mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 10:27:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,572 Commits 632 Branches 394 Tags 167 MiB
cf28added0
Commit Graph

10572 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lukas Stockner
46ff05ed65 Update changelog 
Co-authored-by: Kai Lüke <pothos@users.noreply.github.com>
 2022-10-11 11:23:32 +02:00
Krzesimir Nowak
f3a354c8d1 sys-apps/dbus: Apply Flatcar modifications 2022-10-10 11:59:12 +02:00
Krzesimir Nowak
0d9aaf7b05 sys-apps/dbus: Sync with Gentoo 
It's from Gentoo commit 42b645e918ddd5fd999926bc8c0a417a9f8c3be4.
 2022-10-10 11:59:12 +02:00
Krzesimir Nowak
5be55ae97d profiles: Add accept keywords for app-editors/{vim,vim-core} 2022-10-10 11:29:55 +02:00
Krzesimir Nowak
48bf9a6645 app-editors/{vim,vim-core}: Move back to portage-stable 2022-10-10 11:29:34 +02:00
Krzesimir Nowak
de55948ac3 profiles: Disable python stuff for dev-libs/libxslt 
The libxslt upstream fixed their python bindings, so they are not
python2 only. Gentoo then started to build them. Since we have fared
well so far without the bindings, keep on not building them.
 2022-10-10 10:28:26 +02:00
Krzesimir Nowak
1d3daed50a profiles: Update accept keywords for dev-util/bpftool 
Bpftool 5.18.11 is gone from portage-stable, 5.19.2 is the new stable
version for amd64. There's still no keyword for arm64, so we need to
keep the entry in the profiles for arm64.
 2022-10-10 10:14:20 +02:00
Krzesimir Nowak
501c6ca99c profiles: Drop accept keywords for dev-libs/libxml2 
The updated package became stable for both amd64 and arm64.
 2022-10-10 10:05:46 +02:00
Flatcar Buildbot
d4ead663b9 dev-lang: Upgrade Go 1.18.6 to 1.18.7 2022-10-10 07:54:23 +00:00
Lukas Stockner
74ee472821 Enable nf_conntrack_bridge and nft_meta_bridge kernel modules 
This allows to use conntrack rules for bridges in nftables
and to match on bridge interface names.
 2022-10-07 15:56:07 +02:00
Krzesimir Nowak
948fe706ff Merge pull request #2205 from flatcar/linux-5.15.72-main 
Upgrade Linux Kernel in main from 5.15.71 to 5.15.72
 2022-10-07 14:34:51 +02:00
Flatcar Buildbot
7294ee7abe sys-kernel: Upgrade Kernel 5.15.71 to 5.15.72 2022-10-06 07:32:31 +00:00
Krzesimir Nowak
5b670a5504 Merge pull request #2195 from flatcar/linux-5.15.71-main 
Upgrade Linux Kernel in main from 5.15.70 to 5.15.71
 2022-10-06 09:04:22 +02:00
Jeremi Piotrowski
4f01a18c37 profile/coreos/arm64: switch parent profile to 17.0/hardened 
This was left as a 'TODO', but finally showed up when building the arm64 SDK.
The generic parent profile caused arm64 SDK (but also production images) to
have several USE flags missing, most importantly acl. Without acl, `usermod -m`
fails to correctly copy skeleton files when creating a new user.

Switch to parent profile to one matching the amd64 parent profile, which brings
the two arches closer together.
 2022-10-05 16:40:11 +02:00
Flatcar Buildbot
fd4783ca0a sys-kernel: Upgrade Kernel 5.15.70 to 5.15.71 2022-10-05 14:54:26 +02:00
Krzesimir Nowak
13e9213d84 Merge pull request #2180 from flatcar/krnowak/dev-util-update 
Development utilities update
 2022-10-05 11:32:37 +02:00
Krzesimir Nowak
2418d19906 Merge pull request #2198 from flatcar/krnowak/bump-init 
coreos-base/coreos-init: Bring in the port customization changes
 2022-10-04 16:39:01 +02:00
Krzesimir Nowak
aa403ffeea changelog: Add an entry 2022-10-04 16:37:41 +02:00
Krzesimir Nowak
2e726adb32 coreos-base/coreos-init: Bring in the port customization changes 2022-10-04 15:07:17 +02:00
Krzesimir Nowak
ff6227115d coreos-base/hard-host-depends: Drop dev-util/scons 
There isn't anything that uses scons, so drop it from SDK.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
ade775850b coreos/config: Drop overrides for dev-util/dialog 
It's not packaged in neither in overlay nor in portage-stable.
 2022-10-04 14:52:10 +02:00
Dongsu Park
70e0da0687 dev-util/bsdiff: Apply Flatcar modifications 
Apply existing Flatcar changes on top of vanilla Gentoo ebuilds:
- add arm64 keyword
- apply the sais patch
- fix a heap overflow vulnerability in bspatch included in bsdiff.

Originally the security issue was published as [FreeBSD-SA-16:29](https://www.freebsd.org/security/advisories/FreeBSD-SA-16:29.bspatch.asc),
which pointed to a FreeBSD [patch](https://security.freebsd.org/patches/SA-16:29/bspatch.patch).
However, the patch was a set of huge changes including other unrelated
changes. That's why it was not simple at all to apply the patch to
bsdiff. Both Gentoo and Flatcar have not included the fix.

Fortunately X41 D-SEC [examined](https://www.x41-dsec.de/security/news/working/research/2020/07/15/bspatch/)
the issue again, and nailed down to a simple patch that can be easily
applied to other trees. We simply take the patch with minimal changes.

See also [CVE-2020-14315](https://nvd.nist.gov/vuln/detail/CVE-2020-14315).

It is based on the following commits:

[4ee6aa895a02](https://github.com/kinvolk/coreos-overlay/commit/4ee6aa895a02) ("Add arm64 keywords")
[60d47e7359d1](https://github.com/kinvolk/coreos-overlay/commit/60d47e7359d1) ("Change suffix sort to sais-lite")
[7d3ac2a049dd](https://github.com/kinvolk/coreos-overlay/commit/7d3ac2a049dd) ("fix heap overflow vulnerability CVE-2020-14315")
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
e358a89307 dev-util/bsdiff: Sync with Gentoo 
It's from Gentoo commit 98ef629ba44e42abf5dd75e2e2c44994d85bc409.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
e64412782e profiles: Drop outdated or redundant USE flags for dev-util/perf 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
a8f0638d7f profiles: Drop accept_keywords for dev-util/perf 
Updated package is stable for both amd64 and arm64.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
f8fac84130 profiles: Drop accept_keywords for dev-util/pahole 
Updated package is stable for both amd64 and arm64.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
0d7e9d0971 profiles: Drop cmake from provided packages 
It should cross-compile just fine, but let's see if it ends up being
on the production image.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
0a6a8aa7d4 profiles: Drop keywords for dev-util/checkbashisms 
The updated package is stable for both amd64 and arm64.
 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
aa36317220 profiles: Update keywords for dev-util/bpftool 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
b22334fd58 coreos/config: Drop fixes for cmake 2022-10-04 14:52:10 +02:00
Krzesimir Nowak
678d0788ef Merge pull request #2189 from flatcar/krnowak/update-and-fill 
Profiles and environment overrides for packages refresh
 2022-10-04 10:19:42 +02:00
Jeremi Piotrowski
997a141446 Merge pull request #2196 from flatcar/jepio-fix-kernel-stacktrace 
sys-kernel/coreos-module: use strip-debug instead of strip-unneeded
 2022-10-04 08:32:22 +02:00
Jeremi Piotrowski
1b3ddd7133 changelog: add entry for coreos-modules strip change 2022-09-30 13:10:04 +02:00
Jeremi Piotrowski
aa7aa7f13c sys-kernel/coreos-module: use strip-debug instead of strip-unneeded 
With `--strip-unneeded` some static symbols are also stripped from modules, making stacktraces
incomplete, and making it harder to debug kernel issues. Switch to the default setting of
`--strip-debug`, which keeps symbols intact and does not appear to lead to a measurable
size increase of the /usr partition.
 2022-09-29 15:34:40 +02:00
Krzesimir Nowak
d39991c538 coreos/config: Drop linking workarounds for net-misc/curl 
Let's see if those are fixed by now.
 2022-09-29 11:58:11 +02:00
Krzesimir Nowak
8a0db2516b profiles: Drop accept keywords for net-fs/cifs-utils 
The updated package is stable for both amd64 and arm64.
 2022-09-29 11:58:11 +02:00
Krzesimir Nowak
5d556e801f profiles: Update keywords and unmask for new version of dev-vcs/git 2022-09-29 11:58:11 +02:00
Krzesimir Nowak
8400b95681 profiles: Drop accept keywords for sys-devel/crossdev 
The updated package is stable for both amd64 and arm64.
 2022-09-29 11:58:11 +02:00
Krzesimir Nowak
e84867785e Merge pull request #2140 from flatcar/krnowak/vim-update 
Update vim to v9.0.0469
 2022-09-29 11:18:54 +02:00
Mathieu Tortuyaux
acdc6ca870 Merge pull request #2187 from flatcar/tormath1/ign-converter 
sys-apps/ignition: rework ignition patches
 2022-09-27 11:58:29 +02:00
Mathieu Tortuyaux
a8a793fa94 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-09-27 11:48:00 +02:00
Mathieu Tortuyaux
3e50a7fd12 sys-apps/ignition: rework ignition patches 
`ign-converter` is now part of the Ignition codebase, it should ease the
maintaining of these patches.

Only the v24tov31 translation (and its tests) has been ported to the codebase.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-09-27 11:48:00 +02:00
Dongsu Park
5e7729a745 Merge pull request #2185 from flatcar/linux-5.15.70-main 
Upgrade Linux Kernel in main from 5.15.67 to 5.15.70
 2022-09-27 09:09:07 +02:00
Krzesimir Nowak
204a54bb76 Merge pull request #2186 from flatcar/krnowak/revert-old-lts-workarounds 
.github: Revert old lts workarounds
 2022-09-26 15:07:48 +02:00
Krzesimir Nowak
610c41bcc5 .github: Partially revert some changes 
It partially reverts commits 9ecbd31df40e8cf4361db7f638c089e4df3dc503
and 1b08c65f7b5797dd153898f148b98429feeacd2c. The reverted parts were
workarounds for old LTS, which used to have no run_sdk_container
stuff.
 2022-09-26 14:43:36 +02:00
Krzesimir Nowak
4e4d0891e9 Revert ".github: make each apply script take parameters CHECKOUT_SCRIPTS" 
This reverts commit f008fb5883afee1d83d636a06cc9c9b192705793.

This was introduced for old LTS that didn't use submodules in
scripts. Now it's backported, so this workaround is not needed.
 2022-09-26 14:38:23 +02:00
Flatcar Buildbot
bc5705c6e0 sys-kernel: Upgrade Kernel 5.15.67 to 5.15.70 2022-09-24 07:26:04 +00:00
Krzesimir Nowak
4337abdd9a Merge pull request #2166 from flatcar/krnowak/fix-emerge-gitclone-developer-channel 
coreos-base/emerge-gitclone: Bring in a fix for developer channel
 2022-09-21 12:26:01 +02:00
Krzesimir Nowak
48b79af088 coreos-base/emerge-gitclone: Bring in a fix for developer channel and builds 
For the main branch (so for nightly builds) the group in
`/usr/share/flatcar/update.conf` is not "main", but "developer". This
needs a small translation when turning it into a channel
information. Without that, we are trying to checkout a nonexistent tag
named `developer-3363.0.0-…` instead of `main-3363.0.0-…`, which
fails.

In developer builds version string contains version numbers and a
build ID with plus symbol sitting between them. Git tags are formatted
in similar way, but with a dash, instead of plus. Thus the plus needs
to be replaced to obtain a proper git tag.
 2022-09-20 16:34:33 +02:00
Krzesimir Nowak
13b9fa8c06 Merge pull request #2173 from flatcar/krnowak/bump-cloudinit 
coreos-base/coreos-cloudinit: Bump to latest commit
 2022-09-20 16:27:12 +02:00