Vagrant users are accustomed to much larger disk sizes so lets give it
to them. I'm leaving the others as-is since it is easier to grow than
shrink disks if anyone has a particular size they need.
Use the smaller base format for 'raw' disk images since these will
usually be dd'd to a block device to create AMIs and what not. For
images using qcow2 and vmdk stick with the larger vm size.
baselayout no longer depends on openrc upstream so remove our
openrc/efunctions use flag and dependency. Depend on efunctions in
coreos-base instead.
Remove os-release and roll back gentoo-release since customizing them is
now handled by the set_lsb_release.
This builds the kernel as an EFI image, allowing it to be booted
directly by UEFI bioses. It also enables the efivars and efivarfs
modules so that EFI variables can be accessed properly when booted in
EFI mode.
This reverts commit b97cfe126f0934d1505e352e17f15d580879d3cc.
The minor device numbers of loop partitions are allocated dynamically
which significantly complicates dunning under Docker which uses a static
/dev. Rolling this back until we can rely on /dev being dynamic.
If git is installed via coreos-dev in the STATE partition it will need
some help finding its install location since it was built thinking it
would be installed in /usr rather than /usr/local.
If the user already exists check that the UID and GID are correct and
modify it (setting shell and home directory) to match what the SDK
expects. This avoids needlessly failing if the user calling cros_sdk is
the 'core' user on a CoreOS machine.
Change new-user creation to copy the user's full name and group instead
of using a generic name and Google's 'eng' group. Also remove the
default password for the account, it isn't needed and uses perl.
opencryptoki sometimes fails to build by trying to install something to
/var/lock which is a symlink to /run but the SDK makes no promise that
/run is mounted and populated. Instead of fixing the ebuild just drop it
and tpm-tools which depends on it since we don't actually need them.
Pair down the old unused sysctl.conf do what is useful for us and
install it into /usr/lib/sysctl.d for systemd to handle.
Installing /srv in the SDK does no harm so do so.
EAPI=5 because, better.
This duplicates sys-apps/baselayout so don't bother. Probably left over
from when baselayout wasn't properly installed with the 'build' use flag
to initialize the filesystem tree.
Remove the following unused users/groups:
- core-access
- polkituser
- pkcs11
- ipsec
- tor
- tcpdump
- debugd
- openvpn
- input
Add groups:
- docker (new group, for things like access to docker socket)
- systemd-journal (exists in sdk, not images. for journal log access)
- dialout (exists in sdk, required by default udev rules)
The core user has access to docker and systemd-journal.
The udev rules are required on our system and refer to non-existent
groups causing udev to spew a bit of useless noise on boot.
The profile.d scripts don't do anything at all.
