Each Flatcar production image includes a binary `containerd-stress`,
as a part of torcx tarballs.
However it does not seem to be used anywhere.
It looks like a stress testing tool for containerd, so I don't see a
good reason to keep it.
The binary was there since the beginning, via commit
[fdd926949a10](fdd926949a),
but there is no comment or messages why it was needed.
We can simply remove `containerd-stress`.
As Flatcar relies on systemd-networkd for network configurations,
it is not needed to keep dhcpcd in production images at all.
According to the commit
https://github.com/kinvolk/coreos-overlay/commit/9be90f06e838 ,
it was added back in 2014 just because systemd-networkd was not mature
enough. That was already ~7 years ago, so we can safely assume that
the issue had been already gone, so we can simply use systemd-networkd.
generate_patches takes three parameters - a category, a package name
and a description. Invoking the function like `generate_patches
sys-kernel coreos-{sources,modules,kernel} Linux` makes "sys-kernel"
to be a category, "coreos-sources" to be a package name and
"coreos-modules" to become a description, while "coreos-kernel" and
"Linux" are simply ignored.
It has worked so far only because coreos-sources was first in the list
and that's where the actual changes in Manifest file happened. Had the
order of the packages been different, the workflow would be
broken. Since only coreos-sources was modified and all worked fine,
simplify the call to generate-patches.
This change updates coreos-init to a version which includes
a new SSHD config to limit crypto to "known secure" algorithms only.
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
Initially I moved the eclass to overlay and modified them there to
avoid making customizations in portage-stable, but for some reason
portage cannot locate these eclasses when building packages from
portage-stable.
This change is to avoid masked packages and resulting fromt that build
failures like:
!!! All ebuilds that could satisfy "x11-misc/makedepend" have been masked.
!!! One of the following masked packages is required to complete your request:
- x11-misc/makedepend-1.0.5::portage-stable (masked by: invalid: DEPEND: USE flag 'ppc-aix' referenced in conditional 'ppc-aix?' is not in IUSE)
Hopefully these customizations will go away once we update the
eclasses and packages that inherit these eclasses.
The updated portage-utils bring in two more tools, qmanifest and
qtegrity. They are pulling in some new dependencies. Since we didn't
have those tools before, we can live without them for a little while
longer.
