mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-13 00:11:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,386 Commits 600 Branches 413 Tags
Commit Graph

22386 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Crawford
569f038f1f coreos-base/coreos-cloudinit: bump to v1.11.0 2016-05-18 17:11:35 -07:00
Alex Crawford
df4bdcc132 Merge pull request #428 from crawford/dhcp 
net-misc/dhcp: unused and triggering GLSA failures
 2016-05-18 16:54:58 -07:00
Alex Crawford
5e7f339325 net-misc/dhcp: unused and triggering GLSA failures 2016-05-18 16:41:56 -07:00
Michael Marineau
627a2a0cba Merge pull request #1975 from marineam/sha512 
profiles: stop disabling SHA512 password hashes in PAM
 2016-05-18 16:11:28 -07:00
Michael Marineau
3660e2edce profiles: stop disabling SHA512 password hashes in PAM 
Likely inherited from ChromeOS but even for them it is a completely
ridiculous flag to disable. We had SHA512 enabled pre-PAM since shadow
does not have this use flag so this restores previous behavior.
 2016-05-18 16:07:07 -07:00
Michael Marineau
365f488275 Merge pull request #1974 from marineam/gpg 
coreos-init: update gpg key in coreos-install
 2016-05-18 15:36:15 -07:00
Alex Crawford
b966515b82 coreos-base/oem-gce: remove legacy scripts 
Provisioning will be handled by Ignition and coreos-metadata instead.
 2016-05-18 14:59:39 -07:00
Nick Owens
fb53205ed7 Merge pull request #414 from mischief/valgrind 
bump(dev-util/valgrind): sync with upstream
 2016-05-18 14:53:36 -07:00
Nick Owens
e03e275d37 Merge pull request #427 from mischief/dnsmasq 
bump(net-dns/dnsmasq): sync with upstream
 2016-05-18 14:53:11 -07:00
Michael Marineau
82f983f394 coreos-init: update gpg key in coreos-install 2016-05-18 14:52:11 -07:00
Nick Owens
7371086ddf bump(net-dns/dnsmasq): sync with upstream 2016-05-18 14:51:18 -07:00
Alex Crawford
1ee0a6097c Merge pull request #1953 from crawford/google-compute-daemon 
app-emulation/google-compute-daemon: bump to 1.3.2
 2016-05-18 14:37:08 -07:00
Nick Owens
6ca8d8f064 Merge pull request #1967 from mischief/linux-4.6 
Linux 4.6
 2016-05-18 13:40:37 -07:00
Matthew Garrett
38b0befb11 Merge pull request #1965 from mjg59/pam_fix 
sys-auth/pambase: Fall back to pam_deny in auth
 2016-05-18 13:37:04 -07:00
Michael Marineau
31bf99d0e1 Merge pull request #426 from marineam/drop-protobuf-c 
dev-libs/protobuf-c: unused and doesn't build with protobuf 1.6
 2016-05-18 11:16:15 -07:00
Michael Marineau
9bae6636a5 dev-libs/protobuf-c: unused and doesn't build with protobuf 1.6 2016-05-18 11:15:40 -07:00
Michael Marineau
c3b32ec05a Merge pull request #1972 from marineam/drop-protobuf-c 
hard-host-depends: remove protobuf-c, nothing uses it
 2016-05-18 11:14:51 -07:00
Michael Marineau
06b424a5a2 Merge pull request #1971 from marineam/update_engine 
update_engine: update live ebuild for current master
 2016-05-18 11:14:11 -07:00
Michael Marineau
597264ce86 Merge pull request #1973 from marineam/rkt-admin 
rkt: add rkt-admin group, has access to /etc/rkt
 2016-05-18 10:46:20 -07:00
Michael Marineau
8fbd548a87 rkt: add rkt-admin group, has access to /etc/rkt 2016-05-18 06:38:10 -07:00
Michael Marineau
815193f7ba profiles: update protobuf from 1.5 to 1.6 
The newer version is needed for arm64, and need the same version across
all architectures because the build host and target's version must match.
 2016-05-17 23:31:17 -07:00
Michael Marineau
f53b3ffc81 update_engine: add slot dependency for protobuf 
Ensures that update_engine will get rebuilt when protobuf is upgraded.
 2016-05-17 23:21:41 -07:00
Michael Marineau
5db17fb04d hard-host-depends: remove protobuf-c, nothing uses it 2016-05-17 23:01:56 -07:00
Michael Marineau
4292c9852f update_engine: update live ebuild, adding glog and removing libchrome 2016-05-17 22:04:48 -07:00
Michael Marineau
1f96cbc36d update_engine: split live and current stable ebuilds 
Live ebuild needs different dependencies.

Drop invalid arm64 stable keyword, the old revision of update_engine
doesn't build on arm64. It is in package.provided instead.
 2016-05-17 22:04:43 -07:00
Matthew Garrett
6ddc836610 Merge pull request #425 from mjg59/updates 
Update several packages
 2016-05-17 16:49:48 -07:00
Matthew Garrett
9a3c5a9d2e Merge pull request #547 from mjg59/glsa 
Verify GLSA status when building packages
 2016-05-17 16:49:36 -07:00
Matthew Garrett
53756cb093 Merge pull request #1970 from mjg59/remove_dhcp 
coreos-base/coreos-dev: remove dhcp
 2016-05-17 16:49:22 -07:00
Matthew Garrett
39745a7076 coreos-base/coreos-dev: remove dhcp 
New versions of dhcp are difficult to cross build and we don't need it
anyway
 2016-05-17 16:41:58 -07:00
Matthew Garrett
922554303b check_root: Verify that we don't have any applicable GLSA 
Once we've built the packages, verify against the Gentoo Linux Security
Advisories to ensure that we're not shipping anything with known
vulnerabilities.
 2016-05-17 16:39:40 -07:00
Matthew Garrett
9e64bef513 setup_board: create a glsa-check wrapper 
We want to be able to verify that we don't have any vulnerabilities in the
build root, so install a wrapper for glsa-check
 2016-05-17 16:39:40 -07:00
Matthew Garrett
d79a5dcada bump(sys-fs/lvm2): sync with upstream 2016-05-17 16:18:33 -07:00
Matthew Garrett
c3579d9a5a bump(net-misc/rsync): sync with upstream 2016-05-17 16:18:23 -07:00
Matthew Garrett
c317889deb bump(net-analyzer/tcpdump): sync with upstream 2016-05-17 16:18:13 -07:00
Matthew Garrett
25d7460a4c bump(app-crypt/mit-krb5): sync with upstream 2016-05-17 16:17:59 -07:00
Matthew Garrett
bcef1e2350 bump(dev-libs/mpfr): sync with upstream 2016-05-17 16:17:38 -07:00
Nick Owens
f33bc59005 Merge pull request #424 from mischief/glsa 
bump(metadata/glsa): sync with upstream
 2016-05-17 12:38:03 -07:00
Nick Owens
c6199c7c31 Merge pull request #1968 from mischief/rkt-1.6.0 
app-emulation/rkt: v1.6.0
 2016-05-17 11:35:28 -07:00
Nick Owens
f3ef3c1ee1 update_ebuilds: allow glsa sync and ignore metadata if so 2016-05-17 11:30:17 -07:00
Nick Owens
b3c0a24ec7 bump(metadata/glsa): sync with upstream 2016-05-17 11:29:02 -07:00
Nick Owens
5ed74b61d7 app-emulation/rkt: v1.6.0 2016-05-16 15:26:23 -07:00
Nick Owens
3a95c8f18d sys-kernel/coreos-firmware: update to 20160331 2016-05-16 14:55:02 -07:00
Nick Owens
276a7f6d67 sys-kernel/coreos-{sources,kernel}: update to 4.6 2016-05-16 14:55:01 -07:00
Alex Crawford
80d7aed53d app-emulation/google-startup-script: bump to 1.3.2 2016-05-16 14:50:17 -07:00
Alex Crawford
12509babed app-emulation/google-compute-daemon: bump to 1.3.2 2016-05-16 14:50:17 -07:00
Matthew Garrett
0375b81086 Merge pull request #1966 from mjg59/updates 
Update mantle and baselayout to reduce the probability of future disastrous events
 2016-05-16 13:39:57 -07:00
Matthew Garrett
a25497dce5 coreos-devel/mantle: Verify that unauthenticated users can't access CoreOS 
Include a test to ensure that users without valid authentication tokens are
unable to log into CoreOS
 2016-05-16 13:36:03 -07:00
Matthew Garrett
3ba6985d62 sys-apps/baselayout: Remove login shell for operator user 2016-05-16 13:36:03 -07:00
Matthew Garrett
3865f77ecd sys-auth/pambase: Fall back to pam_deny in auth 
Setting pam_unix and pam_sss to sufficient means that if both fail,
control will be passed to the following pam module. If this is
pam_permit then permission will be granted even if the previous modules
failed. Switch to pam_deny and require it rather than permitting it to
be optional - if sss or unix succeed, we'll jump out before we get to
this point.
 2016-05-15 21:12:57 -07:00
Nick Owens
a593ed52ff bump(sys-libs/libseccomp): sync with upstream 2016-05-15 18:13:14 -07:00