mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-04-19 12:32:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,837 Commits 647 Branches 423 Tags
Commit Graph

34837 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Krzesimir Nowak
c5efcd696d overlay sys-libs/libsemanage: Move to portage-stable 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
01c453103b overlay coreos/config: Add Flatcar modifications for sys-libs/libsemanage 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
08870146fd overlay profiles: Allow python for sys-libs/libselinux 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
1df1df22c1 overlay profiles: Disable caps for smartmontools 
The USE=caps is only relevant for smartd, which we are not building
anyway.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
a6b5aa6dc4 overlay profiles: Drop enabling caps and audit USE flags for specific packages 
selinux profile enables the USE flags for all of them.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
d64475a947 overlay profiles: Mask python and perl USE flags for generic images 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
862ca0164c overlay profiles: Clean up selinux enabling 
Not needed given that we have switched to selinux profile, which
enables selinux USE.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
83d8f655f9 .github: Add newly added policy packages to automation 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
7ed13d9f00 overlay coreos/user-patches: Add symlinks for newly added policy packages 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
18f458a744 sec-policy/selinux-zfs: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b342b6f60a sec-policy/selinux-xfs: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
621ff5e537 sec-policy/selinux-wireguard: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
10cd11e8d7 sec-policy/selinux-virt: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
9c650f91d2 sec-policy/selinux-tcsd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
dca1c34678 sec-policy/selinux-sudo: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
104d4939aa sec-policy/selinux-smartmon: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
f2ffabdb56 sec-policy/selinux-sasl: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
cf4ff86f00 sec-policy/selinux-samba: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
5275b4d396 sec-policy/selinux-rpcbind: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
70a4e9af11 sec-policy/selinux-rpc: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
38be9244bd sec-policy/selinux-quota: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
dcabf69c89 sec-policy/selinux-qemu: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
c097ee9b58 sec-policy/selinux-podman: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
6fb0d1719e sec-policy/selinux-pcscd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
25860828a3 sec-policy/selinux-ntp: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
60b55a477c sec-policy/selinux-mandb: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
5d0507d0ab sec-policy/selinux-makewhatis: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
d50f64d677 sec-policy/selinux-logrotate: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
f4ca50fa4a sec-policy/selinux-loadkeys: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
27e1742668 sec-policy/selinux-ldap: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b667481666 sec-policy/selinux-kerberos: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
6b94a5eefc sec-policy/selinux-kdump: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
0a8d6375dd sec-policy/selinux-gpg: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
8b0d493ade sec-policy/selinux-git: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
b404308efe sec-policy/selinux-dracut: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
c781e4253a sec-policy/selinux-docker: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
17f5c182bd sec-policy/selinux-dnsmasq: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4b49bf26a8 sec-policy/selinux-dirmngr: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4574dafb4e sec-policy/selinux-chronyd: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
9232dc9884 sec-policy/selinux-cdrecord: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
1ab29a18b4 sec-policy/selinux-brctl: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
86d192284e sec-policy/selinux-bind: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
4d2b3f679f sec-policy/selinux-apm: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
fba498d743 sec-policy/selinux-apache: Add from Gentoo 
It's from Gentoo commit 0868350882899927dd40131021bfcf8bd117e77c.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
1ce1c96b6a overlay profiles: Switch to hardened/selinux/systemd profiles 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
98fc61013a overlay coreos/config, profiles: Drop PKG_INSTALL_MASK 
PKG_INSTALL_MASK is for binary packages like INSTALL_MASK is for
${ROOT} - whatever is added to PKG_INSTALL_MASK will be absent from
binary packages. But we may want to install different content to
different kind of images using the same binary packages. For example,
we may want to install some python selinux scripts to developer
container, but not to production image.

I started adding PKG_INSTALL_MASK before, because of a
misunderstanding - I thought that PKG_INSTALL_MASK is about filtering
files that are installed to ${ROOT} from binary packages. So in
reality, PKG_INSTALL_MASK is really unnecessary.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
Krzesimir Nowak
320145c21f save logs 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-03-20 15:12:08 +01:00
flatcar-ci
d380460e85 New version: main-4643.0.0-nightly-20260318-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-03-18 21:00:27 +00:00
Mathieu Tortuyaux
49c4b396bb
Merge pull request #3461 from flatcar/tormath1/amd-gpu 2026-03-18 13:39:31 +01:00
Mathieu Tortuyaux
a47141174b
Merge pull request #3842 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-03-18 13:00:11 +01:00