mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 07:21:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,893 Commits 616 Branches 394 Tags
Commit Graph

14983 Commits

Author SHA1 Message Date
Dongsu Park
fad4ba41b8 net-fs/nfs-utils: update to 2.5.4-r3 
Update net-fs/nfs-utils to 2.5.4-r3, as needed by gcc 10.
Without that update, build fails like:

```
/usr/libexec/gcc/x86_64-cros-linux-gnu/ld:
../../support/export/libexport.a(xtab.o):.../support/export/xtab.c:32:
multiple definition of `v4root_needed';
mountd-v4root.o:.../utils/mountd/v4root.c:31: first defined here
```
 2022-02-10 16:57:25 +01:00
Dongsu Park
7d24586b46 profiles: Update versions of iasl, kexec-tools 
Update sys-power/iasl to 20200326 for arm64.
Update sys-apps/kexec-tools to 2.0.22 for arm64.
 2022-02-10 16:57:25 +01:00
Dongsu Park
157d83ebae profiles: remove mask for gcc-config 2 
As we need to update gcc-config to 2.5, we have to remove the old
mask that prevents gcc-config 2 from being installed.
 2022-02-10 16:57:25 +01:00
Kai Lueke
98d2469b60 coreos-base/update_engine: fix flatcar-postinst migration notice 
This pulls in
https://github.com/flatcar-linux/update_engine/pull/16
to fix a small template error in the cgroup v2 migration notice.
 2022-02-10 13:31:17 +01:00
Jeremi Piotrowski
648e129aab changelog: add entry for AWS ARM64 console fix 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-10 13:30:48 +01:00
Mathieu Tortuyaux
0c2a064bfb Merge pull request #1635 from flatcar-linux/tormath1/vim 
profiles/base: stabilize vim
 2022-02-10 11:38:30 +01:00
Mathieu Tortuyaux
323fb5823c changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-10 11:37:26 +01:00
Mathieu Tortuyaux
4f4137b33d profiles/base: stabilize vim 
this is required to pull recent versions of vim which fix CVEs.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-09 18:02:47 +01:00
Flatcar Buildbot
1bd580a3d6 sys-kernel: Upgrade Kernel 5.15.19 to 5.15.22 2022-02-09 16:39:45 +00:00
Jeremi Piotrowski
d30359a806 coreos-base/oem-ec2-compat: specify correct console on arm64 
The default arm64 console (console=ttyAMA0) that is set by grub is wrong for
EC2 arm64, so fix the value and enable earlycon.
 2022-02-09 17:26:11 +01:00
Mathieu Tortuyaux
242a40fff4 app-editors/vim: sync with ::gentoo 
Commit-Ref: 9357669bbfba8bd5aa643b98a563996af6ed9846

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-09 17:24:00 +01:00
Mathieu Tortuyaux
0bbf380788 app-editors/vim-core: sync with ::gentoo 
Commit-Ref: 9357669bbfba8bd5aa643b98a563996af6ed9846

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-09 17:23:46 +01:00
Jeremi Piotrowski
a76eccc6c4 changelog: add entry for WALinuxAgent 2022-02-09 11:15:23 +00:00
Jeremi Piotrowski
9ce9b93e2a coreos-base/oem-azure(-pro): inject empty eject binary into waagent PATH 
Waagent ejects the provisioning dvd, but this causes the /dev/sr0 drive
to be in a state where util-linux probing it causes the kernel to spam
"unaligned transfer" messages. This is fixed in util-linux main branch,
but it will be a while until this is released.

Create a symlink from 'eject' to '/bin/true' and modify the unit's PATH
environment variable so that this symlink is found before the eject
binary.

Additionally I added the oem python directory to PATH, so that waagent
can be start directly. This should be enough so that messages from
waagent in the journal are prefixed with 'waagent' and not 'python'.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-09 11:13:32 +00:00
Jeremi Piotrowski
c312e54e3e app-emulation/wa-linux-agent: update to v2.6.0.2 
v2.6.0.2 is the latest released version and contains the upstreamed
Flatcar support.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-09 10:27:11 +00:00
flatcar-ci
1049e54af8
New major release: 3139.0.0 2022-02-09 15:40:21 +05:30
Kai Lueke
e89bb5652c sys-apps/systemd: add downstream patch to disable foreign route mgmt 
This new downstream patch disables the ManageForeignRoutes and
ManageForeignRoutingPolicyRules systemd-netword settings by default to
ensure that CNIs don't get their routes or routing policy rules
discarded on network reconfiguration events.

https://github.com/flatcar-linux/Flatcar/issues/620
 2022-02-07 17:56:54 +01:00
Flatcar Buildbot
d10829cf5f app-misc: Upgrade ca-certificates 3.74 to 3.75 2022-02-07 07:21:43 +00:00
Sayan Chowdhury
563b295ed7 Merge pull request #1610 from flatcar-linux/linux-5.15.19-main 
Upgrade Linux Kernel in main from 5.15.18 to 5.15.19
 2022-02-03 13:17:14 +05:30
Krzesimir Nowak
b3d8b009cc sys-process/tini: Drop duplicated package 2022-02-02 19:38:00 +01:00
Krzesimir Nowak
62967db6fd app-crypt/sbsigntools: Drop duplicated package 2022-02-02 19:37:42 +01:00
Mathieu Tortuyaux
fcd640e6f0 dev-libs/cyrus-sasl: apply flatcar patches 
- remove unecessary ebuild
- apply cross compiling patch

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-02 13:43:03 +01:00
Flatcar Buildbot
6229b0f4d2 sys-kernel: Upgrade Kernel 5.15.18 to 5.15.19 2022-02-02 07:22:08 +00:00
Mathieu Tortuyaux
7727932905 dev-libs/cyrus-sasl: sync with ::gentoo 
Commit-Ref: c64e42b0da7ce4c4189c8868ce0a5170f044468f

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 16:37:03 +01:00
Mathieu Tortuyaux
58cfec0d2b Merge pull request #1603 from flatcar-linux/tormath1/sbsigntools 
app-crypt/sbsigntools: bump to 0.9.4
 2022-02-01 09:39:20 +01:00
Mathieu Tortuyaux
bf127a3a35 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:28 +01:00
Mathieu Tortuyaux
25c3360eee app-crypt/sbsigntools: apply flatcar changes 
- remove unecessary ebuilds
- mark sbsigntools-0.9.4.ebuild as stable for arm64/amd64
- apply OpenSSLv3 patch from: https://groups.io/g/sbsigntools/topic/patch_fix_openssl_3_0_issue/85903418?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,85903418,previd=1632756467394580924,nextid=1591489833755102589&previd=1632756467394580924&nextid=1591489833755102589
- remove -Werror from Makefile.am for OpenSSLv3 compilation

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:14 +01:00
Kai Lüke
51c4f8338f Merge pull request #1602 from flatcar-linux/kai/enable-fips 
sys-kernel: allow fips mode to be enabled
 2022-01-31 19:51:07 +01:00
Flatcar Buildbot
b51049bc89 sys-kernel: Upgrade Kernel 5.15.17 to 5.15.18 2022-01-31 18:48:44 +01:00
Mathieu Tortuyaux
258e8530ba app-crypt/sbsigntools: sync with ::gentoo 
Commit-Ref: bc01370226f4b5f773ae0da7d49ae09b90622666

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-31 16:59:44 +01:00
Kai Lueke
38a01288e1 sys-kernel: allow fips mode to be enabled 
With this kernel config, users can boot with fips=1 set in
`/usr/share/oem/grub.cfg`:
```
set linux_append="fips=1"
```

Which triggers various behaviors, for FIPS 200 certification.

with this config compiled in, and that boot parameter, users can can
that fips is enabled with:
```
flatcar ~ # cat /proc/sys/crypto/fips_enabled
1
```
 2022-01-31 15:07:36 +01:00
Dongsu Park
bdba7188e4 changelog: add changelog for expat 2.4.4 2022-01-31 11:06:20 +01:00
Dongsu Park
6275be666f dev-libs/expat: update to 2.4.4 
Update dev-libs/expat to 2.4.4, mainly to address security issues
like CVE-2022-23852, CVE-2022-23990.
 2022-01-31 11:00:26 +01:00
Dongsu Park
19a486c58d Merge pull request #1596 from flatcar-linux/dongsu/glibc-2.33-r10 
sys-libs/glibc: update to 2.33-r10
 2022-01-28 16:58:45 +01:00
Krzesimir Nowak
9582e2e795 Merge pull request #1595 from flatcar-linux/linux-5.15.17-main 
Upgrade Linux Kernel in main from 5.15.16 to 5.15.17
 2022-01-28 16:13:55 +01:00
Kai Lüke
456efdeb9a Merge pull request #1589 from flatcar-linux/kai/ipv6-ra 
coreos-cloudinit and bootengine: accept IPv6 RA for default net configs
 2022-01-28 11:08:46 +01:00
Dongsu Park
27bd0429a0 changelog: add changelog for glibc 2.33-r10 2022-01-28 08:43:44 +01:00
Krzesimir Nowak
a752947aec sys-libs/glibc: Apply Flatcar modifications 
- unmask amd64 and arm64
  - take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
  - don't run sanity checks in pkg_pretend to prevent gcc checks when
    only the binary package is installed.
  - comment out 'dostrip -x' to force the OS image binaries to be stripped
  - remove everything glibc wants to put under /etc since we use
    baselayout to provide that
 2022-01-28 08:43:44 +01:00
Dongsu Park
2301479ae7 sys-libs/glibc: sync with Gentoo for 2.33-r10 
Update sys-libs/glibc to 2.33-r10, mainly to address CVE-2021-3998,
CVE-2021-3999, CVE-2022-23218, CVE-2022-23219.

Gentoo ref: 7ba56d4da4e3fd2bc0d2c1012f2dc02e448c77d4
 2022-01-28 08:43:40 +01:00
Flatcar Buildbot
e4a527aa27 sys-kernel: Upgrade Kernel 5.15.16 to 5.15.17 2022-01-28 07:22:45 +00:00
Mathieu Tortuyaux
eefde75413 changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 18:08:23 +01:00
Mathieu Tortuyaux
0ce5422e6e sys-auth/polkit: apply Flatcar patches 
- apply duktape patchset from https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/97
 `.gitlab-ci.yml` patch has been removed since file is not shipped in
 archive.
- fix config install paths, use systemd-tmpfiles (All configs should
be installed to /usr and tmpfiles should be used to create and fix
directory permissions instead of the ebuild's postinst.)

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 18:08:20 +01:00
Kai Lueke
d341a5b51d coreos-cloudinit and bootengine: accept IPv6 RA for default net configs 
This pulls in
https://github.com/flatcar-linux/coreos-cloudinit/pull/12
and
https://github.com/flatcar-linux/bootengine/pull/30
(https://github.com/flatcar-linux/init/pull/51 is already in)
to also accept Router Advertisements in our default DHCP network
configurations.
 2022-01-27 17:17:12 +01:00
Mathieu Tortuyaux
3bcd2510bc sys-auth/polkit: sync with ::gentoo 
Ref-Commit: 4dbf4f80da2ee7c5e3325d4f25512dc0ed1a4b48

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-27 14:25:53 +01:00
Kai Lueke
e2d87f0d26 coreos-base/coreos-init/coreos-init: pull in latest changes 
This pulls in
https://github.com/flatcar-linux/init/pull/58
(bin/flatcar-update: don't assume $USER is set up, only use $EUID)
and
https://github.com/flatcar-linux/init/pull/51
network: Enable the RAs to fix IPv6 address assignment
 2022-01-26 17:15:03 +01:00
Dongsu Park
ae70b76228 Merge pull request #278 from flatcar-linux/rust-1.58.1-main 
Upgrade virtual Rust in main from 1.57.0 to 1.58.1
 2022-01-26 11:27:40 +01:00
Dongsu Park
66e00de1db Merge pull request #1581 from flatcar-linux/rust-1.58.1-main 
Upgrade dev-lang/rust in main from 1.57.0 to 1.58.1
 2022-01-26 11:27:23 +01:00
flatcar-ci
153a347999
New major release: 3127.0.0 2022-01-26 14:11:59 +05:30
Dongsu Park
0652a4584c changelog: add security changelog for Rust 1.58.1 2022-01-25 10:25:12 +01:00
Sayan Chowdhury
44e7c99fe3 Merge pull request #1586 from flatcar-linux/linux-5.15.16-main 
Upgrade Linux Kernel in main from 5.15.15 to 5.15.16
 2022-01-24 23:50:13 +05:30