mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-21 22:41:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,906 Commits 616 Branches 395 Tags
Commit Graph

17137 Commits

Author SHA1 Message Date
Mathieu Tortuyaux
678dfd7f79
sys-apps/semodule-utils: sync with Gentoo 
Commit-Ref: a8d934769f

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux
077dd2363e
sec-policys/selinux-dbus: add new package 
it's a dependency from ssh module:
```
Failed to resolve typeattributeset statement at /var/lib/selinux/mcs/tmp/modules/400/ssh/cil:127
Failed to resolve AST
```

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux
af5400ce64
sec-policy/selinux-unconfined: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:40 +02:00
Mathieu Tortuyaux
eed7eb6d21
sec-policy/selinux-sssd: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
206b71a48f
coreos/user-patches: add selinux-container 
apply Flatcar patch (including the kernel_t transition that
should be removed once we have a system labelled)

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
1306dfefec
sec-policy/selinux-container: add new package 
it comes in replacement of selinux-virt

Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
1e2b1c999d
sec-policy/selinux-virt: drop ebuild 
it's now replaced by selinux-container

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
2af995d2dc
coreos/user-patches: add selinux-base-policy 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
6b7c24719b
sec-policy/selinux-base-policy: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:39 +02:00
Mathieu Tortuyaux
ac520d6588
coreos/user-patches: add selinux-base 
* add selinux patches (icmp-bind, relabel and kernel permissions)
* ship our own config file

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
3de5229a3c
sec-policy/selinux-base: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
cd2d678f43
sys-apps/checkpolicy: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
90bd28e13f
sys-libs/libsemanage: apply flatcar patches 
* remove python dependencies
* added back multilib_src_install function (qa_check does fail otherwise)
* setting SHLIBDIR for installation

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
e1ff97556f
sys-libs/libsemanage: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
a38d44bd1c
sys-apps/policycoreutils: apply flatcar changes 
* remove python dependencies
* move selinux policy directory from /etc/selinux/policy to /usr/lib/selinux/policy
* add tmpfiles to recreate /var/lib/selinux on rootfs
* remove setools dependency

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
d78e4b3b20
sys-apps/policycoreutils: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:38 +02:00
Mathieu Tortuyaux
c4a353d0f8
sys-libs/libsepol: sync with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:37 +02:00
Mathieu Tortuyaux
7132f52f46
sys-libs/libselinux: sync with Gentoo 
Commit-Ref: a67229c8d6

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:37 +02:00
Mathieu Tortuyaux
b0810f46dd
eclass: sync selinux-policy-2 with Gentoo 
Commit-Ref: ea4cd1f216
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2023-09-20 12:33:37 +02:00
Jeremi Piotrowski
bc8261f9c6
Merge pull request #1148 from flatcar/add-ue-rs 
Add ue-rs to image
 2023-09-20 10:53:36 +02:00
Krzesimir Nowak
72701e273d net-libs/rpcsvc-proto: Sync with Gentoo 
It's from Gentoo commit 6224cc9e8fc46385e18d62bd1c5fa96801e13d18.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
747f318742 overlay net-libs/rpcsvc-proto: Move to portage-stable 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
fc34867b81 dev-libs/xmlsec: Add from Gentoo 
It's from Gentoo commit 1e94c87d6d6155169455dfd273e02c16e705ae92.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
570aad56e8 dev-libs/libmspack: Sync with Gentoo 
It's from Gentoo commit 8d671320f4803974b97ba9bcb90d14d19ae62767.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
dda041adf9 overlay dev-libs/libmspack: Move to portage-stable 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
19a3cdde63 sys-fs/fuse-common: Add from Gentoo 
It's from Gentoo commit 86f1cf927f6a27a19482e1eb25430e47d5f58ff7.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
64dbcc6092 overlay profiles: Add accept keywords for sys-fs/fuse 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
03d9d3238e overlay profiles: Do not install suid binaries from sys-fs/fuse 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
481b0e0eaf sys-fs/fuse: Add from Gentoo 
It's from Gentoo commit ba10b3c5f0eec6233e4dfbfa65db40253e7fdd7d.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
618e11dd53 overlay profiles: Add accept keywords for dev-libs/libdnet 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
63cca7c78a dev-libs/libdnet: Sync with Gentoo 
It's from Gentoo commit 7d00351296070d4b6cea6913fab62b96819abddb.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
c6c2f83ed7 overlay dev-libs/libdnet: Move to portage-stable 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
ccae9d434f overlay coreos-base/misc-files: Add a list of old VMware OEM image files 
This list will be used by bootengine to clean up old installation of
VMware OEM software before installing a sysext.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
90b74e29b3 overlay coreos-base/oem-vmware: Update to be sysext-ready 
Ignition files are not necessary any more. Grub config file and
oem-releas file are now provided by the coreos-base/oem-common-files
package.

We install drop-in files for systemd units instead of providing our
own copies. This is where we set up PrivateTmp option and create
symlinks for /etc.

There's also manglefs.sh script, that will be executed by the
build_sysext utility. It drops unnecessary stuff like translations,
debugging symbols and development files.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
cc40a00aa1 overlay profiles: Update USE flags for app-emulation/open-vm-tools 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
67a2aa9e73 coreos/user-patches: Add a patch for app-emulation/open-vm-tools 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
0336d57627 overlay app-emulation/open-vm-tools: Apply Flatcar modifications 
None of these modifications are actually specific to Flatcar. This is
something we will want to upstream to Gentoo.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
fa2f2101a9 overlay app-emulation/open-vm-tools: Drop old ebuild, bump version 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
b1e69f4c41 app-emulation/open-vm-tools: Sync with Gentoo 
It's from Gentoo commit ecc674a080e039b5db316f4f8258315c1936801a.
 2023-09-20 09:18:43 +02:00
Krzesimir Nowak
6f2189e94f coreos-base/common-oem-files: Add VMware OEM common files 
This will replace files in coreos-base/oem-vmware package.
 2023-09-20 09:18:43 +02:00
Flatcar Buildbot
4855fc503c sys-kernel/coreos-sources: Update from 6.1.53 to 6.1.54 2023-09-19 14:15:36 +00:00
Dongsu Park
33c94b390e
Merge pull request #1127 from flatcar/buildbot/weekly-portage-stable-package-updates-2023-09-11 
Weekly portage-stable package updates 2023-09-11
 2023-09-19 13:47:52 +02:00
Dongsu Park
121798c7fa
Merge pull request #1121 from flatcar/sayan/update-to-nvidia-535.104.05 
x11-drivers/nvidia-drivers: updates to 535.104.05
 2023-09-19 12:43:01 +02:00
Jeremi Piotrowski
e2599703b3 coreos: Add ue-rs to production image 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-09-19 12:27:02 +02:00
Jeremi Piotrowski
3030926df7 coreos-base/ue-rs: Initial ebuild 
Based on the afterburn ebuild with some tweaks. The dependency list was
generated using cargo-ebuild.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-09-19 12:27:02 +02:00
Jeremi Piotrowski
bf21753ca5
Merge pull request #1131 from flatcar/azure-mana-vf 
Pull in flatcar/init and bootengine changes  to ignore mana VF in networkd
 2023-09-15 16:29:03 +02:00
Krzesimir Nowak
1ac17be8d5 overlay coreos-base/coreos-oem-gce: Pull in sys-apps/gentoo-functions too 
Previously the sys-apps/gentoo-functions package was pulled in into
the GCE image by the sys-libs/glibc package. After the sys-libs/glibc
package update, the dependency disappeared. This resulted in
gentoo-functions not being installed and the build to fail a check for
dangling symlinks:

broken link: b'/etc/init.d/functions.sh' -> b'../../lib/gentoo/functions.sh'
ERROR   build_oem_aci: test_image_content: Failed symlink check

The `/etc/init.d/functions.sh` symlink is installed by
sys-apps/baselayout in postinst phase. The package also has a
dependency on sys-apps/gentoo-functions, but it is not pulled in into
the image, because baselayout is installed specially - without
dependencies.

It would probably be better to just drop the symlink, but it's here
for compatibility purposes. We also can't remove the symlink in the
manglefs script, as it gets executed after the filesystem checks.
 2023-09-15 16:14:29 +02:00
Krzesimir Nowak
98e420f346 overlay profiles: Enable asm USE flag too 
It is required by dev-libs/gmp's cpudetection USE flag, so it needs to
be enabled explicitly, otherwise it will be disabled during bootstrap.
 2023-09-15 16:14:29 +02:00
Krzesimir Nowak
f06093854a overlay profiles: Enable cpudetection USE flag in dev-libs/gmp during bootstrap 
It normally is enabled by default, but during bootstrap USE flags that
are not force-enabled are disabled. And we need to it avoid bindist
issues that pop up during stage 1 of the SDK build.
 2023-09-15 16:14:29 +02:00
Krzesimir Nowak
b233ca2e15 sys-apps/locale-gen: Add from Gentoo 
It's from Gentoo commit 9b2ee03ef894782d6d8d426a8eb8eeb8084ef4fc.
 2023-09-15 16:14:29 +02:00