Jarrod Johnson
fb1f6b70bb
Improve error handling on bad TLS cert
...
Bad TLS cert is a common problem, provide better feedback.
2022-02-24 09:27:40 -05:00
Jarrod Johnson
24ef12e029
Disable autoconf of ipv6 in el
...
If autoconf is allowed when link is brought up, it scan
confuse redhat network configuration when it already finds
an ipv6 address.
2022-02-23 16:58:29 -05:00
Jarrod Johnson
fdc9d94408
Also register to run before coreos-ignition-setup-user
...
For coreos, make sure we preempt either name.
2022-02-22 14:30:48 -05:00
Jarrod Johnson
b463a53146
Cleanup per coverity
...
Fix a number of concerns that coverity reports
2022-02-17 17:05:00 -05:00
Jarrod Johnson
f10a27fd7a
Switch to mkstemp
...
Use mkstemp to more confidently reserve a filename as expected.
2022-02-15 17:13:04 -05:00
Jarrod Johnson
00bedf6946
Shuffle confluenntuuid to earlier in copernicus
...
Currently, ssdp handler behavior needs confluentuuid first, if
it is to have any effect.
2022-02-08 12:06:52 -05:00
Jarrod Johnson
358b719cec
Implement deployment binding for new installs
...
When doing osdeploy initialize,
save the uuid and have deployment
targets specifically pair back with site via
uuid.
2022-02-08 10:41:27 -05:00
Jarrod Johnson
638a1b3587
Fix confignet for python2
2022-02-03 11:50:34 -05:00
Jarrod Johnson
5f4a565feb
Use python2-compatible apiclient load for el7 diskless
2022-02-03 10:10:23 -05:00
Jarrod Johnson
e94d0a5236
Fix for EL7 compatibility
...
Some python 3 exclusive assumptions were made.
Unfortunately, EL7 is python2
centric.
2022-02-03 10:09:28 -05:00
Jarrod Johnson
0bca6e0852
Apply more fixes for EL7 diskless
2022-02-02 15:22:58 -05:00
Jarrod Johnson
c6816099f7
Add el7 diskless draft to packaging
2022-02-02 13:23:34 -05:00
Jarrod Johnson
eaa0921420
Draft EL7 diskless support
2022-02-02 13:09:26 -05:00
Jarrod Johnson
554e25d6cb
Assume libcrypt.so.1 if not 2 in more generic way
2022-02-02 11:17:08 -05:00
Jarrod Johnson
f346cae683
Use more widely known paths for libcrypt
2022-02-02 10:53:46 -05:00
Jarrod Johnson
1431f9ce13
Change to python 2/3 agnostic syntax
2022-02-02 08:37:22 -05:00
Jarrod Johnson
9f071c1fdb
Provide more details in example syncfiles
2022-01-20 14:10:30 -05:00
Jarrod Johnson
456b43eeb7
Correctly align rtattr and nlmsg
...
When advancing through messages,
must pad to nearest multiple of
4. This resolves erroneously landing on incorrect offsets.
2022-01-19 13:21:59 -05:00
Jarrod Johnson
dbaae417e9
Have configbmc stall on TSM
...
TSM will stall out for an extended
period of time after a network change.
Accomodate by forcing a pause
on detection of TSM.
2022-01-10 12:01:15 -05:00
Jarrod Johnson
181f704331
Correct configbmc misidentification of lan chan
...
The lan channel get mac address was incorrect, change
to correctly request.
2022-01-10 09:29:40 -05:00
Jarrod Johnson
c475e4801f
Fix incorrect quotes in autocons.c
2022-01-07 09:28:24 -05:00
Jarrod Johnson
abec8c498c
Break netlink address fetch on invalid rta_len
...
It is considered valid for kernel to return a null rta_len
in the midst of data and expect the caller to terminate.
2021-12-20 12:28:35 -05:00
Jarrod Johnson
ad33572290
Add debug information to coreos init
2021-12-09 11:55:12 -05:00
Jarrod Johnson
624984b1c9
Do not assume SPCR until confluent confirms text console
...
TIOCCONS was called for users that did not want to use serial. This
makes the serial console delayeed when automatic, but avoids video
users from being confused.
2021-12-09 10:34:12 -05:00
Jarrod Johnson
c2de127947
Bring el8 completely over to prefer ipv4
2021-12-09 08:31:07 -05:00
Jarrod Johnson
cf686f8018
Prefer IPv4 deployment over IPv6 when both are available
...
Some older vintages of RHEL and clones do not support IPv4,
best to prefer ipv4 to avoid messing up on places that have ipv6
configured.
2021-12-08 17:04:04 -05:00
Jarrod Johnson
02da50af8b
Tighter permissions on /var/log/confluent
2021-12-08 07:42:19 -05:00
Jarrod Johnson
77de3ab25b
Apply more restrictive permissions to /var/log/confluent/
...
While confluent shouldn't put anything sensitive in the log, custom
content may. To mitigate the risk, it will now lock down the
log permissions.
2021-12-07 07:21:04 -05:00
Jarrod Johnson
1b21b9316c
Correct variable typo in imageboot scripts
2021-12-06 09:00:44 -05:00
Jarrod Johnson
4260db20b7
Make confluent contennt from initramfs avalibale to normal root system
2021-12-03 16:06:47 -05:00
Jarrod Johnson
496be816ff
Add exit 0 to avoid failed systemd unit
2021-12-03 12:50:03 -05:00
Jarrod Johnson
4e0a76d955
Fix typo in confluent name in coreos script
2021-12-03 12:47:05 -05:00
Jarrod Johnson
f2b2d8519c
Add onboot link to coreos relabel activity
2021-12-03 12:45:42 -05:00
Jarrod Johnson
d829db4407
Add onboot hook to coreos
2021-12-03 12:37:03 -05:00
Jarrod Johnson
0e1da6ebd6
Explicitly check for TPM 2.0 before trying to use TPM 2.0
2021-12-03 11:05:11 -05:00
Jarrod Johnson
d2435d315b
Schedule fetch of private data before ignition cares
2021-12-03 10:39:47 -05:00
Jarrod Johnson
4388399f78
Fetch config.ign file during rootfs setup in CoreOS
2021-12-03 09:34:46 -05:00
Jarrod Johnson
a146a54172
Move ignition to profile private data, extracted
2021-12-03 08:48:27 -05:00
Jarrod Johnson
4482b675b4
Wait for network to get ssh certificates
2021-12-03 08:32:25 -05:00
Jarrod Johnson
714a883d9c
Purge the conflucting default nmconnection if we have better
2021-12-02 17:00:10 -05:00
Jarrod Johnson
77865ba71c
Disable fakecmdline for now
2021-12-02 16:40:41 -05:00
Jarrod Johnson
3adb82370f
Specify correct filename for fakecmdline
2021-12-02 16:27:55 -05:00
Jarrod Johnson
7a95c3e64c
Set selinux context of fakecmdline
2021-12-02 16:17:04 -05:00
Jarrod Johnson
8ecbcb0f00
Fix coreos tendency to disable ipv6
2021-12-01 16:26:13 -05:00
Jarrod Johnson
e5a748f0a2
Fix coreos pre-pivot to work better
2021-12-01 16:00:36 -05:00
Jarrod Johnson
90f3d5f323
Fix syntax error in coreos pre-pivot
2021-11-30 09:14:51 -05:00
Jarrod Johnson
00e853130f
Fallback to other location for grub
2021-11-29 16:03:06 -05:00
Jarrod Johnson
6e4c939cd9
Various ubuntu diskless fixes/improvements
...
Needed the real losetup to handle read-only file.
busybox wc is way too slow, use ls instead.
Explicitly make /sysroot and load xfs, as that doesn't happen implicitly.
Accept a dangling symlink as viable init, since this is the case in Ubuntu.
Update hostname and ca certificates consistent with
ubuntu standards
2021-11-19 11:00:50 -05:00
Jarrod Johnson
82a783fa55
Register CA certs in global location for ubuntu
2021-11-18 16:51:18 -05:00
Jarrod Johnson
6d623b046a
Fixes for imageboot.sh with ubuntu
2021-11-18 16:34:27 -05:00