This change explicitly calls python3 (instead of python) in pycmd
so portage commands work (as we ship python 2, too, and it's still
the default).
Also, 'static-libs' and 'opempn' are added to the
bootstrap emerge USE flags (stage 3 of the bootstrap-sh script,
which is run in stage 2 of the SDK catalyst bootstrapping process):
- 'static-libs' un-breaks the zlib build: zlib installed has this flag
set and zlib requested per emerge command line in
bootstrap.sh stage 3 needs this flag to prevent a slot conflict.
- 'openmp' is to honor requirements of newer versions of GCC and is
added according to Gentoo guidelines published here:
https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki%27s_EFI_Install_Guide/Building_the_Gentoo_Base_System_Minus_Kernel#Gentoo_Bootstrap_Remix:_Progressing_from_Stage_1_to_Stage_2
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
As Flatcar relies on systemd-networkd for network configurations,
it is not needed to keep dhcpcd in production images at all.
According to the commit
https://github.com/kinvolk/coreos-overlay/commit/9be90f06e838 ,
it was added back in 2014 just because systemd-networkd was not mature
enough. That was already ~7 years ago, so we can safely assume that
the issue had been already gone, so we can simply use systemd-networkd.
Initially I moved the eclass to overlay and modified them there to
avoid making customizations in portage-stable, but for some reason
portage cannot locate these eclasses when building packages from
portage-stable.
This change is to avoid masked packages and resulting fromt that build
failures like:
!!! All ebuilds that could satisfy "x11-misc/makedepend" have been masked.
!!! One of the following masked packages is required to complete your request:
- x11-misc/makedepend-1.0.5::portage-stable (masked by: invalid: DEPEND: USE flag 'ppc-aix' referenced in conditional 'ppc-aix?' is not in IUSE)
Hopefully these customizations will go away once we update the
eclasses and packages that inherit these eclasses.
As `dev-libs/nss` is not used anywhere, let's simply remove nss.
The only ebuild that pulls in is `net-misc/curl`, but only if the USE
flag `nss` is enabled. As the `nss` flag is disabled for curl, we do
not need to keep `dev-libs/nss` at all.
Update dhcpcd to 8.1.9 to address the following security issues:
* CVE-2019-11577
* CVE-2019-11766
Note, dhcpcd is not a standard tool of Flatcar, because by default
networking is configured via systemd-networkd. We update the package
just for potential use cases that still depend on dhcpcd. However,
in the long term, we should not ship dhcpcd in the production images.
