mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-22 23:11:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,504 Commits 616 Branches 398 Tags
Commit Graph

2783 Commits

Author SHA1 Message Date
Michael Marineau
fb9b323483 Merge pull request #1470 from marineam/selinux 
Another round of SELinux fixes
 2015-08-14 18:23:04 -07:00
Michael Marineau
9ea1691350 profiles: only enable selinux on amd64 
The base selinux packages only have amd64 and x86 keywords. No need to
get them working on arm64 right now so make this amd64-only.
 2015-08-14 17:59:14 -07:00
Michael Marineau
cab0f533fb policycoreutils: override DESTDIR instead of PREFIX 
PREFIX should always point to $(DESTDIR)/usr in order to work in the SDK
where /lib64 isn't a symlink to /usr/lib64 like it is in our images.
 2015-08-14 17:48:41 -07:00
Michael Marineau
eb258f2da7 selinux-policy: do not execute binaries under $ROOT 
Run-time binaries must be provided by the SDK, dynamic libraries or the
entire architecture may be different under the target $ROOT.

I have no idea if selinux can be built cross-architecture though, if not
this may need to be revisited with qemu.
 2015-08-14 17:25:43 -07:00
Michael Marineau
1076ef2b7a Merge pull request #1469 from marineam/selinux 
checkpolicy: fix typo :(
 2015-08-14 16:36:28 -07:00
Michael Marineau
8fed02d826 checkpolicy: fix typo :( 2015-08-14 16:28:53 -07:00
Michael Marineau
5ba8147abb Merge pull request #1468 from marineam/selinux 
Selinux cleanup and build fixes
 2015-08-14 16:10:15 -07:00
Michael Marineau
c3e0c54d9e checkpolicy: use includes and libsepol.a from $ROOT 
Not sure why this is static instead of dynamic in the first place, but
at least this fixes the build error caused by using the SDK root.
 2015-08-14 16:02:56 -07:00
Michael Marineau
f932e4d950 checkpolicy: import from portage-stable 2015-08-14 15:44:31 -07:00
Michael Marineau
efde8e22e3 profiles: exclude a pile of ustr source code from prod images 2015-08-14 15:41:18 -07:00
Michael Marineau
691ce0c988 policycoreutils: prune installed tools/files 
- Exclude all python scripts when the python flag is off.
 - Add nls use flag to disable gettext
 - Add extra use flag to disable Gentoo provided tools and OpenRC goo.
 - Drop live ebuild, we don't really need it.
 2015-08-14 15:40:44 -07:00
Alex Crawford
0908ab0bf7 Merge pull request #1464 from crawford/waagent 
app-emulation/wa-linux-agent: bump to 2.0.14
 2015-08-14 14:07:21 -07:00
Geoff Levand
7c9524a479 Merge pull request #1445 from glevand/for-merge-firmware 
sys-kernel/coreos-firmware: Fix empty list error
 2015-08-14 13:50:43 -07:00
Michael Marineau
8436371d7c Merge pull request #1461 from marineam/grub 
Update GRUB and OVMF
 2015-08-14 13:24:51 -07:00
Matthew Garrett
981e4c1a50 Support ARM images in sbsigntool 
Import the Ubuntu patchset for sbsigntool so we pick up support for
signing ARM binaries.
 2015-08-14 13:01:21 -07:00
mjg59
dde34d405f Merge pull request #1466 from mjg59/selinux 
Build an selinux-capable image
 2015-08-14 12:23:13 -07:00
Matthew Garrett
3620b7b02e Enable selinux 
One more attempt at this.
 2015-08-14 11:38:55 -07:00
Matthew Garrett
d6a89a6fa7 Turn on selinux in the kernel 
Enable selinux by default. It won't do anything unless a policy gets loaded.
 2015-08-14 11:38:55 -07:00
Matthew Garrett
6677b5a15d Don't have dbus depend on selinux policy 
We don't need or want selinux policy for dbus at the moment, so remove the
dependency.
 2015-08-14 11:38:55 -07:00
Geoff Levand
47cde09eef sys-kernel/coreos-kernel: Update arm64_defconfig 
o Enable more ARM64 board support:
    EXYNOS7
    QCOM
    SEATTLE
    TEGRA
    SPRD
    ZYNQMP
o Enable USB wireless and the RTL8192CE driver (with firmware).

Signed-off-by: Geoff Levand <geoff@infradead.org>
 2015-08-14 11:27:48 -07:00
Geoff Levand
982fdf26aa sys-kernel/coreos-firmware: Add empty error message 
Print an error message and abort if the list of firmware files to install
is empty.

Signed-off-by: Geoff Levand <geoff@infradead.org>
 2015-08-14 11:27:48 -07:00
Nick Owens
af167387d7 app-admin/fleet: use PartOf in socket unit to workaround go bug 
see a related change to docker in commit
4c556494cf82598e2cfd153df93a30a249a43362
 2015-08-14 10:48:48 -07:00
Nick Owens
e3557a5ce8 app-admin/fleet: bump to v0.11.4 2015-08-14 10:48:17 -07:00
Alex Crawford
afb6c85169 app-emulation/wa-linux-agent: bump to 2.0.14 2015-08-14 10:24:43 -07:00
Heather
1dc29c31ad Gentoo is moved on git 2015-08-14 18:19:36 +04:00
Michael Marineau
433d939a3d Merge pull request #1462 from marineam/kublet 
kublet: fix expansion of KUBELET_OPTS
 2015-08-13 16:15:04 -07:00
Geoff Levand
c467480157 dev-libs/libdivsufsort: Remove unused package 
Signed-off-by: Geoff Levand <geoff@infradead.org>
 2015-08-13 16:03:59 -07:00
Michael Marineau
e3a903e243 kublet: fix expansion of KUBELET_OPTS 
In exec commands `${VAR}` always expands to a single word, making it
equivalent to `"${VAR}"` in shell.
 2015-08-13 16:02:10 -07:00
Michael Marineau
b961565717 edk2-ovmf: bump to latest snapshot 2015-08-13 14:59:20 -07:00
Michael Marineau
5025e3e62d grub: sync with upstream as of 2015-07-27 2015-08-13 13:39:47 -07:00
Michael Marineau
8f146f282c grub: drop old ebuild 2015-08-13 13:37:31 -07:00
Alex Crawford
cda6828452 Revert "app-admin/fleet: bump to v0.11.3" 
This reverts commit 3b9e8ca89e4be95d0486b777073fe5a921b7c8ea.
 2015-08-13 00:45:11 -07:00
Michael Marineau
fef6e3975d coreos-init: support user logrotate configs 
Configs may now be placed in /etc/logrotate.d
 2015-08-12 18:15:04 -07:00
Michael Marineau
5e60ccd1c8 Merge pull request #1457 from marineam/onmetal 
oem-rackspace-onmetal: fix build, removing net rename scripts
 2015-08-12 17:02:10 -07:00
Michael Marineau
80a16d368a oem-rackspace-onmetal: fix build, removing net rename scripts 2015-08-12 16:28:07 -07:00
Nick Owens
171043f505 app-admin/fleet: bump to v0.11.3 2015-08-12 15:11:01 -07:00
Alex Crawford
a00e113486 Merge pull request #1455 from crawford/cloudinit 
coreos-base/coreos-cloudinit: fix version number
 2015-08-12 14:41:21 -07:00
Michael Marineau
3ad3fe80ab Merge pull request #1454 from marineam/hush 
docker: downgrade all kernel config checks to warnings
 2015-08-12 14:36:01 -07:00
Alex Crawford
9c93df4313 coreos-base/coreos-cloudinit: fix version number 2015-08-12 14:25:15 -07:00
Michael Marineau
ad01612ce6 docker: downgrade all kernel config checks to warnings 
The linux-info eclass sets variables referring to the kernel source and
build trees when a binary package is built. This is problematic when
linux-info uses the default build path /lib/modules/$V/build which
includes the built kernel version. So if the kernel has changed since
the docker package was built installing docker from the binary package
will fail, breaking build_image and more. To work around the issue just
make the config checks non-fatal. They really aren't all that useful to
us anyway.
 2015-08-12 14:19:52 -07:00
Alex Crawford
e2fc6ed723 Merge pull request #1453 from crawford/cloudinit 
coreos-base/coreos-cloudinit: bump to v1.5.1
 2015-08-12 14:14:28 -07:00
Alex Crawford
d324d05227 Merge pull request #1433 from crawford/onmetal 
coreos-base/oem-rackspace-onmetal: fix race
 2015-08-12 14:12:42 -07:00
Michael Marineau
aa8c9e1bc5 Merge pull request #1450 from marineam/kernel 
Linux 4.1.5
 2015-08-12 14:08:43 -07:00
Alex Crawford
c0fbbb4c1b coreos-base/coreos-cloudinit: bump to v1.5.1 2015-08-12 14:05:37 -07:00
Alex Crawford
3ee0775418 Revert "coreos-base/coreos: add coreos-metadata" 
This reverts commit bea3f7c59db1838aec830c81be57e7480085bb19.
 2015-08-12 11:50:43 -07:00
Alex Crawford
61ae9d2a88 coreos-base/coreos-init: include Azure udev rule 2015-08-12 11:31:21 -07:00
Michael Marineau
357754137b coreos-kernel: drop old 4.0 kernel 2015-08-12 11:04:04 -07:00
Michael Marineau
587c175e76 coreos-kernel: bump to 4.1.5 2015-08-12 10:48:54 -07:00
Alex Crawford
a40cd77321 sys-apps/ignition: bump to v0.1.3 2015-08-11 16:31:36 -07:00
Alex Crawford
aa7a8b1f9a Merge pull request #1448 from crawford/ignition 
sys-apps/ignition: include the version
 2015-08-11 16:08:50 -07:00