mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-19 05:21:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,551 Commits 625 Branches 394 Tags
Commit Graph

9551 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Flatcar Buildbot
8375a98a76 sys-kernel: Upgrade Kernel 5.10.43 to 5.10.45 2021-06-19 07:12:03 +00:00
Iago López Galeiras
9a5b486219 Merge pull request #1055 from kinvolk/iaguis/remove-nnp-patch 2021-06-15 16:57:35 +02:00
Sayan Chowdhury
b1414fdcf1 Merge pull request #1053 from kinvolk/linux-5.10.43-main 
Upgrade Linux Kernel in main from 5.10.42 to 5.10.43
 2021-06-15 12:46:56 +05:30
Iago Lopez Galeiras
3f354a1114 app-emulation/docker: disable SELinux 
We disable SELinux because Flatcar doesn't properly support it and it
was causing labeling problems when running runc containers with
NoNewPrivileges or seccomp.
 2021-06-14 16:23:00 +02:00
Iago Lopez Galeiras
9b18f05723 app-emulation/runc: remove patches disabling NNP and seccomp 
These were included as a workaround for SELinux issues on Flatcar.
However, they also disable NoNewPrivileges and seccomp support, which
reduces security.

Instead, we'll disable SELinux support in the Docker daemon in the next
commit.
 2021-06-14 16:22:55 +02:00
Flatcar Buildbot
5575a1bc42 sys-kernel: Upgrade Kernel 5.10.42 to 5.10.43 2021-06-11 07:12:11 +00:00
Sayan Chowdhury
b6435d8d5a Merge pull request #1047 from kinvolk/linux-5.10.42-main 
Upgrade Linux Kernel in main from 5.10.41 to 5.10.42
 2021-06-11 11:00:55 +05:30
Dongsu Park
7632c0af3a Merge pull request #1049 from kinvolk/go-1.16.5-main 
Upgrade Go in main from 1.16.4 to 1.16.5
 2021-06-07 17:22:31 +02:00
Flatcar Buildbot
93e421ae8b dev-lang: Upgrade Go 1.16.4 to 1.16.5 2021-06-07 07:58:17 +00:00
Dongsu Park
8bfbc7f5e7 Merge pull request #1041 from kinvolk/dongsu/update-torcx-crypto-net 
app-arch/torcx: update crypto and net, fix build issues
 2021-06-03 17:19:12 +02:00
Flatcar Buildbot
a40e21c292 sys-kernel: Upgrade Kernel 5.10.41 to 5.10.42 2021-06-03 07:40:08 +00:00
Dongsu Park
84a931cb50 app-arch/torcx: update to 0.2.0-r4 
Pulls in https://github.com/kinvolk/torcx/pull/10 .

It is mainly to address security issues like CVE-2020-29652 and
CVE-2021-31525 .
 2021-06-01 10:29:08 +02:00
Dongsu Park
39b7edb4b2 app-arch/torcx: fix Go import path 
Go import path of torcx has changed from coreos to flatcar-linux,
aef371c76b

So we need to fix the import path also in torcx ebuilds.
Otherwise build will simply fail due to wrong import paths.
 2021-06-01 10:27:45 +02:00
Dongsu Park
54735b6a95 Merge pull request #1035 from kinvolk/dongsu/libxml2-2.9.12 
profiles: accept keywords ~amd64 and ~arm64 for libxml2 2.9.12-r2
 2021-06-01 09:29:31 +02:00
Sayan Chowdhury
4263631db6 Merge pull request #1040 from kinvolk/linux-5.10.41-main 
Upgrade Linux Kernel in main from 5.10.39 to 5.10.41
 2021-05-31 12:57:41 +05:30
Flatcar Buildbot
16228d8bd4 sys-kernel: Upgrade Kernel 5.10.39 to 5.10.41 2021-05-29 07:40:07 +00:00
Dongsu Park
252216b14c profiles: accept keywords ~amd64 and ~arm64 for libxml2 2.9.12-r2 2021-05-27 17:16:37 +02:00
Mathieu Tortuyaux
877433ad0c Merge pull request #1029 from kinvolk/tormath1/bump-update-engine 
coreos-base/update_engine: bump commit ID
 2021-05-27 16:37:16 +02:00
Mathieu Tortuyaux
85d52f1711 coreos-base/update_engine: bump commit ID 
related to https://github.com/kinvolk/update_engine/pull/9

Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
 2021-05-27 16:27:29 +02:00
Dongsu Park
71eeaa90cc Merge pull request #1023 from kinvolk/dongsu/openssh-8.6 
net-misc/openssh: update to 8.6
 2021-05-27 11:49:07 +02:00
Sayan Chowdhury
bbd4ea5e30 Merge pull request #1028 from kinvolk/linux-5.10.39-main 
Upgrade Linux Kernel in main from 5.10.38 to 5.10.39
 2021-05-24 21:12:16 +05:30
Flatcar Buildbot
9fe59c8e35 sys-kernel: Upgrade Kernel 5.10.38 to 5.10.39 2021-05-23 07:14:37 +00:00
Kai Lüke
60f34fe8b9 net-misc/openssh: Apply Flatcar changes 
- Drop the init.d files.
- Remove the socket unit's rate limiting.

Instead of dropping bindist, enable it with the profiles now so it
doesn't need to be modified on future updates.

Imported commit 6c0c1c8806bedcc164e5bd3541ab50b2c21e2498 .
 2021-05-21 14:11:40 +02:00
Dongsu Park
cf2b332856 profiles: accept openssh 8.6_p1-r1 for both amd64 and arm64 2021-05-21 14:11:40 +02:00
Dongsu Park
0e66a70f6a net-misc/openssh: update to 8.6_p1, sync with Gentoo 
Update net-misc/openssh to 8.6_p1, by syncing with upstream Gentoo.
 2021-05-21 14:11:40 +02:00
Dongsu Park
1f9c794749 Merge pull request #1022 from kinvolk/sayan/update-binutils-2.36 
profiles,sys-boot: fix grub2 for binutils 2.36
 2021-05-21 10:04:43 +02:00
Dongsu Park
430a8eafcc Merge pull request #1006 from kinvolk/containerd-1.5.1-main 
Upgrade Containerd in main from 1.4.4 to 1.5.2
 2021-05-21 09:28:10 +02:00
Dongsu Park
80e8ad9b35 Merge pull request #1021 from kinvolk/runc-1.0.0_rc95-main 
Upgrade Runc in main from 1.0.0_rc93 to 1.0.0_rc95
 2021-05-21 09:27:23 +02:00
Kai Lüke
4272466762 Merge pull request #1020 from kinvolk/linux-5.10.38-main 
Upgrade Linux Kernel in main from 5.10.37 to 5.10.38
 2021-05-20 16:48:48 +02:00
Dongsu Park
5700fa12e6 app-emulation/containerd: update to 1.5.2 2021-05-20 15:57:16 +02:00
Dongsu Park
e63de2ea31 app-emulation/containerd: set GOFLAGS to -mod=vendor 
Since containerd 1.5 started to turn on Go module, we need to pass
`-mod=vendor` to the go build command.
Otherwise, go build will fail because it would try to fetch missing
go deps from remote repos. It would not work inside of sandbox.

We cannot set `COREOS_GO_MOD=vendor` because containerd ebuild calls
`emake` instead of `go_build`.
 2021-05-20 15:56:39 +02:00
Flatcar Buildbot
8a0da2857b app-emulation: Upgrade Containerd 1.4.4 to 1.5.1 2021-05-20 14:13:45 +02:00
Dongsu Park
63031a2ebc app-emulation/docker-runc: adjust patches for 1.0.0-rc95 2021-05-20 14:07:09 +02:00
Flatcar Buildbot
b02b5cd0e6 app-emulation: Upgrade Runc 1.0.0_rc93 to 1.0.0_rc95 2021-05-20 13:43:39 +02:00
Dongsu Park
67b3af83f3 Revert "app-emulation/docker-runc: Embargoed patch for CVE-2021-30465" 
This reverts commit 66f77b50879dded97b48c8f95277f18c6089022c.
 2021-05-20 13:43:39 +02:00
Dongsu Park
447212cb30 sys-boot/grub: fix build error with binutils 2.36 
With binutils 2.36, build of grub fails like that:

```
ld: section .note.gnu.property VMA [0000000000400158,0000000000400187]
overlaps section .bss VMA [000000000000e000,000000000041d207]
```

It is caused by assembler, as it generates the GNU property notes section
by default. Use the assmbler option `-mx86-used-note=no` to disable the
section from being generated to workaround the ensuing linker issue.

Patch was originally written by OpenSUSE.

https://sourceware.org/bugzilla/show_bug.cgi?id=27377
https://bugzilla.opensuse.org/show_bug.cgi?id=1181741
https://build.opensuse.org/package/view_file/Base:System/grub2/0001-Fix-build-error-in-binutils-2.36.patch
 2021-05-20 09:27:49 +02:00
Sayan Chowdhury
1f7935ec72 profiles: Update the package accept_keywords 
Signed-off-by: Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
 2021-05-20 09:25:30 +02:00
Dongsu Park
fffa7c216d Merge pull request #1004 from kinvolk/firmware-20210511-main 
Upgrade Linux Firmware in main from 20210315 to 20210511
 2021-05-20 09:20:52 +02:00
Dongsu Park
58ed505831 sys-kernel/coreos-firmware: fix broken symlinks to cxgb4 firmware files 
Since coreos-firmware 20210511, `cxgb4/t[4-6]fw*.bin` files have a new
version '1.25.4.0'. We need to update the file name pointed by symlinks.
Otherwise build fails due to broken symlinks.
 2021-05-20 09:18:49 +02:00
Flatcar Buildbot
aa5a113a3a sys-kernel: Upgrade Linux Firmware 20210315 to 20210511 2021-05-20 09:18:49 +02:00
Flatcar Buildbot
cbc07cd946 sys-kernel: Upgrade Kernel 5.10.37 to 5.10.38 2021-05-20 07:14:42 +00:00
Kai Lüke
9d8aa1a9a9 app-emulation/docker-runc: Embargoed patch for CVE-2021-30465 2021-05-19 22:52:27 +02:00
Dongsu Park
d7dbc6dde7 Merge pull request #997 from kinvolk/rust-1.52.1-main 
Upgrade dev-lang/rust in main from 1.51.0 to 1.52.1
 2021-05-17 19:37:30 +02:00
Dongsu Park
116fec4eef Merge pull request #1011 from kinvolk/linux-5.10.37-main 
Upgrade Linux Kernel in main from 5.10.34 to 5.10.37
 2021-05-17 16:19:14 +02:00
Kai Lüke
75a48c3159 Merge pull request #1008 from kinvolk/kai/networkd-unmanaged-lo 
network: don't manage the loopback interface
 2021-05-17 16:05:22 +02:00
Kai Lüke
9f796021f9 sys-kernel/bootengine: network, don't manage the loopback interface 
This pulls in a change in the systemd network unit to ignore the
loopback interface instead of managing its state which sometimes causes
the address to be lost.
https://github.com/kinvolk/bootengine/pull/24
 2021-05-17 15:30:48 +02:00
Kai Lüke
5916bfbfa9 coreos-base/coreos-init: systemd/network, don't manage the loopback interface 
This pulls in a change in the systemd network unit to ignore the
loopback interface instead of managing its state which sometimes causes
the address to be lost.
https://github.com/kinvolk/init/pull/40
 2021-05-17 15:30:47 +02:00
Kai Lüke
81926e26ae Merge pull request #1007 from kinvolk/kai/detect-device-mapper 
coreos-base/coreos-init: flatcar-install, detect device mapper usage
 2021-05-17 14:29:07 +02:00
Dongsu Park
7c9ce6658a Merge pull request #1014 from kinvolk/sayan/update-nvidia-460.73.01 
x11-drivers/nvidia-{drivers,metadata}: Update the version to 460.73.01
 2021-05-17 13:34:48 +02:00
Kai Lüke
18be162b54 coreos-base/coreos-init: flatcar-install, detect device mapper usage 
This pulls in a behavior change in the flatcar-install script to
detect if a disk is used through a device mapper entry when searching
for free disks with -s.
https://github.com/kinvolk/init/pull/39

Fixes https://github.com/kinvolk/Flatcar/issues/332
 2021-05-17 12:39:22 +02:00