mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 18:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,640 Commits 629 Branches 394 Tags 166 MiB
fdc395e8de
Commit Graph

7796 Commits

Author SHA1 Message Date
Dongsu Park
fdc395e8de Merge pull request #1647 from flatcar-linux/go-1.17.7-main 
Upgrade Go in main from 1.17.6 to 1.17.7
 2022-02-14 15:59:37 +01:00
Dongsu Park
9ceb73704f changelog: add security changelog for Go 1.17.7 2022-02-14 14:36:22 +01:00
Flatcar Buildbot
188f067dd5 dev-lang: Upgrade Go 1.17.6 to 1.17.7 2022-02-14 07:30:02 +00:00
Flatcar Buildbot
3b0af8e48a sys-kernel: Upgrade Kernel 5.15.22 to 5.15.23 2022-02-12 07:21:24 +00:00
Dongsu Park
dc408cf2fc Merge pull request #1637 from flatcar-linux/firmware-20220209-main 
Upgrade Linux Firmware in main from 20211216 to 20220209
 2022-02-11 16:03:31 +01:00
Jeremi Piotrowski
bdcac570b1 Merge pull request #1628 from flatcar-linux/jepio/aws-arm64-fix-console 
coreos-base/oem-ec2-compat: set correct console on arm64
 2022-02-11 15:44:52 +01:00
Mathieu Tortuyaux
5a53c343fa Merge pull request #1639 from flatcar-linux/tormath1/polkit 
sys-auth/polkit: remove `-Dwith-duktape`
 2022-02-11 15:39:50 +01:00
Jeremi Piotrowski
08e53ca3b4 Merge pull request #1629 from flatcar-linux/jepio/walinuxagent-update 
update WALinuxAgent to v2.6.0.2
 2022-02-11 15:36:41 +01:00
Dongsu Park
f3b79484d8 Merge pull request #1611 from flatcar-linux/dongsu/gcc-10 
Preparation for gcc 10
 2022-02-11 13:56:31 +01:00
Dongsu Park
020beddd07 sys-kernel/coreos-firmware: fix build issues with cxgb4 firmware 
Fix build issues when building firmware 20220209 by bumping the cxbg4
firmware version to 1.26.6.0. Without that, build fails like:

```
 * Scanning for files required by 5.15.22-flatcar
 * Missing firmware: cxgb4/t6fw.bin (cxgb4.ko.xz)
 * Missing firmware: cxgb4/t5fw.bin (cxgb4.ko.xz)
 * Missing firmware: cxgb4/t4fw.bin (cxgb4.ko.xz)
```
 2022-02-11 09:39:05 +01:00
Flatcar Buildbot
3f1811585f sys-kernel: Upgrade Linux Firmware 20211216 to 20220209 2022-02-11 09:39:05 +01:00
Mathieu Tortuyaux
3bf1a5fb20 sys-auth/polkit: remove -Dwith-duktape 
this option is superseeds by `js_engine` which defaults to duktape.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-10 18:37:56 +01:00
Dongsu Park
217a1af593 Merge pull request #1621 from flatcar-linux/cacerts-3.75-main 
Upgrade ca-certificates in main from 3.74 to 3.75
 2022-02-10 17:35:22 +01:00
Kai Lüke
3a9c9ede2d Merge pull request #1622 from flatcar-linux/kai/systemd-disable-manage-foreign-routes-and-rules 
sys-apps/systemd: add downstream patch to disable foreign route mgmt
 2022-02-10 17:33:13 +01:00
Dongsu Park
e24bb9f348 changelog: add changelog for gcc 10 preparation 2022-02-10 16:57:26 +01:00
Dongsu Park
257a513e77 app-emulation/open-vmdk: fix build issues with gcc 10 
As gcc 10 or newer defaults to `-fno-common`, we need to define only
once in a *.c file, instead of *.h that can be imported multiple times
by *.c files.

See also https://github.com/vmware/open-vmdk/pull/13.
 2022-02-10 16:57:26 +01:00
Dongsu Park
f2464ad27b coreos-base/emerge-gitclone: fetch correct commit in case of non-release 
When the given release string is for non-release like
"2022.02.02+dev-flatcar-master-4742", we should fetch release.xml from
a correct commit from e.g.
https://raw.githubusercontent.com/kinvolk/manifest-builds/dev-flatcar-master-4742/dev-flatcar-master-4742.xml.

Without that, as the default branch contains invalid source code that
was deprecated many years ago, the build could sometimes fail, e.g. when
trying to build perl 5.26.2 with gcc 10.

This pulls in https://github.com/flatcar-linux/flatcar-dev-util/pull/7.
 2022-02-10 16:57:26 +01:00
Dongsu Park
ff9098b9d4 net-fs/nfs-utils: Apply Flatcar modifications 
- Add the tmpfiles configuration for populating /var
  - Add service compatibility symlinks (maybe time to drop them)
  - Drop moving a binary from /usr/sbin to /sbin
  - Drop populating /etc and /var
  - Drop pkg_postinst

Based on commit c232e24562cfecd53cb281330e2900fcc30006f7.
 2022-02-10 16:57:26 +01:00
Dongsu Park
fad4ba41b8 net-fs/nfs-utils: update to 2.5.4-r3 
Update net-fs/nfs-utils to 2.5.4-r3, as needed by gcc 10.
Without that update, build fails like:

```
/usr/libexec/gcc/x86_64-cros-linux-gnu/ld:
../../support/export/libexport.a(xtab.o):.../support/export/xtab.c:32:
multiple definition of `v4root_needed';
mountd-v4root.o:.../utils/mountd/v4root.c:31: first defined here
```
 2022-02-10 16:57:25 +01:00
Dongsu Park
7d24586b46 profiles: Update versions of iasl, kexec-tools 
Update sys-power/iasl to 20200326 for arm64.
Update sys-apps/kexec-tools to 2.0.22 for arm64.
 2022-02-10 16:57:25 +01:00
Dongsu Park
157d83ebae profiles: remove mask for gcc-config 2 
As we need to update gcc-config to 2.5, we have to remove the old
mask that prevents gcc-config 2 from being installed.
 2022-02-10 16:57:25 +01:00
Kai Lueke
98d2469b60 coreos-base/update_engine: fix flatcar-postinst migration notice 
This pulls in
https://github.com/flatcar-linux/update_engine/pull/16
to fix a small template error in the cgroup v2 migration notice.
 2022-02-10 13:31:17 +01:00
Jeremi Piotrowski
648e129aab changelog: add entry for AWS ARM64 console fix 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-10 13:30:48 +01:00
Mathieu Tortuyaux
0c2a064bfb Merge pull request #1635 from flatcar-linux/tormath1/vim 
profiles/base: stabilize vim
 2022-02-10 11:38:30 +01:00
Mathieu Tortuyaux
4f4137b33d profiles/base: stabilize vim 
this is required to pull recent versions of vim which fix CVEs.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-09 18:02:47 +01:00
Flatcar Buildbot
1bd580a3d6 sys-kernel: Upgrade Kernel 5.15.19 to 5.15.22 2022-02-09 16:39:45 +00:00
Jeremi Piotrowski
d30359a806 coreos-base/oem-ec2-compat: specify correct console on arm64 
The default arm64 console (console=ttyAMA0) that is set by grub is wrong for
EC2 arm64, so fix the value and enable earlycon.
 2022-02-09 17:26:11 +01:00
Jeremi Piotrowski
a76eccc6c4 changelog: add entry for WALinuxAgent 2022-02-09 11:15:23 +00:00
Jeremi Piotrowski
9ce9b93e2a coreos-base/oem-azure(-pro): inject empty eject binary into waagent PATH 
Waagent ejects the provisioning dvd, but this causes the /dev/sr0 drive
to be in a state where util-linux probing it causes the kernel to spam
"unaligned transfer" messages. This is fixed in util-linux main branch,
but it will be a while until this is released.

Create a symlink from 'eject' to '/bin/true' and modify the unit's PATH
environment variable so that this symlink is found before the eject
binary.

Additionally I added the oem python directory to PATH, so that waagent
can be start directly. This should be enough so that messages from
waagent in the journal are prefixed with 'waagent' and not 'python'.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-09 11:13:32 +00:00
Jeremi Piotrowski
c312e54e3e app-emulation/wa-linux-agent: update to v2.6.0.2 
v2.6.0.2 is the latest released version and contains the upstreamed
Flatcar support.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2022-02-09 10:27:11 +00:00
Kai Lueke
e89bb5652c sys-apps/systemd: add downstream patch to disable foreign route mgmt 
This new downstream patch disables the ManageForeignRoutes and
ManageForeignRoutingPolicyRules systemd-netword settings by default to
ensure that CNIs don't get their routes or routing policy rules
discarded on network reconfiguration events.

https://github.com/flatcar-linux/Flatcar/issues/620
 2022-02-07 17:56:54 +01:00
Flatcar Buildbot
d10829cf5f app-misc: Upgrade ca-certificates 3.74 to 3.75 2022-02-07 07:21:43 +00:00
Sayan Chowdhury
563b295ed7 Merge pull request #1610 from flatcar-linux/linux-5.15.19-main 
Upgrade Linux Kernel in main from 5.15.18 to 5.15.19
 2022-02-03 13:17:14 +05:30
Mathieu Tortuyaux
fcd640e6f0 dev-libs/cyrus-sasl: apply flatcar patches 
- remove unecessary ebuild
- apply cross compiling patch

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-02 13:43:03 +01:00
Flatcar Buildbot
6229b0f4d2 sys-kernel: Upgrade Kernel 5.15.18 to 5.15.19 2022-02-02 07:22:08 +00:00
Mathieu Tortuyaux
7727932905 dev-libs/cyrus-sasl: sync with ::gentoo 
Commit-Ref: c64e42b0da7ce4c4189c8868ce0a5170f044468f

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 16:37:03 +01:00
Mathieu Tortuyaux
58cfec0d2b Merge pull request #1603 from flatcar-linux/tormath1/sbsigntools 
app-crypt/sbsigntools: bump to 0.9.4
 2022-02-01 09:39:20 +01:00
Mathieu Tortuyaux
bf127a3a35 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:28 +01:00
Mathieu Tortuyaux
25c3360eee app-crypt/sbsigntools: apply flatcar changes 
- remove unecessary ebuilds
- mark sbsigntools-0.9.4.ebuild as stable for arm64/amd64
- apply OpenSSLv3 patch from: https://groups.io/g/sbsigntools/topic/patch_fix_openssl_3_0_issue/85903418?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,85903418,previd=1632756467394580924,nextid=1591489833755102589&previd=1632756467394580924&nextid=1591489833755102589
- remove -Werror from Makefile.am for OpenSSLv3 compilation

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-02-01 09:38:14 +01:00
Kai Lüke
51c4f8338f Merge pull request #1602 from flatcar-linux/kai/enable-fips 
sys-kernel: allow fips mode to be enabled
 2022-01-31 19:51:07 +01:00
Flatcar Buildbot
b51049bc89 sys-kernel: Upgrade Kernel 5.15.17 to 5.15.18 2022-01-31 18:48:44 +01:00
Mathieu Tortuyaux
258e8530ba app-crypt/sbsigntools: sync with ::gentoo 
Commit-Ref: bc01370226f4b5f773ae0da7d49ae09b90622666

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-01-31 16:59:44 +01:00
Kai Lueke
38a01288e1 sys-kernel: allow fips mode to be enabled 
With this kernel config, users can boot with fips=1 set in
`/usr/share/oem/grub.cfg`:
```
set linux_append="fips=1"
```

Which triggers various behaviors, for FIPS 200 certification.

with this config compiled in, and that boot parameter, users can can
that fips is enabled with:
```
flatcar ~ # cat /proc/sys/crypto/fips_enabled
1
```
 2022-01-31 15:07:36 +01:00
Dongsu Park
19a486c58d Merge pull request #1596 from flatcar-linux/dongsu/glibc-2.33-r10 
sys-libs/glibc: update to 2.33-r10
 2022-01-28 16:58:45 +01:00
Krzesimir Nowak
9582e2e795 Merge pull request #1595 from flatcar-linux/linux-5.15.17-main 
Upgrade Linux Kernel in main from 5.15.16 to 5.15.17
 2022-01-28 16:13:55 +01:00
Kai Lüke
456efdeb9a Merge pull request #1589 from flatcar-linux/kai/ipv6-ra 
coreos-cloudinit and bootengine: accept IPv6 RA for default net configs
 2022-01-28 11:08:46 +01:00
Dongsu Park
27bd0429a0 changelog: add changelog for glibc 2.33-r10 2022-01-28 08:43:44 +01:00
Krzesimir Nowak
a752947aec sys-libs/glibc: Apply Flatcar modifications 
- unmask amd64 and arm64
  - take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
  - don't run sanity checks in pkg_pretend to prevent gcc checks when
    only the binary package is installed.
  - comment out 'dostrip -x' to force the OS image binaries to be stripped
  - remove everything glibc wants to put under /etc since we use
    baselayout to provide that
 2022-01-28 08:43:44 +01:00
Dongsu Park
2301479ae7 sys-libs/glibc: sync with Gentoo for 2.33-r10 
Update sys-libs/glibc to 2.33-r10, mainly to address CVE-2021-3998,
CVE-2021-3999, CVE-2022-23218, CVE-2022-23219.

Gentoo ref: 7ba56d4da4e3fd2bc0d2c1012f2dc02e448c77d4
 2022-01-28 08:43:40 +01:00
Flatcar Buildbot
e4a527aa27 sys-kernel: Upgrade Kernel 5.15.16 to 5.15.17 2022-01-28 07:22:45 +00:00