github flatcar/scripts stable-3760.2.0
on GitHub

latest releases: main-9999.9.9-chewi-root-deps, main-4152.0.0-nightly-20241112-2100, alpha-4116.0.0-nightly-20241112-2100...
9 months ago

⚠️ From Alpha 3794.0.0 Torcx has been removed - please assert that you don’t rely on specific Torcx mechanism but now use systemd-sysext. See here for more information.

Changes since Stable-3602.2.3

Security fixes

Bug fixes

  • AWS: Fixed the Amazon SSM agent that was crashing. (Flatcar#1307)
  • Added AWS EKS support for versions 1.24-1.28. Fixed /usr/share/amazon/eks/download-kubelet.sh to include download paths for these versions. (scripts#1210)
  • Fix the RemainAfterExit clause in nvidia.service (Flatcar#1169)
  • Fixed a bug resulting in coreos-cloudinit resetting the instance hostname to 'localhost' if no metadata could be found (coreos-cloudinit#25, Flatcar#1262), with contributions from MichaelEischer
  • Fixed bug in handling renamed network interfaces when generating login issue (init#102)
  • Fixed iterating over the OEM update payload signatures which prevented the AWS OEM update to 3745.x.y (update-engine#31)
  • Fixed quotes handling for update-engine (Flatcar#1209)
  • Fixed supplying extension update payloads with a custom base URL in Nebraska (Flatcar#1281)
  • Fixed the missing /etc/extensions/ symlinks for the inbuilt Docker/containerd systemd-sysext images on update from Beta 3760.1.0 (update_engine#32)
  • Fixed the postinstall hook failure when updating from Azure instances without OEM systemd-sysext images to Flatcar Alpha 3745.x.y (update_engine#29)
  • GCP: Fixed OS Login enabling (scripts#1445)
  • Made sshkeys.service more robust to only run coreos-metadata-sshkeys@core.service when not masked and also retry on failure (init#112)

Changes

  • ⚠️ Dropped support for niftycloud and interoute. For interoute we haven't been generating the images for some time already. (scripts#971) ⚠️
  • AWS OEM images now use a systemd-sysext image for layering additional platform-specific software on top of /usr
  • Added TLS Kernel module (scripts#865)
  • Added support for multipart MIME userdata in coreos-cloudinit. Ignition now detects multipart userdata and delegates execution to coreos-cloudinit. (scripts#873)
  • Azure and QEMU OEM images now use systemd-sysext images for layering additional platform-specific software on top of /usr. For Azure images this also means that the image has a normal Python installation available through the sysext image. The OEM software is still not updated but this will be added soon.
  • Change nvidia.service to type oneshot (from the default "simple") so the subsequent services (configured with "Requires/After") are executed after the driver installation is successfully finished (flatcar/Flatcar#1136)
  • Enabled the virtio GPU driver (scripts#830)
  • Migrate to Type=notify in containerd.service. Changed the unit to Type=notify, utilizing the existing containerd support for sd_notify call after socket setup.
  • Migrated the NVIDIA installer from the Azure/AWS OEM partition to /usr to make it available on all platforms (scripts#932, Flatcar#1077)
  • Moved a mountpoint of the OEM partition from /usr/share/oem to /oem. /usr/share/oem became a symlink to /oem for backward compatibility. Despite the move, the initrd images providing files through /usr/share/oem should keep using /usr/share/oem. The move was done to enable activating the OEM sysext images that are placed in the OEM partition.
  • OEM vendor tools are now A/B updated if they are shipped as systemd-sysext images, the migration happens when both partitions require a systemd-sysext OEM image - note that this will delete the nvidia.service from /etc on Azure because it's now part of /usr (Flatcar#60)
  • Reworked the VMware OEM software to be shipped as A/B updated systemd-sysext image
  • SDK: Experimental support for prefix builds to create distro independent, portable, self-contained applications w/ all dependencies included. With contributions from chewi and HappyTobi.
  • Started shipping default ssh client and ssh daemon configs in /etc/ssh/ssh_config and /etc/ssh/sshd_config which include config snippets in /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d, respectively.
  • The open-vm-tools package in VMware OEM now comes with vmhgfs-fuse, udev rules, pam and vgauth
  • Updated locksmith to use non-deprecated resource control options in the systemd unit (Locksmith#20)

Updates

Changes since Beta-3760.1.1

Security fixes:

Bug fixes:

  • AWS: Fixed the Amazon SSM agent that was crashing. (Flatcar#1307)
  • Fixed a bug resulting in coreos-cloudinit resetting the instance hostname to 'localhost' if no metadata could be found (coreos-cloudinit#25, Flatcar#1262), with contributions from MichaelEischer
  • Fixed supplying extension update payloads with a custom base URL in Nebraska (Flatcar#1281)

Updates

Check out latest releases or
releases around flatcar/scripts stable-3760.2.0

Don't miss a new scripts release

NewReleases is sending notifications on new releases.

Get notifications