mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-04-18 03:52:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,831 Commits 642 Branches 423 Tags
Commit Graph

34831 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Krzesimir Nowak
862ca0164c overlay profiles: Clean up selinux enabling 
Not needed given that we have switched to selinux profile, which
enables selinux USE.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
83d8f655f9 .github: Add newly added policy packages to automation 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
7ed13d9f00 overlay coreos/user-patches: Add symlinks for newly added policy packages 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
18f458a744 sec-policy/selinux-zfs: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b342b6f60a sec-policy/selinux-xfs: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
621ff5e537 sec-policy/selinux-wireguard: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
10cd11e8d7 sec-policy/selinux-virt: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
9c650f91d2 sec-policy/selinux-tcsd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
dca1c34678 sec-policy/selinux-sudo: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
104d4939aa sec-policy/selinux-smartmon: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
f2ffabdb56 sec-policy/selinux-sasl: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
cf4ff86f00 sec-policy/selinux-samba: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
5275b4d396 sec-policy/selinux-rpcbind: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
70a4e9af11 sec-policy/selinux-rpc: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
38be9244bd sec-policy/selinux-quota: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
dcabf69c89 sec-policy/selinux-qemu: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
c097ee9b58 sec-policy/selinux-podman: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
6fb0d1719e sec-policy/selinux-pcscd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
25860828a3 sec-policy/selinux-ntp: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
60b55a477c sec-policy/selinux-mandb: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
5d0507d0ab sec-policy/selinux-makewhatis: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
d50f64d677 sec-policy/selinux-logrotate: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
f4ca50fa4a sec-policy/selinux-loadkeys: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
27e1742668 sec-policy/selinux-ldap: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b667481666 sec-policy/selinux-kerberos: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
6b94a5eefc sec-policy/selinux-kdump: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
0a8d6375dd sec-policy/selinux-gpg: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
8b0d493ade sec-policy/selinux-git: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b404308efe sec-policy/selinux-dracut: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
c781e4253a sec-policy/selinux-docker: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
17f5c182bd sec-policy/selinux-dnsmasq: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4b49bf26a8 sec-policy/selinux-dirmngr: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4574dafb4e sec-policy/selinux-chronyd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
9232dc9884 sec-policy/selinux-cdrecord: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
1ab29a18b4 sec-policy/selinux-brctl: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
86d192284e sec-policy/selinux-bind: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4d2b3f679f sec-policy/selinux-apm: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
fba498d743 sec-policy/selinux-apache: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
1ce1c96b6a overlay profiles: Switch to hardened/selinux/systemd profiles 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
98fc61013a overlay coreos/config, profiles: Drop PKG_INSTALL_MASK 
PKG_INSTALL_MASK is for binary packages like INSTALL_MASK is for
${ROOT} - whatever is added to PKG_INSTALL_MASK will be absent from
binary packages. But we may want to install different content to
different kind of images using the same binary packages. For example,
we may want to install some python selinux scripts to developer
container, but not to production image.

I started adding PKG_INSTALL_MASK before, because of a
misunderstanding - I thought that PKG_INSTALL_MASK is about filtering
files that are installed to ${ROOT} from binary packages. So in
reality, PKG_INSTALL_MASK is really unnecessary.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
320145c21f save logs 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
flatcar-ci
d380460e85 New version: main-4643.0.0-nightly-20260318-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-03-18 21:00:27 +00:00
Mathieu Tortuyaux
49c4b396bb
Merge pull request #3461 from flatcar/tormath1/amd-gpu 2026-03-18 13:39:31 +01:00
Mathieu Tortuyaux
a47141174b
Merge pull request #3842 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-03-18 13:00:11 +01:00
Flatcar Buildbot
3de3d05cf5 Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-03-18 11:24:40 +00:00
James Le Cuirot
8c35db1f29
Merge pull request #3837 from flatcar/chewi/aci-1.4.2 
app-containers/accelerated-container-image: Version bump to 1.4.2
 2026-03-18 11:24:25 +00:00
James Le Cuirot
200cf71083
app-containers/accelerated-container-image: Version bump to 1.4.2 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-03-18 11:23:51 +00:00
Mathieu Tortuyaux
dbbbe7a772
sys-kernel/coreos-firmware: ignore some missing firmware 
It happens that some modules uses `MODULE_FIRMWARE` with a file
not-shipped into 'linux-firmware'.
In such a case, we can safely ignore those.
e.g 'amdgpu/ip_discovery.bin' is not a file shipped by linux-firmware
(see: a79d3709c4)

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-03-17 13:59:11 +01:00
Mathieu Tortuyaux
2c8cce394c
changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-03-17 13:59:11 +01:00
Mathieu Tortuyaux
bcd1492407
sys-kernel/coreos-modules: build AMD GPU as module 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-03-17 13:59:09 +01:00