QEMU is not supported by Afterburn, let's add an extra-check to be sure
that the service will not run on this platform.
On cloud-init provisioned system, units are wrote in '/etc' after a
certain moment, if a unit takes precedence on one in '/usr' the one in
'/usr' would have certainly already started. That's the case for
'coreos-metadata.service' (wrote in '/etc' by cloud-init but already
available in '/usr').
```
$ journalctl -u coreos-metadata.service
Sep 29 07:37:57 localhost systemd[1]: Starting coreos-metadata.service - Flatcar Metadata Agent...
Sep 29 07:37:57 localhost coreos-metadata[1266]: Error: failed to run
Sep 29 07:37:57 localhost coreos-metadata[1266]: Caused by:
Sep 29 07:37:57 localhost coreos-metadata[1266]: 0: fetching metadata from provider
Sep 29 07:37:57 localhost coreos-metadata[1266]: 1: unknown provider 'qemu'
Sep 29 07:37:57 localhost systemd[1]: coreos-metadata.service: Main process exited, code=exited, status=1/FAILURE
Sep 29 07:37:57 localhost systemd[1]: coreos-metadata.service: Failed with result 'exit-code'.
Sep 29 07:37:57 localhost systemd[1]: Failed to start coreos-metadata.service - Flatcar Metadata Agent.
Sep 29 07:37:58 core1 systemd[1]: coreos-metadata.service: Scheduled restart job, restart counter is at 1.
Sep 29 07:37:58 core1 systemd[1]: Stopped coreos-metadata.service - QEMU metadata agent.
Sep 29 07:37:58 core1 systemd[1]: Starting coreos-metadata.service - QEMU metadata agent...
Sep 29 07:37:58 core1 systemd[1]: coreos-metadata.service: Deactivated successfully.
Sep 29 07:37:58 core1 systemd[1]: Finished coreos-metadata.service - QEMU metadata agent.
```
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Starting from gcc 13, it is required to explicitly include cstdint, as
other standard library header files will not include other headers that
were being used internally by the library. So update_engine also has to
explicitly include cstdint to avoid build errors.
Pulls in https://github.com/flatcar/update_engine/pull/27
- remove explicit "-multilib" from prefix keywordsas it is set in
profile
- split heredoc for generating emerge wrapper so we don't need to
escape
- add sys-apps/bubblewrap and virtual/tmpfiles to package update
automation list
- use prefix build fix for libgpg-error from upstream
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
This change adds experimental prefix builds to the Flatcar SDK.
Prefix builds use a custom sys prefix path and emerge all binaries and
runtime dependencies into that prefix.
This path can then e.g. be shipped as a portable sysext since it
includes all dependencies, and has libraries at a custom path so these
do not conflict with libraries on target systems.
Prefix uses a staging environment (path) featuring a full-blown
development environment, and a "final" environment for installing.
Staging and final need to be created using setup_prefix first,
which will also create an emerge wrapper to emerge ebuilds into staging
and subsequently final. The root fs in final may then e.g. be used to
create a distro independent, portable sysext.
Co-authored-by: James Le Cuirot <chewi@gentoo.org>
Co-authored-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Co-authored-by: Thilo Fromm <thilofromm@microsoft.com>
The configs provided by the openssh and Gentoo projects usually keep
everything commented out, meaning that the default values will be
used. On top of that, they will also include snippets in the snippet
directory. As such, start installing the default configs. We only mask
a snippet that defines sftp subsystem, because we provide our own
config snippet from coreos-base/misc-files that defines it.
We will be installing an sshd config snippet instead of replacing the
whole sshd config. In order to pull this off, we need to make sure
that the snippets directory exists and the main sshd config file
actually includes the snippets in the directory.
This commit updates our Flatcar patch with a code that will install an
sshd config snippet instead of editing the main sshd config file if
snippets directory exists.
The sshd config provided by this package is now marked as provided for
compatibility only - it will be there in case there is still a symlink
in /etc pointing to it. The new config snippet will be used by the
enable oslogin stuff in the updated coreos-base/oem-gce package in
following commits.
- Import and update configs for ssh client and daemon from the
flatcar/init repository. These configs have now became snippets that
the main configuration file will include.
- Install a drop-in file for the ssh.socket unit disabling the rate
limiting.
- Install compatibility symlinks in old ssh config locations that will
point to respective files in /usr/share/flatcar/etc.
- Make all these actions optional - openssh USE flag needs to be
enabled. That way, generic images can pull those changes, while SDK
can avoid doing so.
None of these modifications are Flatcar-specific. We are trying to
upstream them in https://github.com/gentoo/gentoo/pull/31615. When
they reach Gentoo, we can move net-misc/openssh to portage-stable.
