CONFIG_INFINIBAND_QIB gained a CONFIG_INFINIBAND_RDMAVT dependency in
4.6. The QIB driver appears actively maintained, and we enable a number
of other Infiniband drivers.
CONFIG_I7300_IDLE enables a driver that was dropped in 4.10.
CONFIG_DEBUG_STRICT_USER_COPY_CHECKS was dropped in 4.8.
CONFIG_ZRAM_LZ4_COMPRESS was obsoleted by CryptoAPI in 4.8.
CONFIG_I40E_VXLAN is a driver option that was dropped in 4.8.
This changes the bug URL from GitHub to a subdomain under coreos.com.
This will allow us in the future to move to another bug tracker. As it
exists today, this new subdomain just redirects to GitHub so there
should be no change in behavior.
When flannel-docker-opts didn't require flanneld, flanneld could
fail and flannel-docker-opts would start immediately after. This
effectively broke the intended ordering, so now both services
require each other.
This also simplifies the ordering declarations of the two services
by making flannel-docker-opts have both After= and Requires= as is
most commonly configured.
Prior to this, "${P}" would match upstream gentoo's distfile cache of
containerd, and that tarball would be used regardless of our SRC_URI
changing as we bumped the commit hash.
That resulted in us having an incorrect version of containerd installed
(and lying about the commit hash in --version to boot. Yikes!)
This fixes it by ensuring our package name actually uniquely identifies
the containerd package.
The choice to use the number of commits since the version as the patch
number is fairly arbitrary, but seemed like a sane and comparable number
to choose.
Due to containerd's somewhat fragile versioning, this number is not
technically unique (since there the v0.2.3 bump is commit to multiple
branches), but we can deal with issues if they happen.
Alternative fixes, such as FETCH_RESTRICT or other means of fooling the
cache logic, are more error prone and less faithful to portage's intent
that ${P} does uniquely identify an upstream source.
A different fix would be to use a CROS_WORKON style process for
containerd. There's no particular reason that approach is being avoided
other than the need to hack on containerd has so far been fairly small.
We can be more sloppy with versioning if/when we switch containerd over
to that process.
The choice to rename to 0.2.3 is because that commit (see
containerd/version.go) chooses to call itself 0.2.3, though it's newer
than the v0.2.5 tag. Docker 1.12 actually used a commit that contained
the 0.2.5 tag.
This is only an issue when the glibc versions differ between the
SDK and the sysroot. The M4 library detection functions in gettext
do bad things on their own, so bypass them.
The Ignition units are only used in the initramfs and are intertwined
with several other units in bootengine. Move them into bootengine for
simplicity.
This updates the ebuild to include a patch number indicating changes
since the referenced version number.
This is because docker uses untagged versions of runc, and so we need
additional version information.
Prior to this change, the runc ebuild inadvertently used the upstream
distfile cache of runc's distfile, regardless of the commit referenced
and the -r bumps.
This also re-fixes CVE-2016-9962. The patch for that vulnerability was
dropped once we thought the commit contained the fix, but since the
commit was being ignored and the fix never made it into any tagged
release, we accidentally regressed.
Finally, tihs updates the selinux patch. This was sourced from
projectatomic/runc on the docker-1.13.1 branch.
