Apply Flatcar modifications on top of Gentoo ebuilds.
* Specify coreos-* directories for Kernel builds.
* Use hard-coded linux-firmware directory instead of ${PN} as well as
${S} to avoid naming conflicts.
* Depend on packages of Kernel source and modules.
* Create symlinks for CXGB and ICE DDP firmware files.
* Rewrite src_prepare and src_install.
* Remove acenic/tg?.bin from unknown_license to force to install.
Update coreos-firmware to 20230625_p20230724, syncing with
linux-firmware of Gentoo, mainly to address CVE-2023-20593.
Gentoo ref: 6390ce05738eac80fc06663a73ca6b22fdaee8d1
- Carry over our custom tmpfiles and securetty files
- Remove /etc files and install them to /usr, use tmpfiles
- Switch /etc/login.defs edits to /usr/share/shadow/login.defs
- Drop moving passwd out of /usr since we don't have split-usr
- Drop pkg_postinst
- Mark the package as stable.
- Remove the socket unit's rate limiting.
- Fixes to configuration handling. We are trying to upstream these
changes, so this package will be eventually moved to
portage-stable. But updating it in coreos-overlay for now to drop
the use of the obsolete cygwin USE flags.
Upstream PR: https://github.com/gentoo/gentoo/pull/31615
Do not update to openldap 2.6.3+, to take different steps of updating
openldap.
1) from 2.4 to 2.5,
2) do an Alpha release around 2023-08, and
3) finally update from 2.5 to 2.6.
To fix invalid header issue that started to happen when being built with
Go 1.19.11+, it is necessary for the docker cli repo to vendor the new docker
client part of github.com/docker/docker.
Based on https://github.com/docker/cli/commit/5d4e44df90bb.
Reset to the state according to the state of Gentoo upstream,
to commit b93160fedf4e7a6f7f4101dfb7f3ff0df5cee2c0.
to create Flatcar patches on top of that.
Docker client and daemon started to fail at sending or handling most
local connections when being compiled with Go 1.19.11, which addresses
CVE-2023-29406 by blocking invalid host headers of HTTP/1. As a
workaround, Docker started to define a dummy host header, and to use
it for local connections.
Backport the fixes to Flatcar to fix the runtime failures.
See also https://github.com/moby/moby/issues/45935,
https://github.com/moby/moby/pull/45942.
Reset to the state according to the state of Gentoo upstream,
to commit 964117a9a27f8c048d646f423ffaf09b57bfad00,
to create Flatcar patches on top of that.
