mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 18:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,012 Commits 629 Branches 394 Tags 166 MiB
acf6871237
Commit Graph

7234 Commits

Author SHA1 Message Date
Sayan Chowdhury
acf6871237 Merge pull request #1079 from flatcar-linux/sayan/update-iptables-1.8.7 
net-firewall/{ip,eb,nf}tables: Sync with Gentoo upstream; iptables 1.8.7; ebtables 2.0.11; nftables 0.9.9
 2021-09-21 21:47:12 +05:30
Sayan Chowdhury
4c6359b9fb fixup! net-firewall/iptables: Apply the Flatcar patches 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:09:17 +00:00
Sayan Chowdhury
d174aaf2a2 fixup! net-firewall/iptables: Apply the Flatcar patches 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
8c8fe409d1 fixup! net-firewall/nftables: Apply Flatcar patches 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
8a6d6f9011 fixup! net-firewall/nftables: Apply Flatcar patches 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
42a36fb311 net-firewall/ebtables: Apply the Flatcar patches 
- set ebtables to use xtables-nft-multi instead of legacy

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
351f85e1b2 net-firewall/ebtables: Move the package into coreos-overlay 
Incase the ebtables tables are not set, the ebuilds links the
ebtables binaries to the legacy version instead of the nft version

Moving to coreos-overlay to link it to xtables-nft-multi.
The next step could be upstream the patches, incase of the usage of
nftables USE flag.

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
a6290e4217 profiles: Don't install eselect in the boards 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
e1c59c3f62 net-firewall/nftables: Apply Flatcar patches 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-21 16:02:37 +00:00
Sayan Chowdhury
71577282ef net-firewall/nftables: Sync with Gentoo upstream; updates to 0.9.9 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-21 16:02:30 +00:00
Sayan Chowdhury
a00cc42b6b net-firewall/iptables: Apply the Flatcar patches 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-21 10:49:15 +00:00
Flatcar Buildbot
3cc1afab92 sys-kernel: Upgrade Kernel 5.10.65 to 5.10.66 2021-09-17 07:23:22 +00:00
Krzesimir Nowak
30b831ca32 Merge pull request #1276 from flatcar-linux/rust-1.55.0-main 
Upgrade dev-lang/rust in main from 1.54.0 to 1.55.0
 2021-09-16 11:05:32 +02:00
Flatcar Buildbot
b3e25cc704 sys-kernel: Upgrade Kernel 5.10.64 to 5.10.65 2021-09-16 07:23:52 +00:00
Sayan Chowdhury
24c71442ab net-firewall/iptables: Sync with Gentoo upstream 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-15 18:24:14 +00:00
Krzesimir Nowak
d5a9c3acdf dev-lang/rust: Apply Flatcar modifications 
- Change python compatibility to python3.6 only, which we still use.
- Apply crossdev patch.
 2021-09-15 14:41:08 +02:00
Krzesimir Nowak
19d338203b dev-lang/rust: Drop unnecessary stuff 2021-09-15 14:41:08 +02:00
Krzesimir Nowak
0e1d4af0d4 dev-lang/rust: Sync with gentoo 2021-09-15 14:41:08 +02:00
Krzesimir Nowak
2310cb32ee profiles: Fix accept_keywords for rust 
We had an accept_keywords for versioned rust in base profile already,
but it was outdated due to a bug in github action. So update it and
move the lines from sdk target to base profile. The accept_keywords
for virtual/cargo package are dropped, because there is no such
package.
 2021-09-15 14:41:08 +02:00
Krzesimir Nowak
b7269c6e12 github: Fix the rust workflow 
Replace any dev-lang/rust version with the current one, and make sure
that the modified files in the profiles directory is actually included
in the patch.
 2021-09-15 14:41:08 +02:00
Flatcar Buildbot
87e65d16e5 dev-lang: Upgrade dev-lang/rust 1.54.0 to 1.55.0 2021-09-15 14:41:08 +02:00
Krzesimir Nowak
dd5b75ce96 Merge pull request #1275 from flatcar-linux/go-1.16.8-main 
Upgrade Go in main from 1.16.7 to 1.16.8
 2021-09-14 12:43:22 +02:00
Krzesimir Nowak
49faa0b1cd Merge pull request #1273 from flatcar-linux/linux-5.10.64-main 
Upgrade Linux Kernel in main from 5.10.63 to 5.10.64
 2021-09-14 12:42:48 +02:00
Sayan Chowdhury
c317eca484 Merge pull request #1147 from flatcar-linux/sayan/update-binutils-2.37 
profiles: Add binutils-2.37 to the accept_keywords
 2021-09-14 15:48:03 +05:30
Flatcar Buildbot
4911162e28 dev-lang: Upgrade Go 1.16.7 to 1.16.8 2021-09-13 07:25:50 +00:00
Flatcar Buildbot
5236173688 sys-kernel: Upgrade Kernel 5.10.63 to 5.10.64 2021-09-12 07:22:18 +00:00
Jeremi Piotrowski
c213631177 Merge pull request #1262 from kinvolk/jepio/ignition-fix-bootloop 
sys-kernel/bootengine: prevent boot loop on ignition failure
 2021-09-10 10:25:22 +02:00
Jeremi Piotrowski
453c346543 sys-kernel/bootengine: update commit for ignition-bootloop fix 
This resolves an issue that causes the initramfs to boot loop when ignition
fails.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-09-10 10:12:50 +02:00
Jeremi Piotrowski
c2e842bed8 Merge pull request #1216 from kinvolk/jepio/sssd-cve-fix 
sys-auth/sssd: fix CVE-2021-3621
 2021-09-09 11:13:08 +02:00
Jeremi Piotrowski
90b316b6d0 sys-auth/sssd: add patch for CVE-2021-3621 
This is a backport of https://github.com/SSSD/sssd/pull/5748 adapted to 2.3.1.
A change was necessary: src/tools/sssctl/sssctl_logs.c wasn't passing
'--no-create' to truncate in 2.3.1 yet.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-09-09 11:11:38 +02:00
Flatcar Buildbot
43caf03dad sys-kernel: Upgrade Kernel 5.10.62 to 5.10.63 2021-09-08 07:10:02 +00:00
Sayan Chowdhury
2e6287988b profiles: Add binutils-2.37 to the accept_keywords 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-09-07 15:51:41 +05:30
Krzesimir Nowak
123c3031e7 Merge pull request #1260 from kinvolk/krnowak/python-grub 
sys-boot/grub: Drop python2 compatibility
 2021-09-07 09:07:15 +02:00
Krzesimir Nowak
f49aa5cecc Merge pull request #1259 from kinvolk/linux-5.10.62-main 
Upgrade Linux Kernel in main from 5.10.61 to 5.10.62
 2021-09-07 08:28:49 +02:00
Krzesimir Nowak
f35b125ee3 sys-boot/grub: Drop python2 compatibility 2021-09-06 17:40:50 +02:00
Flatcar Buildbot
5952fc58dd sys-kernel: Upgrade Kernel 5.10.61 to 5.10.62 2021-09-04 07:10:32 +00:00
Dongsu Park
83fc14f479 sys-apps/systemd-sysv-utils: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
c8210e51c2 dev-util/lcov: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
86b9533b56 coreos-base/coreos-experimental: delete unnecessary package 2021-09-03 17:21:56 +02:00
Dongsu Park
0e27b92071 Merge pull request #1251 from kinvolk/dongsu/openssh-8.7 
net-misc/openssh: update to 8.7_p1-r1
 2021-09-03 15:09:00 +02:00
Krzesimir Nowak
311a0cf66b Merge pull request #1252 from kinvolk/krnowak/init-python3 
coreos-base/coreos-init: Port to python3
 2021-09-03 14:31:14 +02:00
Krzesimir Nowak
9b3a1c703d coreos-base/coreos-init: Port to python3 2021-09-03 14:30:39 +02:00
Krzesimir Nowak
61df4384ec Merge pull request #1250 from kinvolk/krnowak/update-xenstore 
app-emulation/xenstore: Update to 4.14.2
 2021-09-03 14:28:15 +02:00
Dongsu Park
4fb2be88fb Merge pull request #1246 from kinvolk/dongsu/ca-certificates-utf8 
app-misc/ca-certificates: consider system encoding when opening file
 2021-09-03 11:44:27 +02:00
Dongsu Park
e0e0620e2c profiles: accept ~arm64 keywords for openssh 8.7_p1-r1 
Accept ~arm64 keywords for net-misc/openssh 8.7_p1-r1.
 2021-09-03 10:35:28 +02:00
Kai Lüke
dcd8f8ae40 net-misc/openssh: Apply Flatcar changes 
- Drop the init.d files.
- Remove the socket unit's rate limiting.

Instead of dropping bindist, enable it with the profiles now so it
doesn't need to be modified on future updates.

Imported commit 20d298fb282ec9d5a060f12aef64c47aede0904d .
 2021-09-03 10:35:28 +02:00
Dongsu Park
e0e1ad29c3 net-misc/openssh: sync with Gentoo for 8.7_p1-r1 
Update net-misc/openssh to 8.7_p1-r1, mainly to address CVE-2020-15778.

Goal of the package update is to add the support of a new option `-s`
of scp, i.e. "sftp mode of scp". Openssh 8.7 started to support the
flag, but it is disabled by default. So at the moment users need to
explicitly run `scp -s` to test the feature.

Gentoo ref: 11d6f23704e7ab84191e28e034816bfdb151d406
 2021-09-03 10:35:24 +02:00
Dongsu Park
2db638d652 Merge pull request #1243 from kinvolk/dongsu/glibc-2.33-r7 
sys-libs/glibc: update to 2.33-r7
 2021-09-03 10:05:39 +02:00
Kai Lüke
adb5726979 Merge pull request #1245 from kinvolk/kai/enable-selinux-on-all-targets-v2 
profiles: Enable selinux for all targets
 2021-09-02 21:14:39 +02:00
Aniruddha Basak
9210fd5beb mdadm: migrate cron.weekly to systemd.timer (#1244) 
Add mdadm timer and service files and remove the unused weekly cron
 2021-09-02 21:10:57 +02:00