00
Brian 'Redbeard' Harrington
55dc54d040 coreos-kernel: Adding MMC/SDHCI drivers 
Adding the generic MMC driver as well as the corresponding SDCHI
components.  This will allow access for hardware which utilizes
MMC, SD, & SDHCI devices often used in embedded systems and for
emergency recovery partitions.
 2014-10-09 11:54:59 -07:00
Michael Marineau
392869e36d open-vm-tools: fix build-time dependencies 
Although we don't want glib and procps to be in the runtime dependencies
due to the way OEM packages are handled we still want them included as
build-time dependencies so compilation is actually successful. :)
 2014-10-08 21:01:15 -07:00
Michael Marineau
a1e3d135d3 oem-vmware: Add VMware OEM package, uses open-vm-tools 
Originally contributed by Camilo Aguilar <camilo.aguilar@gmail.com>
 2014-10-08 16:55:45 -07:00
Camilo Aguilar
54b9e0d1fc board-packages: build open-vm-tools binary packages. 2014-10-08 16:55:45 -07:00
Michael Marineau
bc607bf760 app-emulation/open-vm-tools: Add open-vm-tools 
Stripped down open-vm-tools ebuild for installing to /usr/share/oem

Based on efforts by:
    Camilo Aguilar <camilo.aguilar@gmail.com>
    Alex Crawford <alex.crawford@coreos.com>
 2014-10-08 16:55:45 -07:00
Michael Marineau
7d12a92f1b dev-libs/libdnet: simplify further, remove python support 2014-10-08 11:19:26 -07:00
Camilo Aguilar
4bf552bfd5 dev-libs/libdnet: customize libdnet ebuild for OEM 
Dependency required by open-vm-tools.
 2014-10-08 11:13:14 -07:00
Alex Crawford
0fcf7604a7 Merge pull request #899 from crawford/azure 
azure: Add support for Azure
 2014-10-06 15:44:55 -07:00
Alex Crawford
c622ae2bf7 coreos-base/oem-azure: add wa-linux-agent to oem 2014-10-06 14:20:55 -07:00
Alex Crawford
928c7158a7 app-emulation/wa-linux-agent: add initial WALinuxAgent 2014-10-05 16:23:53 -07:00
Michael Marineau
95a52eb4ed Merge pull request #904 from marineam/vmware-dhcp 
coreos-init: enable DHCP broadcast flag on VMware
 2014-10-03 15:17:13 -07:00
Alex Crawford
a05582634d dev-lang/python-oem: add support for /etc/os-release 
Pulled upstream patch from http://bugs.python.org/issue17762.
 2014-10-03 14:22:23 -07:00
Michael Marineau
ec72d7fc7c coreos-init: enable DHCP broadcast flag on VMware 
Fixes https://github.com/coreos/bugs/issues/12 for good this time.
 2014-10-03 12:20:41 -07:00
Michael Marineau
5ab02e5b4c Merge pull request #900 from abuchanan920/network-config-fix 
Fixes issue of vagrant not assigned requested IP address.
 2014-10-02 22:02:24 -07:00
Brian Waldon
1c7a9b246c fleet: bump to v0.8.3 2014-10-02 14:17:59 -07:00
Andrew W. Buchanan
110fcd0eda Fixes issue of vagrant not assigned requested IP address. This was due to the switchover of the network interfaces to ethX format. 2014-10-02 15:35:23 -04:00
Michael Marineau
38324a9191 verity: prune old broken package from ChromeOS 
When we add verity support we will be relying on generic packages such
as cryptsetup instead of whatever unknown bits are in this code base. It
has stopped building and I thought I removed it ages ago. Oops.
 2014-10-01 12:28:57 -07:00
Alex Crawford
0b026a8b2a Merge pull request #888 from crawford/cloudinit 
coreos-base/coreos-cloudinit: bump to v0.10.5
 2014-10-01 11:23:32 -07:00
Michael Marineau
ef40f66532 Merge pull request #894 from marineam/fleet 
fleet: prune old version
 2014-10-01 11:12:06 -07:00
Michael Marineau
248be1c964 Merge pull request #893 from marineam/bash50 
bash: fix CVE-2014-7186 and CVE-2014-7187
 2014-10-01 11:11:51 -07:00
Michael Marineau
d6a114ac27 fleet: prune old version 2014-10-01 11:08:43 -07:00
Michael Marineau
a87f75aa8d bash: fix CVE-2014-7186 and CVE-2014-7187 
Sync up with upstream gentoo, pulling in the final version of the patch
for these issues. This is functionally equivalent to 4.2_p51 but
upstream hasn't officially announced that version yet it seems.
 2014-10-01 10:43:45 -07:00
Brian Waldon
7070a34371 fleet: bump to v0.8.2 2014-09-30 14:33:39 -07:00
Michael Marineau
9eaacc58c6 bash: function export hardening patch 
Another day another bash version bump. This is the final version of the
patch to add a special prefix and suffix to exported functions in the
environment, preventing bugs similar to the previous two from becoming
remotely exploitable.

http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00279.html

There still remain two less significant memory-access issues, dubbed
CVE-2014-7186 and CVE-2014-7187. So expect another bump soon.
http://www.openwall.com/lists/oss-security/2014/09/25/32
 2014-09-28 20:10:36 -07:00
Alex Crawford
2ccea0734c coreos-base/coreos-cloudinit: bump to v0.10.5 2014-09-28 09:37:53 -07:00
Vito Caputo
2a1aa70606 Merge pull request #887 from vcaputo/nohpnssh 
Disable "high performance ssh" openssh patch Gentoo includes
 2014-09-26 14:59:34 -07:00
Vito Caputo
21cd882a03 Disable "high performance ssh" openssh patch Gentoo includes 
Prioritizing security and stability over performance in SSH, omitting
this kind of patch is generally more consistent with our objectives.

Visibly this removes "-hpn14v4" from the OpenSSH protocol banner:
SSH-2.0-OpenSSH_6.6p1-hpn14v4

Discussion: https://github.com/coreos/bugs/issues/149
 2014-09-26 15:18:20 -04:00
Michael Marineau
85a218d3a1 Merge pull request #886 from marineam/gsutil 
gsutil: upgrade to 4.6, switch to using upstream ebuilds
 2014-09-26 12:12:36 -07:00
Michael Marineau
b72b7dc94d gsutil: upgrade to 4.6, switch to using upstream ebuilds 2014-09-25 22:17:10 -07:00
Michael Marineau
5cf6b403b3 go: update to go 1.3.2 2014-09-25 20:05:57 -07:00
Michael Marineau
fe831fce74 bash: fix CVE-2014-7169 
http://www.openwall.com/lists/oss-security/2014/09/26/1
 2014-09-25 18:58:28 -07:00
Michael Marineau
cc17c350cd coreos-init: re-enable motdgen 
Pull in https://github.com/coreos/init/pull/133
Fixes https://github.com/coreos/bugs/issues/145
 2014-09-25 17:02:26 -07:00
Michael Marineau
d7f17be6cd Merge pull request #879 from marineam/etc 
profiles: trim more config files from /etc
 2014-09-25 16:55:37 -07:00
Michael Marineau
afe2048e20 profiles: trim more config files from /etc 
Some of these were deleted by build_image, others were still being
shipped but aren't really needed.

The big question mark is LVM, it isn't clear if LVM's default behavior
is actually sane or if the configs are needed to make it sane. Either
way we were already removing this, but something to note in case issues
crop up eventually.
 2014-09-25 16:11:57 -07:00
Michael Marineau
96a4cafe23 Merge pull request #878 from marineam/bash 
bash: disable extra performance patches and networking support
 2014-09-25 15:31:13 -07:00
Michael Marineau
7a2cfade6f bash: disable extra performance patches and networking support 
Killing the performance patch was suggested by @vcaputo and I think we
can go without networking support as well.
 2014-09-25 15:05:40 -07:00
Michael Marineau
7d654662b9 Merge pull request #877 from marineam/bash 
bash: sync up with latest version in Gentoo
 2014-09-25 14:02:19 -07:00
Michael Marineau
028dadfb13 bash: sync up with latest version in Gentoo 
This fixes another piece of the mess but the story isn't over yet.

http://www.openwall.com/lists/oss-security/2014/09/25/10
https://bugs.gentoo.org/show_bug.cgi?id=523592
 2014-09-25 13:35:16 -07:00
Alex Crawford
9fb5e1779d Merge pull request #850 from crawford/flags 
oems: use --oem flag when running cloudinit
 2014-09-24 19:17:18 -07:00
Michael Marineau
179619b008 coreos-init: disable downloading images over ipv6 in coreos-install 
Some users are unable to fetch images over IPv6, use IPv4 only until we
sort out what is wrong with Google storage.
 2014-09-24 15:58:00 -07:00