mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 18:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,991 Commits 629 Branches 394 Tags 166 MiB
a00cc42b6b
Commit Graph

7215 Commits

Author SHA1 Message Date
Sayan Chowdhury
a00cc42b6b net-firewall/iptables: Apply the Flatcar patches 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-21 10:49:15 +00:00
Sayan Chowdhury
24c71442ab net-firewall/iptables: Sync with Gentoo upstream 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-15 18:24:14 +00:00
Krzesimir Nowak
dd5b75ce96 Merge pull request #1275 from flatcar-linux/go-1.16.8-main 
Upgrade Go in main from 1.16.7 to 1.16.8
 2021-09-14 12:43:22 +02:00
Krzesimir Nowak
49faa0b1cd Merge pull request #1273 from flatcar-linux/linux-5.10.64-main 
Upgrade Linux Kernel in main from 5.10.63 to 5.10.64
 2021-09-14 12:42:48 +02:00
Sayan Chowdhury
c317eca484 Merge pull request #1147 from flatcar-linux/sayan/update-binutils-2.37 
profiles: Add binutils-2.37 to the accept_keywords
 2021-09-14 15:48:03 +05:30
Flatcar Buildbot
4911162e28 dev-lang: Upgrade Go 1.16.7 to 1.16.8 2021-09-13 07:25:50 +00:00
Flatcar Buildbot
5236173688 sys-kernel: Upgrade Kernel 5.10.63 to 5.10.64 2021-09-12 07:22:18 +00:00
Jeremi Piotrowski
c213631177 Merge pull request #1262 from kinvolk/jepio/ignition-fix-bootloop 
sys-kernel/bootengine: prevent boot loop on ignition failure
 2021-09-10 10:25:22 +02:00
Jeremi Piotrowski
453c346543 sys-kernel/bootengine: update commit for ignition-bootloop fix 
This resolves an issue that causes the initramfs to boot loop when ignition
fails.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-09-10 10:12:50 +02:00
Jeremi Piotrowski
c2e842bed8 Merge pull request #1216 from kinvolk/jepio/sssd-cve-fix 
sys-auth/sssd: fix CVE-2021-3621
 2021-09-09 11:13:08 +02:00
Jeremi Piotrowski
90b316b6d0 sys-auth/sssd: add patch for CVE-2021-3621 
This is a backport of https://github.com/SSSD/sssd/pull/5748 adapted to 2.3.1.
A change was necessary: src/tools/sssctl/sssctl_logs.c wasn't passing
'--no-create' to truncate in 2.3.1 yet.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-09-09 11:11:38 +02:00
Flatcar Buildbot
43caf03dad sys-kernel: Upgrade Kernel 5.10.62 to 5.10.63 2021-09-08 07:10:02 +00:00
Sayan Chowdhury
2e6287988b profiles: Add binutils-2.37 to the accept_keywords 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-07 15:51:41 +05:30
Krzesimir Nowak
123c3031e7 Merge pull request #1260 from kinvolk/krnowak/python-grub 
sys-boot/grub: Drop python2 compatibility
 2021-09-07 09:07:15 +02:00
Krzesimir Nowak
f49aa5cecc Merge pull request #1259 from kinvolk/linux-5.10.62-main 
Upgrade Linux Kernel in main from 5.10.61 to 5.10.62
 2021-09-07 08:28:49 +02:00
Krzesimir Nowak
f35b125ee3 sys-boot/grub: Drop python2 compatibility 2021-09-06 17:40:50 +02:00
Flatcar Buildbot
5952fc58dd sys-kernel: Upgrade Kernel 5.10.61 to 5.10.62 2021-09-04 07:10:32 +00:00
Dongsu Park
83fc14f479 sys-apps/systemd-sysv-utils: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
c8210e51c2 dev-util/lcov: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
86b9533b56 coreos-base/coreos-experimental: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
0e27b92071 Merge pull request #1251 from kinvolk/dongsu/openssh-8.7 
net-misc/openssh: update to 8.7_p1-r1
 2021-09-03 15:09:00 +02:00
Krzesimir Nowak
311a0cf66b Merge pull request #1252 from kinvolk/krnowak/init-python3 
coreos-base/coreos-init: Port to python3
 2021-09-03 14:31:14 +02:00
Krzesimir Nowak
9b3a1c703d coreos-base/coreos-init: Port to python3 2021-09-03 14:30:39 +02:00
Krzesimir Nowak
61df4384ec Merge pull request #1250 from kinvolk/krnowak/update-xenstore 
app-emulation/xenstore: Update to 4.14.2
 2021-09-03 14:28:15 +02:00
Dongsu Park
4fb2be88fb Merge pull request #1246 from kinvolk/dongsu/ca-certificates-utf8 
app-misc/ca-certificates: consider system encoding when opening file
 2021-09-03 11:44:27 +02:00
Dongsu Park
e0e0620e2c profiles: accept ~arm64 keywords for openssh 8.7_p1-r1 
Accept ~arm64 keywords for net-misc/openssh 8.7_p1-r1.
 2021-09-03 10:35:28 +02:00
Kai Lüke
dcd8f8ae40 net-misc/openssh: Apply Flatcar changes 
- Drop the init.d files.
- Remove the socket unit's rate limiting.

Instead of dropping bindist, enable it with the profiles now so it
doesn't need to be modified on future updates.

Imported commit 20d298fb282ec9d5a060f12aef64c47aede0904d .
 2021-09-03 10:35:28 +02:00
Dongsu Park
e0e1ad29c3 net-misc/openssh: sync with Gentoo for 8.7_p1-r1 
Update net-misc/openssh to 8.7_p1-r1, mainly to address CVE-2020-15778.

Goal of the package update is to add the support of a new option `-s`
of scp, i.e. "sftp mode of scp". Openssh 8.7 started to support the
flag, but it is disabled by default. So at the moment users need to
explicitly run `scp -s` to test the feature.

Gentoo ref: 11d6f23704e7ab84191e28e034816bfdb151d406
 2021-09-03 10:35:24 +02:00
Dongsu Park
2db638d652 Merge pull request #1243 from kinvolk/dongsu/glibc-2.33-r7 
sys-libs/glibc: update to 2.33-r7
 2021-09-03 10:05:39 +02:00
Kai Lüke
adb5726979 Merge pull request #1245 from kinvolk/kai/enable-selinux-on-all-targets-v2 
profiles: Enable selinux for all targets
 2021-09-02 21:14:39 +02:00
Aniruddha Basak
9210fd5beb mdadm: migrate cron.weekly to systemd.timer (#1244) 
Add mdadm timer and service files and remove the unused weekly cron
 2021-09-02 21:10:57 +02:00
Krzesimir Nowak
00cad56908 Merge pull request #1248 from kinvolk/krnowak/update-sys-libs-ldb 
Update sys-libs/talloc and sys-libs ldb to drop python2 dependency
 2021-09-02 20:55:19 +02:00
Krzesimir Nowak
0c16d504b2 Merge pull request #1236 from raballew/main 
coreos-modules: add GPIO support
 2021-09-02 17:56:38 +02:00
Kai Lueke
f0f9617316 profiles: Enable selinux for all targets 
Move the USE options out of the amd64 path, specify selinux
packages as explicit dependency, and add accept keywords.
 2021-09-02 15:13:32 +02:00
Dongsu Park
142dc04fd4 app-misc/ca-certificates: ignore UnicodeEncodeError when opening file 
Now that we started encoding strings to unicode by default,
we should also take care of corner cases, where LC_CYPTE is set to a
different value from the systemd default value in `/etc/locale.gen`.

For example, under a build environment with `LC_CTYPE=C`, when the UTF-8
file name is `AC_Ra�z_Certic�mara_S.A..pem`,
build fails like that.

```
Traceback (most recent call last):
  File "/var/tmp/portage/app-misc/ca-certificates-3.27.1-r2/files/certdata2pem.py",
line 127, in <module>
    f = open(fname, 'w')
UnicodeEncodeError: 'ascii' codec can't encode character '\xed' in position 5: ordinal not in range(128)
 * ERROR: app-misc/ca-certificates-3.27.1-r2::coreos failed (compile phase):
```

To fix that, encode filename with system encoding when opening the file.
 2021-09-02 14:19:37 +02:00
Krzesimir Nowak
d4d10bceaa app-emulation/xenstore: Update to 4.14.2 2021-09-02 14:19:29 +02:00
Krzesimir Nowak
8cc524b15b sys-libs/ldb: Apply Flatcar modifications 
Support python3 that we have packaged.
 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
d0aaf23418 sys-libs/ldb: Drop extra stuff 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
c99f0113cd sys-libs/ldb: Copy from gentoo 
Still contains extra stuff we are going to drop.
 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
8a32322830 sys-libs/ldb: Drop old 
This package contained no Flatcar modifications, so in theory it could
be moved to portage-stable. But we also will want to update it to some
recent version that does not depend on python2. But the recent
versions in gentoo use python3.{7,9}, so we will need to change it for
now, since we still use python3.6.
 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
fd5bfc4907 sys-libs/talloc: Apply Flatcar modifications 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
0c1e06d7a0 sys-libs/talloc: Drop unnecessary files 2021-09-02 10:22:30 +02:00
Krzesimir Nowak
ee50bff520 sys-libs/talloc: Add new package from gentoo 
We need it for the updated sys-libs/ldb, but it depends on python we
haven't yet packaged.
 2021-09-02 10:22:30 +02:00
Dongsu Park
0565e229ef .github: fetch the correct Flatcar image signing key 
`Flatcar_Image_Signing_Key.asc` on https://www.flatcar-linux.org is
outdated, expired. That's why all Github Actions failed to run.
We need to fetch the image signing key from the correct URL,
https://kinvolk.io/flatcar-container-linux/...
 2021-09-02 09:34:13 +02:00
Paul Wallrabe
262c16b427 amd64: enable missing kernel config options 2021-09-01 21:23:52 +02:00
Krzesimir Nowak
0eac3144d7 dev-python/distro-oem: Update some comments 2021-09-01 18:51:04 +02:00
Krzesimir Nowak
d6adffcdc3 app-emulation/wa-linux-agent: Update some comments 2021-09-01 18:50:49 +02:00
Krzesimir Nowak
fd0fa0b948 dev-python/distro-oem: Depend on specific version of python-oem 2021-09-01 18:46:49 +02:00
Krzesimir Nowak
357df4cebd app-emulation/wa-linux-agent: Depend on specific version of python-oem 2021-09-01 18:46:49 +02:00
Krzesimir Nowak
fe69e51906 app-emulation/wa-linux-agent: Make DIST entry in Manifest a single line 2021-09-01 18:46:49 +02:00