mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-10 06:26:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,987 Commits 621 Branches 390 Tags 160 MiB
b2be807349
Commit Graph

18515 Commits

Author SHA1 Message Date
Mickaël Salaün
b2be807349
sys-kernel/coreos-modules: Enable Landlock 
Landlock is a feature to create security sandboxes thanks to 3 dedicated
system calls.  They are designed to be safe to used by any processes,
which can only drop their privileges, similarly to seccomp.

The new Landlock LSM is build in the kernel (CONFIG_SECURITY_LANDLOCK=y)
but it is not enough to make it usable by default.  As a stackable LSM,
it is required to enable it at boot time with the CONFIG_LSM list.  See
https://docs.kernel.org/userspace-api/landlock.html#kernel-support

As for other stackable LSMs, prepending Landlock to the default LSM list
enables users to potentially get more protection by default by letting
programs sandbox themselves.

As a dependency, CONFIG_SECURITY_PATH=y will be automatically set.

Signed-off-by: Mickaël Salaün <mic@digikod.net>
 2024-07-29 15:10:55 +02:00
Jeremi Piotrowski
417790ff0d app-misc/ca-certificates: Switch to https protocol in SRC_URI 
Ftp access appears to have been decommissioned (access times out) so switch to
the https mirror that Mozilla provides.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2024-07-29 10:37:36 +02:00
Flatcar Buildbot
87c73ec262 app-misc/ca-certificates: Update from 3.102 to 3.102.1 2024-07-29 07:21:21 +00:00
flatcar-ci
a94f908998 New version: main-4041.0.0-nightly-20240724-2100 2024-07-24 21:00:27 +00:00
Flatcar Buildbot
c5b7a56352 Update mantle container image to latest HEAD 2024-07-23 21:00:58 +00:00
flatcar-ci
55cd93be03 New version: main-4040.0.0-nightly-20240723-2100 2024-07-23 21:00:40 +00:00
flatcar-ci
15386d5459 New version: main-4039.0.0-nightly-20240722-2100 2024-07-22 21:00:26 +00:00
Mathieu Tortuyaux
dd9035644f
Merge pull request #2126 from flatcar/buildbot/weekly-portage-stable-package-updates-2024-07-16 
Weekly portage-stable package updates 2024-07-16
 2024-07-22 17:13:02 +02:00
Dongsu Park
29f7c259bd
Merge pull request #2069 from flatcar/buildbot/monthly-glsa-metadata-updates-2024-07-01 
Monthly GLSA metadata 2024-07-01
 2024-07-22 10:13:49 +02:00
flatcar-ci
dab06c59d6 New version: main-4036.0.0-nightly-20240719-2100 2024-07-20 03:00:28 +00:00
flatcar-ci
868c931c12 New version: main-4036.0.0-nightly-20240719-2100-INTERMEDIATE 2024-07-19 21:00:27 +00:00
Mathieu Tortuyaux
98500cd0be
Merge pull request #2139 from flatcar/containerd-1.7.20-main 
Upgrade Containerd in main from 1.7.19 to 1.7.20
 2024-07-19 17:03:45 +02:00
Mathieu Tortuyaux
b9cb2aba53
overlay profiles: Drop accept keywords for sys-libs/libnvme 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:55:52 +02:00
Mathieu Tortuyaux
03e38f76f4
overlay profiles: Drop accept keywords for sys-apps/nvme-cli 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:35:36 +02:00
Mathieu Tortuyaux
8caa3537c0
overlay profiles: Drop accept keywords for sys-apps/coreutils 
This reverts ac79ba8702

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:32:53 +02:00
Flatcar Buildbot
cfb72f2e85 app-containers/containerd: Update from 1.7.19 to 1.7.20 2024-07-19 08:17:51 +00:00
Flatcar Buildbot
361d7d99e1 sys-kernel/coreos-sources: Update from 6.6.40 to 6.6.41 2024-07-19 07:14:34 +00:00
Mathieu Tortuyaux
9c6cacacad
Revert "dev-python/tomli: Drop unused package" 
This reverts commit aaed2bdabb.
 2024-07-17 09:55:10 +02:00
Flatcar Buildbot
8b7394459a portage-stable/metadata: Monthly GLSA metadata updates 2024-07-17 09:41:24 +02:00
Flatcar Buildbot
1524f70113 Update mantle container image to latest HEAD 2024-07-17 07:24:28 +00:00
Mathieu Tortuyaux
ca6660d6b0
Merge pull request #2123 from flatcar/linux-6.6.40-main 
Upgrade Linux Kernel for main from 6.6.39 to 6.6.40
 2024-07-17 09:24:14 +02:00
flatcar-ci
de9d0d98d7 New version: main-4033.0.0-nightly-20240716-2100 2024-07-16 21:00:29 +00:00
Mathieu Tortuyaux
c9e11c054c
Revert "dev-python/tomli: Drop unused package" 
This reverts commit aaed2bdabb.
 2024-07-16 18:13:18 +02:00
Mathieu Tortuyaux
66508a5920
profiles/repo_name: revert to portage-stable 
This has to stay this way.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-16 15:40:43 +02:00
Flatcar Buildbot
2e4bea9ff4
x11-base/xorg-proto: Sync with Gentoo 
It's from Gentoo commit 0cc26b9606909947c2f7b20374dcff4c368167c4.
 2024-07-16 13:32:36 +02:00
Flatcar Buildbot
ddc4b527b5
sys-process/procps: Sync with Gentoo 
It's from Gentoo commit 5cb571902f430a2386e9da9cbb4019d3932cda03.
 2024-07-16 13:32:36 +02:00
Flatcar Buildbot
732585db87
sys-process/audit: Sync with Gentoo 
It's from Gentoo commit c2d50c79cc88f5dc8272e987278bc2d35a805619.
 2024-07-16 13:32:36 +02:00
Flatcar Buildbot
ce21a3295d
sys-libs/libselinux: Sync with Gentoo 
It's from Gentoo commit ac5035880c05b8469a247e8ce3236e64d7963235.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
f387bbd672
sys-libs/libnvme: Sync with Gentoo 
It's from Gentoo commit fe37e42963ad6a4de1b109ac5c2dfca80976da89.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
2c58765fa6
sys-libs/libcap: Sync with Gentoo 
It's from Gentoo commit cf382be8f3fe1118bb0bd6b42de3e3b8510a4d60.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
ab95fa2ffc
sys-libs/gdbm: Sync with Gentoo 
It's from Gentoo commit 99e6e7aa85c588274e3938636b07bce556dc2483.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
a7f9965f59
sys-libs/binutils-libs: Sync with Gentoo 
It's from Gentoo commit 42467dafd1fdf268732d68322003a0453a6430c2.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
c39c915a66
sys-firmware/sgabios: Sync with Gentoo 
It's from Gentoo commit 5c931d090e2ab905d03e0f5100b4eb8173870203.
 2024-07-16 13:32:35 +02:00
Flatcar Buildbot
78a99cc95e
sys-firmware/ipxe: Sync with Gentoo 
It's from Gentoo commit 0b7856b8c830dc6ece1ce7386967d90f05756241.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
8e6a1fdf73
sys-devel/gcc: Sync with Gentoo 
It's from Gentoo commit a73c9ed24c410e54d5ca522ba268bdf139ee8e7d.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
3ed0b04454
sys-devel/crossdev: Sync with Gentoo 
It's from Gentoo commit 5dadbc24264482b3ddb121ed1a9a93f331f5f069.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
4177c4023a
sys-devel/binutils: Sync with Gentoo 
It's from Gentoo commit bbcb469bfc2883b7bdbd7d14aed5d2964c6907f1.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
d8967eb4db
sys-block/thin-provisioning-tools: Sync with Gentoo 
It's from Gentoo commit dc1a9eb5d8668edf862cf9c26940d6ec48833608.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
d474456361
sys-apps/util-linux: Sync with Gentoo 
It's from Gentoo commit ce49eb686687c88ee9a20cbe5f10f26f80999cf5.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
911ecfe985
sys-apps/pv: Sync with Gentoo 
It's from Gentoo commit 6c6ae00c87324de5533afeac43187ac00a666838.
 2024-07-16 13:32:34 +02:00
Flatcar Buildbot
b30ca18759
sys-apps/portage: Sync with Gentoo 
It's from Gentoo commit ba6ab0e532c1bcaf668168c6e29f8ac3753b7970.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
57b3c05289
sys-apps/nvme-cli: Sync with Gentoo 
It's from Gentoo commit 30d829bee5445eeaacc317828c09a4652d63177f.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
e1b0d7fd79
sys-apps/miscfiles: Sync with Gentoo 
It's from Gentoo commit 977d2cf00bedf9987308b9f2cc7639b23e5bc8b0.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
0119bb2b00
sys-apps/man-db: Sync with Gentoo 
It's from Gentoo commit d08bd5199387fec6c7a47d2fc8d831ac8db5a961.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
c20ec084dd
sys-apps/iproute2: Sync with Gentoo 
It's from Gentoo commit fea4f86d00b622e40aff43aae50c88ec95b10b53.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
c4ae907366
sys-apps/coreutils: Sync with Gentoo 
It's from Gentoo commit de734646c040c20459e4dc79976387d0578de3ee.
 2024-07-16 13:32:33 +02:00
Flatcar Buildbot
c8059b65b2
sec-policy/selinux-base: Sync with Gentoo 
It's from Gentoo commit c35b5449cfd7ecbacb7244e0d008b551ab21e235.
 2024-07-16 13:32:32 +02:00
Flatcar Buildbot
81390b2b42
sec-keys/openpgp-keys-gentoo-release: Sync with Gentoo 
It's from Gentoo commit 3f6f91c9f322abcfaf02e9a5ad4096fd6311218c.
 2024-07-16 13:32:32 +02:00
Flatcar Buildbot
27a0e71058
profiles: Sync with Gentoo 
It's from Gentoo commit d48794d195c543fa98bc9ca5494d5101c1474384.
 2024-07-16 13:32:32 +02:00
Flatcar Buildbot
630286b427
net-nds/openldap: Sync with Gentoo 
It's from Gentoo commit 8a06997e35a6b4f2e4a8bc8a930a58ae786db4af.
 2024-07-16 13:32:32 +02:00