mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,951 Commits 625 Branches 396 Tags
Commit Graph

6320 Commits

Author SHA1 Message Date
Kai Lüke
dd0138a9c8 sys-kernel: Include patch for overflow in tpacket_rcv 
A memory corruption vulnerability in AF_PACKET causes the kernel to
panic or enter undefined behavior, tracked as CVE-2020-14386.
While the proposed patch is not included in an upstream release,
include it as downstream patch.
Further information and PoC:
https://www.openwall.com/lists/oss-security/2020/09/03/3
 2020-09-04 18:33:16 +02:00
Margarita Manterola
938a2b6fee Revert "sys-kernel/coreos-sources: fix vdso32 build for arm" 
This reverts commit 02a187d087c6425345e1b92bc09c1c4276651a4c.

This change is now applied upstream and we no longer need to carry a
separate patch.
 2020-09-04 17:39:28 +02:00
Flatcar Buildbot
178427ca9e sys-kernel: Upgrade coreos-kernel 5.4.61 to 5.4.62 2020-09-04 07:23:07 +00:00
Dongsu Park
18f00becb5 .github: update Go version 1.15 
Update the default Go version to 1.15.
 2020-09-02 14:50:02 +02:00
Dongsu Park
c174819731 dev-lang/go: Update the default Go version to 1.15 
Now that Go [1.15](Go://go.googlesource.com/go/+/refs/tags/go1.15) has
been released, we should update the default Go version to 1.15.
Since the [EINTR issue](https://github.com/golang/go/issues/38033) was
fixed in 1.15, we can simply move from 1.13 to 1.15.

On the other hand, we should not add 1.14, as the
[EINTR bug fix](https://go-review.googlesource.com/c/go/+/232862/) was
not backported to 1.14.
 2020-09-02 14:50:02 +02:00
Thilo Fromm
3605185e08 coreos-init: add new subkey rsa4096/FCBEAB91 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-09-02 10:58:43 +02:00
Vincent Batts
a73bf603f3 Revert "sys-kernel: allow fips mode to be enabled" 
This reverts commit b5e1ce2bc48117bb56d9d992d5611da24c075b95.

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
 2020-08-31 13:00:52 -04:00
Kai Lüke
1f6a73511e Merge pull request #542 from flatcar-linux/kai/updating-packages 
README.md: Document how	to update packages
 2020-08-31 12:41:27 +02:00
Thilo Fromm
e88f0a0575 sys-kernel/coreos-sources: fix vdso32 build for arm 
This change adds kernel 5.9 upstream patch
https://lore.kernel.org/linux-arm-kernel/20200827234012.19757-1-fllinden@amazon.com/
which fixes a vdso build error on ARM.

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-31 10:24:26 +02:00
Vincent Batts
9eb0c12548 sys-kernel: allow fips mode to be enabled 
With this kernel config, users can boot with fips=1 set in
`/usr/share/oem/grub.cfg`:
```
set linux_append="fips=1"
```

Which triggers various behaviors, for FIPS 200 certification.

with this config compiled in, and that boot parameter, users can can
that fips is enabled with:
```
flatcar ~ # cat /proc/sys/crypto/fips_enabled
1
```

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
 2020-08-27 22:12:26 -04:00
Thilo Fromm
8df0c7ae3d Merge pull request #550 from flatcar-linux/linux-5.4.61-main 
Upgrade Linux Kernel in main from 5.4.59 to 5.4.61
 2020-08-27 19:12:16 +02:00
Thilo Fromm
117c872148 Merge pull request #552 from flatcar-linux/dongsu/open-vm-tools-11.1.5 
app-emulation/open-vm-tools: update to 11.1.5
 2020-08-27 19:11:25 +02:00
Krzesimir Nowak
63813d3706 Merge pull request #546 from flatcar-linux/krnowak/fix-rules 
Fix udev rules in mdadm and lvm2
 2020-08-27 16:11:57 +02:00
dongsu@kinvolk.io
ccaf2d76b8 app-emulation/open-vm-tools: bump to 11.1.5 
Update open-vm-tools 11.1.5,
https://github.com/vmware/open-vm-tools/releases/tag/stable-11.1.5 .
Update also the build number to 16724464.
 2020-08-27 13:37:41 +02:00
dongsu@kinvolk.io
ff384ca963 coreos-base/oem-vmware: update to 11.1.5 
Update oem-vmware to 11.1.5, corresponding to the update of
open-vm-tools to 11.1.5.
Update URL to flatcar-linux.
 2020-08-27 13:37:41 +02:00
Sayan Chowdhury
07dbbcdf9d Merge pull request #551 from flatcar-linux/sayan/bump-etcd-etcdctl-to-3.3.25 
Bump etcdctl and etcd-wrapper to 3.3.25
 2020-08-27 15:29:38 +05:30
Sayan Chowdhury
b4f9aba6fd dev-db/etcdctl: Bump to 3.3.25 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-08-27 13:18:02 +05:30
Flatcar Buildbot
e2c3b2cd9a sys-kernel: Upgrade coreos-kernel 5.4.59 to 5.4.61 2020-08-27 07:22:04 +00:00
Sayan Chowdhury
a5e0e43ea3 app-admin/etcd-wrapper: Bump to 3.3.25 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-08-27 12:44:49 +05:30
Kai Lüke
dc0f618168 README.md: Document how to update packages 
The best practice established in this repository is to reset the
package	folder and import a new	version	from upstream without
modifications. In a separate commit the downstream changes are applied.
This makes it clear which downstream changes need to be	ported when
updating to a newer version in the future. Unfortunately this is not
always done which causes confusion and more work. As first step
document the process before we later look into more automation.
 2020-08-26 14:10:37 +02:00
Thilo Fromm
6fac33fd7a toolbox: point to flatcar-master to add bpf fs support 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-26 14:03:31 +02:00
Thilo Fromm
3387908122 sys-apps/baselayout: point CROS_WORKON to latest flatcar-master merge commit 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-26 13:13:36 +02:00
Thilo Fromm
786e51a3d1 sys-apps/baselayout: update CROS_WORKON comment 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-26 13:13:36 +02:00
Thilo Fromm
dbb097a35d sys-apps/systemd: don't depend on acct-group, use GID 30 for "render" 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-26 13:13:36 +02:00
Thilo Fromm
eb9c81ee47 baselayout, systemd: add group "render" for udev 
This commit adds a dependency on acct-group/render to systemd.
The respective group is provided by portage-stable
(https://github.com/flatcar-linux/portage-stable
 commit ID db2ed1e74a89944b1500dba1471072e8da3dddc9).

Furthermore, the baselayout commit ID is bumped to include a
change from https://github.com/flatcar-linux/baselayout - to
1d32bea2c0e4335d4a8f7e0ccd6a7b41da15e4a7 - which includes
this group in the baselayout used by initramfs.

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-26 13:13:30 +02:00
Krzesimir Nowak
78bd8ec9e0 sys-fs/lvm2: Add a patch dropping unsupported udev rule 
The `OPTIONS+="event_timeout=180"` rule is not supported by systemd,
and with recent update, systemd complains quite visibly in journalctl
about it. This is already fixed in lvm2 upstream, so this patch will
not be necessary when we do the update.
 2020-08-25 12:07:43 +02:00
Krzesimir Nowak
e564fa0b29 sys-fs/lvm2: Add new revision of a recipe 2020-08-25 12:04:59 +02:00
Krzesimir Nowak
c45a26e473 profiles: Drop outdated entry from accept_keywords 
We updated mdadm to 4.1 and imported it into coreos-overlay, so we
updated the keyword in the recipe.
 2020-08-25 11:47:57 +02:00
Krzesimir Nowak
a784232e31 sys-fs/mdadm: Add README.md 2020-08-25 11:46:49 +02:00
Krzesimir Nowak
ef18660046 sys-fs/mdadm: Add more patches 
These patches are upstreamed, but the release haven't yet happened.
 2020-08-25 11:42:32 +02:00
Krzesimir Nowak
5705b8a4cc sys-fs/mdadm: Build on arm64 too 2020-08-25 11:40:46 +02:00
Krzesimir Nowak
8c96ca03bd sys-fs/mdadm: Add a comment about the source of the build 2020-08-25 11:40:16 +02:00
Krzesimir Nowak
a3c88140ec sys-fs/mdadm: Import latest mdadm from Gentoo 2020-08-25 11:30:34 +02:00
Sayan Chowdhury
b2ade58190 Merge pull request #533 from flatcar-linux/linux-5.4.59-main 
Upgrade Linux Kernel in main from 5.4.58 to 5.4.59
 2020-08-19 16:48:37 +05:30
Sayan Chowdhury
0e777ff5aa app-admin/etcd-wrapper: Bump to 3.3.24 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-08-19 15:44:20 +05:30
Flatcar Buildbot
4b9602cc64 sys-kernel: Upgrade coreos-kernel 5.4.58 to 5.4.59 2020-08-19 07:20:59 +00:00
Sayan Chowdhury
9812717802 Merge pull request #529 from flatcar-linux/sayan/bump-etcd-to-3.3.23 
app-admin/etcd-wrapper: Bump to 3.3.23
 2020-08-18 21:36:57 +05:30
Sayan Chowdhury
61aad9143f app-admin/etcd-wrapper: Bump to 3.3.23 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-08-18 19:14:10 +05:30
Kai Lüke
013274ce5d Merge pull request #523 from flatcar-linux/linux-5.4.58-main 
Upgrade Linux Kernel in main from 5.4.57 to 5.4.58
 2020-08-18 11:53:35 +02:00
Thilo Fromm
4524991b97 Merge pull request #528 from flatcar-linux/t-lo/add-qedf-qedi-qla4xxx 
add qedf, qedi, qla4xxx modules
 2020-08-18 11:52:14 +02:00
Dongsu Park
b6a4219641 Merge pull request #527 from flatcar-linux/containerd-1.3.7-main 
Upgrade Containerd in main from 1.3.6 to 1.3.7
 2020-08-17 17:23:20 +02:00
Dongsu Park
d54a191738 Merge pull request #519 from flatcar-linux/go-1.13.15-main 
Upgrade Go in main from 1.13.14 to 1.13.15
 2020-08-17 10:44:22 +02:00
Thilo Fromm
3a34ff86bb sys-kernel/coreos-modules: add qedf, qedi, qla4xxx 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-08-14 19:20:04 +02:00
Flatcar Buildbot
58b3ee36e0 app-emulation: Upgrade Containerd 1.3.6 to 1.3.7 2020-08-14 08:17:38 +00:00
Kai Lüke
ad75990ea5 Merge pull request #524 from flatcar-linux/kai/etcd-permissions 
app-admin/etcd-wrapper: Adjust data dir permissions
 2020-08-13 10:24:28 +02:00
Kai Lüke
fc4f849bc2 Merge pull request #514 from flatcar-linux/kai/package-updates-openssl 
Update packages for openssl update
 2020-08-12 18:16:34 +02:00
Kai Lüke
76039ab99e app-admin/etcd-wrapper: Adjust data dir permissions 
Beginning with etcd 3.4 the desired permissions of the data directory
are checked.
The used 755 permissions are not desired and have to be adjusted.
 2020-08-12 15:34:47 +02:00
Flatcar Buildbot
6cb09822c9 sys-kernel: Upgrade coreos-kernel 5.4.57 to 5.4.58 2020-08-12 07:19:53 +00:00
Kai Lüke
aaaee0d31e sys-auth/sssd: Apply Flatcar patches 2020-08-11 11:19:01 +02:00
Kai Lüke
5ff7a3464c sys-auth/sssd: Drop unstable versions 2020-08-10 20:34:12 +02:00