We added a new https certificate on the new update service and changed
the hostname to be consistent with all of the other endpoints. Update
the new images to use this.
The old URL http://public.roller.core-os.net will remain working until
all of the old client have been updated.
Fix to create .ssh directory before the authorized_keys file.
The option -k renamed to -a to match another scripts.
Added verification if the VBoxManage exists.
The extra "dependency check" doesn't appear to be all that useful, so
don't waste time on it. Remove some unused command line options for
selecting which packages to build. Use new board-packages ebuild which
currently just includes 'coreos' and 'coreos-dev' but later can include
extra things like 'python-oem' which doesn't land in the base image.
Installing to a temporary directory and then copying over the final
contents of /usr/share/oem allows more complicated OEM packages such as
python to be configured with --prefix=/usr/share/oem while previously
the atypical use of ROOT=/usr/share/oem would have complicated things.
This can be used by update_engine as a quick test to determine if it is
running on a system that it can handle. This avoids needing something
like the 'coreos.diskless' kernel command line flag.
If QEMU is given a uuid systemd will detect that and in turn use it for
the machine-id. This made the bug causing the machine-id to be always
re-generated on boot harder to notice since it didn't happen on QEMU.
This makes build_image and image_to_vm behave like build_packages, where
if you call the script outside of the SDK's chroot it will automatically
reexecute itself inside of the chroot.
Taking a bit of a new approach to booting PXE images here for both
amd64-generic and amd64-usr. Instead of requiring the user to specify
squashfs and tmpfs on the kernel command line we can simply provide
defaults in the initrd's fstab.
The commands useradd/usermod will silently skip adding users to
secondary groups that are not in /etc/group. The idea being that the
tools should not create groups that conflict with existing LDAP/NIS
groups but why trying to do so isn't a fatal error I don't know.
Overall the code is rather complicated and tries to modify instead of
add when possible to allow running the SDK as the 'core' user. To keep
things simple gut this code, make the 'core' user special, and add
secondary groups via the 'gpasswd' command so that errors are reported
instead of silently ignored.
One functional change: the default groups have changed to kvm and
portage. The old list excluded kvm and included lots of extra cruft.
