This pulls in the motdgen change
https://github.com/flatcar/init/pull/88
to not create a broken symlink in the symlinked /run/flatcar/ directory
if the directory symlink /run/coreos already exists.
This reverts commit 285f0646e6dfb3381d2ac5555e991cc482a4d91c.
Now that the ebuild dev-lang/rust does not have a manual check for
versions, it is possible to clean up the sed commands in Github
Actions.
Configure with --without=rust-docs-json-preview to avoid failures.
Remove unnecessary checks for package versions like upstream.
Clean up unnecessary patch, add new patch for 1.67.0.
Make use of the existing helpers provided by `coreos-go.eclass`.
To optimize the binary size of crictl, add "-X" to GO_LDFLAGS,
like "-X $(PROJECT)/pkg/version.Version=$(VERSION)" in the original
Makefile of cri-tools. We cannot follow way of Gentoo ebuilds like
`emake`, because Makefile of cri-tools does not allow users to pass in
${GOARCH}.
Add `arm64` to ACCEPTED_KEYWORDS.
Remove unnecessary files from installation, as well as the shell
completion eclass.
This pulls in
https://github.com/flatcar/bootengine/pull/52
to reduce the size of the unified kernel image by starting Ignition/
Afterburn from the /usr partition.
This also requires to install the Ignition binary to /usr.
This pulls in
https://github.com/flatcar/baselayout/pull/26
to fix the regression in Alpha/Beta (itself a fix for another
regression) where systemd-tmpfiles bailed if /etc/passwd|group didn't
have the core user, now solved by always copying missing entries over
to the databases, not only if the files didn't exist.
We do specify -split-usr in make.defaults for the USE variable but
it's not enough - the base profile in portage-stable forces this flag
and this overrides our defaults. As a workaround, we were using
package.use.force to force-disable split-usr for selected
packages. Now, with addition of more split-usr-using packages in
app-alternatives the list in package.use.force would grow. Instead of
listing all the packages having split-usr in their IUSE, use the
use.force and use.mask file to unforce and mask split-usr for all
packages in generic images.
As a bonus, this also allows us to drop a customization we did in
sys-apps/policycoreutils package.
This is to fix the following error during stage2 SDK build:
[[ (3/3) Emerging packages ]]
!!! The ebuild selected to satisfy "app-alternatives/yacc" has unmet requirements.
- app-alternatives/yacc-1-r2::portage-stable USE="-bison -byacc -reference"
The following REQUIRED_USE flag constraints are unsatisfied:
exactly-one-of ( bison byacc reference )
(dependency required by "sys-devel/binutils-2.39-r4::portage-stable" [ebuild])
(dependency required by "sys-devel/gcc-11.3.1_p20221209::portage-stable" [ebuild])
(dependency required by "sys-libs/glibc-2.36-r5::coreos" [ebuild])
(dependency required by "sys-libs/glibc:2.2" [argument])
- Carry over our custom tmpfiles and securetty files
- Remove /etc files and install them to /usr, use tmpfiles
- Switch /etc/login.defs edits to /usr/share/shadow/login.defs
- Drop moving passwd out of /usr since we don't have split-usr
- Drop pkg_postinst
As the Gentoo ebuild of dev-lang/rust >= 1.66.0 keeps workaround that
explicitly checks for a version like 1.66.0, that ebuild would obviously
make the build fail with 1.66.1.
Update the version from 1.66.0 to 1.66.1 to fix the build.
Every dev-lang/rust ebuild does a specific check if PV is the version,
e.g.:
if [[ "${PV}" == 1.66.1 ]]; then,
So it is needed to replace the hard-coded version with the new version.
This pulls in
https://github.com/flatcar/bootengine/pull/50
to select the active sysext images for OEMs or Flatcar extensions
that are coupled to the OS version. Systemd 252 is needed for the
sysext images to load without error because earlier systemd versions
were too strict about the final filename target name of a symlink.
Apply Flatcar modifications.
Unlike python <= 3.9.12, it is now unnecessary to replace virtual/awk
with app-alternatives/awk, because the upstream python ebuild already
has app-alternatives/awk.
Based on 32b448f8ccbf5f814739f834151803532272b1f9.
Add an ebuild phase hook that runs when pkg_postinst is about to be
executed. The hook sets up the environment for acct-user packages to
avoid modifications of the preexisting users - these are provided by
our baselayout and usermod can't change anything there anyway (it
complains that the user is not in /etc/passwd).
This was a default so far, but updating portage resulted in a change
of the default binary packages compressor from bzip2 to zstd. We
eventually will want to follow this change too, but first some scripts
that assume bzip2 will need to be updated. So for now keep using bzip2
to limit the scope of updating portage.
The binpkg-multi-instance feature seems to be about having multiple
binary packages of a single source package, in case those packages
were built with different USE flags and stuff.
So far we have not used this feature, and it looks like that the
update of portage has made this feature to be enabled by default. The
enabling broke the image build, because this feature makes portage to
use a bit different directory structure to store binary packages. So
instead of storing sys-devel/gcc binary package in
${PKGDIR}/sys-devel/gcc-${VERSION}.tbz2, the binary package is stored
in ${PKGDIR}/sys-devel/gcc/gcc-${VERSION}-${BUILD_ID}.xpak.
Maybe we could consider using this feature at some point in future,
but for now disable it to keep building things working.
So far we have been modifying the ebuild file to make rsync-verify to
be disabled by default instead of enabled by default as it's done by
upstream ebuild.
This will allow us to remove another modification from portage ebuild
and eventually move sys-apps/portage to portage-stable.
The package installs a default repos.conf in
/usr/share/portage/config/repos.conf. Normally it contained a default
configuration for gentoo repository, but we have a modification in the
ebuild that clobbers the contents of the file with a comment
line. Which means that this configuration file is empty. We do so,
because we are putting our own configuration in /etc anyway.
To minimize the amount of modifications put into the ebuild, we can
add /usr/share/portage/config/repos.conf into INSTALL_MASK. This is
one modification less and it's putting us closer to moving
sys-apps/portage to portage-stable.
According to sshd_config manual, only lines starting with a hash and
empty lines are treated as comments. Which means that comments coming
after the key value pairs are not really comments and sshd complains
about them like:
/etc/ssh/sshd_config line 6: keyword PrintLastLog extra arguments at end of line
/etc/ssh/sshd_config line 7: keyword PrintMotd extra arguments at end of line
/etc/ssh/sshd_config: terminating, 2 bad configuration options
Sort the use flags, drop obsolete ones and nonexistent packages, drop
unnecessary accept keywords file (as it would potentially introduce a
version mismatch between amd64 and arm64).
