They are copying sys-libs/libxcrypt from new portage-stable and
updating package masks and USE flags in order to migrate from
glibc-provided libcrypt to libxcrypt-provided libcrypt.
The migration seems to be a bit complicated to do, because
bootstrapping a system using glibc with libxcrypt-provided libcrypt
using a build environment using glibc with glibc-provided libcrypt
results in some slot conflicts. Without the stage1 hooks the failure
happened in stage2. With the hooks, but without the seed SDK update,
the failure happened already in stage1.
Updating the seed SDK to use libxcrypt seems to do the trick. The
update of the seed SDK will happen only when transition happens - if
the seed SDK is already using libxcrypt, these hooks are noops.
It's long overdue and glibc 2.39 will drop crypt stuff altogether. Or
so I heard. Whatever happens, the crypt library in glibc is deprecated
for a long time already.
- take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
- comment out 'dostrip -x' to force the OS image binaries to be stripped
- remove everything glibc wants to put under /etc since we use
baselayout to provide that
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
Enabled user session dbus in base image to support podman rootless mode.
Extension images can now be created from multiple packages by seperating
them with a comma. The podman sysext includes app-containers/podman and
net-misc/passt.
It can be enabled by adding podman to /etc/flatcar/enabled-sysext.conf.
Potential TODO: gpgme had to be added as BDEPEND to podman ebuild.
The if-up-down to trigger the DHCP request causes problems. It's better
to directly ask systemd-networkd to issue the request. It seems that
one needs to use "reconfigure" instead of "forcerenew", so I went with
only that instead of somehow trying to see if "forcerenew" has an
effect.
This reverts commit 9556c7f94b
because waagent looks for internal hostname changes and wants to
propagate them to the Azure VM properties by issuing a new DHCP request.
As Ignition supports KubeVirt, add a custom oem for it and also the
required parts to be able to build an image in .qcow2 format that
is already using internal .qcow2 gzip compression.
Fixes: https://github.com/flatcar/Flatcar/issues/1358
Signed-off-by: Adrian Vladu <avladu@cloudbasesolutions.com>
This is a new package that is being developed to handle providing
symlinks for nvme disks (os,data,temporary) on newer Azure instances.
It needs to be part of the OS, and not oem-azure, because it carries
udev rules.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Flatcar prepares /etc/hostname from the initrd through afterburn. After
switching root, systemd-networkd fetches a dhcp lease with the correct
hostname already. This publishes the hostname to the vnet DNS server as
well. When WALinuxAgent starts, it tries to do the same steps: configure
the hostname, bounce the link to force dhcp lease renewal. This has
caused issues in the past with multi-nic configurations but also with
networked services that are trying to use the network (etcd/flanneld).
The link bouncing by WALinuxAgent is not necessary because of Flatcars
boot design, so return without bouncing the link. Tested that DNS from
other VMs in the same vnet works.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
When CoreosCommonUtil was factored out, we missed updating the class
name in a call to super(). This results in an error when executing
`/usr/sbin/waagent -force -deprovision+user`. Fix the class name.
Create a compatibility symlink at the old config file location
(/usr/share/oem/waagent.conf) to handle the case of enabling
auto-updates on the agent. The upstream version of the agent does not
have our downstream patch so doesn't know about the updated config file
location. We should upstream our changes.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
