We had an accept_keywords for versioned rust in base profile already,
but it was outdated due to a bug in github action. So update it and
move the lines from sdk target to base profile. The accept_keywords
for virtual/cargo package are dropped, because there is no such
package.
Replace any dev-lang/rust version with the current one, and make sure
that the modified files in the profiles directory is actually included
in the patch.
This is a backport of https://github.com/SSSD/sssd/pull/5748 adapted to 2.3.1.
A change was necessary: src/tools/sssctl/sssctl_logs.c wasn't passing
'--no-create' to truncate in 2.3.1 yet.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Incase the ebtables tables are not set, the ebuilds links the
ebtables binaries to the legacy version instead of the nft version
Moving to coreos-overlay to link it to xtables-nft-multi.
The next step could be upstream the patches, incase of the usage of
nftables USE flag.
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
Now that GLSA metadata was updated as of 2021-09-03, we need to
add the following entries to the GLSA allow list, to avoid build
failures caused by `glsa-check -t all`.
202006-03: perl 5.26.2, only SDK, allowlist
202008-01: python 2.7.15 & 3.6.5, only SDK, allowlist
202101-18: python 2.7.15 & 3.6.5, only SDK, allowlist
202104-04: python 2.7.15 & 3.6.5, only SDK, allowlist
202105-22: samba 4.12.9, not affected, samba has no ldap flag, no smbd.
202105-34: bash 4.3, non-trivial to update
202107-31: polkit 0.113, in-progress
202107-48: systemd 247.9, backported the fixes to v247.9.
Included is a dockerfile that installs system deps of kola in an debian:11
image. For the test script, the control flow is:
qemu_uefi.sh
qemu_uefi_arm64.sh
(docker)
qemu_common.sh
qemu_common uses the 'NATIVE_ARM64' variable passed by the jenkins job to control the behavior.
The differences are:
* use git directly to fetch (and verify) the manifest
* setup some symlinks so that /var/tmp is on the same BTRFS partition as $PWD/tmp
* setup symlinks so that we don't have to fixup installation of mantle to chroot
* run things directly instead of in chroot through cork
The whole script is executed as root, because kola requires root privileges
anyway and making kvm and sudo work with an arbitrary host user inside the
container would require a custom entrypoint to setup groups.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
