vyos/vyos-build
1
0
Fork 0
mirror of https://github.com/vyos/vyos-build.git synced 2025-10-01 20:28:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,822 Commits 9 Branches 17 Tags
Commit Graph

858 Commits

Author SHA1 Message Date
Christian Breunig
6473704999
Merge pull request #856 from dmbaturin/T6942-no-guest-agents 
flavors: T6942: remove VM guest agents from the generic flavor
 2024-12-10 19:53:22 +01:00
Viacheslav Hletenko
e8bc65e026 Kernel: T5887: update Linux Kernel to v6.6.64 2024-12-09 11:46:25 +00:00
Daniil Baturin
15c0bd7578
Merge pull request #824 from jestabro/vyconf-minimal 
T6718: use the vyconf daemon for validation of set commands
 2024-12-06 21:37:58 +00:00
Daniil Baturin
090a5532af flavors: T6942: remove VM guest agents from the generic flavor 2024-12-05 18:47:38 +00:00
Christian Breunig
029cd725be Update data/build-types/release.toml 2024-11-30 08:49:54 +01:00
Daniil Baturin
e4fa5c6b3d build: T6859: include EULA files in build type definitions 2024-11-30 08:49:54 +01:00
Christian Breunig
2ef1e83db2
Merge pull request #847 from dmbaturin/T6915-flavor-cleanup 
build-flavors: T6915: clean up flavor definitions
 2024-11-30 08:49:25 +01:00
Daniil Baturin
11e21b94c2 build-flavors: T6915: clean up flavor definitions 
and leave only illustrative essentials
 2024-11-26 18:29:07 +00:00
Daniil Baturin
00c4d39242 build-flavors: T6913: fix Xen guest agent package in the generic image 
Also, remove the old XCP-NG flavor because the new agent
works for both mainline Xen and XCP-NG
 2024-11-26 17:46:22 +00:00
Daniil Baturin
0b07ed516b build: T6905: Add stream build type 2024-11-20 17:27:02 +00:00
Viacheslav Hletenko
2efc869757 Kernel: T5887: update Linux Kernel to v6.6.62 2024-11-19 17:44:13 +02:00
Viacheslav Hletenko
c967ef510e Kernel: T5887: update Linux Kernel to v6.6.61 2024-11-15 15:36:59 +00:00
John Estabrook
2416f963ad image-tools: T6864: keep file necessary for compat add image 
Revert "T1416: remove deprecated default-union-grub-entry"
This reverts commit d50707bb295dbd4bc50e3d0301fc8be605448429.
The file grub/default-union-grub-entry and its companion
install-image/postinst are needed for 'compatibility-mode' upgrades:
when upgrading from a system with legacy image-tools, those two files
are expected to exist in the mounted image of the target iso.
 2024-11-13 15:08:04 -06:00
Daniil Baturin
9ed7a29ebb build: T6855: make the custom APT entry and key syntax more flexible 2024-11-06 19:03:42 +00:00
Christian Breunig
a900353a5b
Merge pull request #829 from c-po/T6844-salt 
T6844: use our own mirror of the salt repository
 2024-11-01 09:40:19 +01:00
Christian Breunig
f36d645550 T6844: use our own mirror of the salt repository 2024-11-01 09:36:16 +01:00
Daniil Baturin
09ccfe7a70
Merge pull request #822 from sarthurdev/grub_fix 
live: T5568: Fix live grub menu entries
 2024-10-28 10:42:34 +00:00
John Estabrook
394ec80f49 T6718: vyconfd.service is started by vyos-router 2024-10-25 10:04:09 -05:00
Viacheslav Hletenko
7cd109889b Kernel: T5887: Revert update Linux Kernel to v6.6.58 
This reverts commit 6e256633b34dc737a812b0b8d253733608eb8ca8.

Issues with the kernel and netfilter IPv6
https://vyos.dev/T6814
https://bugzilla.redhat.com/show_bug.cgi?id=2321325
 2024-10-25 12:21:47 +00:00
sarthurdev
61d3585f19 live: T5568: Fix live grub menu entries 2024-10-25 00:07:11 +02:00
Christian Breunig
6e256633b3
Kernel: T5887: update Linux Kernel to v6.6.58 2024-10-22 20:24:28 +02:00
Daniil Baturin
bf2e6afc49 build: T6776: use the official Zabbix repo for zabbix-agent2 2024-10-17 11:13:35 +01:00
Christian Breunig
267bd9ca61 Kernel: T5887: update Linux Kernel to v6.6.56 2024-10-12 08:04:09 +02:00
Daniil Baturin
4d68265e7a build: T6231: remove Mellanox OFED drivers and tools 
until their license status is confirmed
 2024-10-10 09:51:34 +01:00
Daniil Baturin
49d41fa34a
Merge pull request #762 from sever-sever/T6713-current-realtek 
T6713: Update Realtek r8152 driver
 2024-10-07 15:58:30 +01:00
Christian Breunig
1e53e6451c Kernel: T5887: update Linux Kernel to v6.6.54 2024-10-05 08:15:55 +02:00
Viacheslav Hletenko
a3b515ca71 T6713: Update Realtek r8152 driver 2024-10-02 11:48:46 +00:00
Viacheslav Hletenko
7bd5496de1 T6755: Change default vyos mirror URL 2024-10-02 07:34:49 +00:00
Christian Breunig
d235b31a09 T861: sign all Kernel modules with an ephemeral key 
The shim review board (which is the secure boot base loader) recommends using
ephemeral keys when signing the Linux Kernel. This commit enables the Kernel
build system to generate a one-time ephemeral key that is used to:

* sign all build-in Kernel modules
* sign all other out-of-tree Kernel modules

The key lives in /tmp and is destroyed after the build container exits and is
named: "VyOS build time autogenerated kernel key".

In addition the Kernel now uses CONFIG_MODULE_SIG_FORCE. This now makes it
unable to load any Kernel Module to the image that is NOT signed by the
ephemeral key.
 2024-09-25 20:24:21 +02:00
Christian Breunig
88f072df3d Kernel: T5887: update Linux Kernel to v6.6.52 2024-09-22 09:31:31 +02:00
Christian Breunig
53bd06d17b T861: stripping Kernel modules would also remove module signatures 
As the VyOS Linux Kernel will be compiled with CONFIG_MODULE_SIG_FORCE all
driver modules need to be cryptographically signed. This happens during build
of the Kernel and it's 3rd party modules.

Stripping the objects would remove said signature and the system will be unable
to boot b/c of CONFIG_MODULE_SIG_FORCE.
 2024-09-22 09:31:31 +02:00
Christian Breunig
fd737172f1 T861: add UEFI Secure Boot support 
This adds support for UEFI Secure Boot. It adds the missing pieces to the Linux
Kernel and enforces module signing. This results in an additional security
layer where untrusted (unsigned) Kernel modules can no longer be loaded into
the live system.

NOTE: This commit will not work unless signing keys are present. Arbitrary
keys can be generated using instructions found in:

  data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md
 2024-09-14 23:05:23 +02:00
Christian Breunig
f523ae5cac Kernel: T5887: update Linux Kernel to v6.6.51 2024-09-14 20:58:44 +02:00
Christian Breunig
fd7d1d0d20 Kernel: T861: remove superfluous architecture from Kernel string 2024-09-07 21:31:46 +02:00
Christian Breunig
68671774f9 T4974: remove package openvpn-dco as it has a proper dependency via vyos-1x 2024-09-05 07:14:43 +02:00
Christian Breunig
f53921911e telegraf: T3664: remove package dependency 
Telegraf is not a full VyOS feature with a proper dependency in place via
vyos-1x package. Drop this temporary dependency.
 2024-09-05 07:13:08 +02:00
Christian Breunig
d50707bb29 T1416: remove deprecated default-union-grub-entry 2024-09-05 07:13:08 +02:00
Christian Breunig
c635fc980e
Kernel: T5887: update Linux Kernel to v6.6.49 2024-09-04 21:23:47 +02:00
Christian Breunig
c5c6a1347c
Merge pull request #738 from bk2zsto/image_format_singular 
build: T6666: singular image_format in flavor files
 2024-08-22 11:47:04 +02:00
bk2zsto
16a4c4d503 build: T6666: singular image_format in flavor files 2024-08-20 09:49:04 -04:00
Christian Breunig
035cf9bc12
Kernel: T5887: update Linux Kernel to v6.6.47 2024-08-20 07:10:48 +02:00
Christian Breunig
faa6453ec8 Kernel: T5887: update Linux Kernel to v6.6.45 2024-08-11 14:46:58 +02:00
Christian Breunig
afbe969377 Kernel: T5887: update Linux Kernel to v6.6.43 2024-07-29 08:04:13 +02:00
Christian Breunig
58025b253c build: T6231: include out-of-tree Mellanox driver in image 2024-07-25 20:31:30 +02:00
Christian Breunig
11e1620683
Kernel: T5887: update Linux Kernel to v6.6.42 2024-07-25 15:50:51 +02:00
Christian Breunig
c3513444a9
Merge pull request #709 from c-po/podman-T6598 
podman: T6598: add custom podman build for version 4.9.5
 2024-07-24 20:06:39 +02:00
Christian Breunig
a9baaaba16 podman: T6598: add custom podman build for version 4.9.5 2024-07-23 08:03:07 +02:00
Christian Breunig
12e531194d Kernel: T5887: update Linux Kernel to v6.6.41 2024-07-20 09:36:01 +02:00
Christian Breunig
303ba89c14 Kernel: T5887: update Linux Kernel to v6.6.40 2024-07-17 08:47:27 +02:00
Christian Breunig
022bb44588 Kernel: T5887: update Linux Kernel to v6.6.39 2024-07-12 14:47:09 +02:00