[PATCH clr-bundles] Update OpenStack bundle consolidation
by William Douglas
Since most of the components needing shared OpenStack common had been
removed, the bundle can be reworked to include just the joint parts of
openstack-identity and openstack-python-clients instead.
---
bundles/openstack-common | 30 ++++++++++++++++++++++++
bundles/openstack-identity | 49 +++++++++++++++++++++++++++++++++++++++-
bundles/openstack-python-clients | 14 ++++++++++++
3 files changed, 92 insertions(+), 1 deletion(-)
diff --git a/bundles/openstack-common b/bundles/openstack-common
index 960b10f..f69b6be 100644
--- a/bundles/openstack-common
+++ b/bundles/openstack-common
@@ -4,3 +4,33 @@
# [CAPABILITIES]:
# [MAINTAINER]: Obed Munoz <obed.n.munoz(a)intel.com>
include(python-basic)
+Babel
+debtcollector
+funcsigs
+functools32
+futures
+iso8601
+jsonschema
+keystoneauth1
+monotonic
+msgpack-python
+netaddr
+netifaces
+ordereddict
+oslo.config
+oslo.context
+oslo.i18n
+oslo.log
+oslo.serialization
+oslo.utils
+pbr
+positional
+prettytable
+pyinotify
+python-dateutil
+python-keystoneclient
+pytz
+requests
+setuptools
+six
+stevedore
diff --git a/bundles/openstack-identity b/bundles/openstack-identity
index 2a770d3..080f09d 100644
--- a/bundles/openstack-identity
+++ b/bundles/openstack-identity
@@ -4,25 +4,72 @@
# [CAPABILITIES]:
# [MAINTAINER]: Obed Munoz <obed.n.munoz(a)intel.com>
include(openstack-common)
+Jinja2
+Mako
+MarkupSafe
+MySQL-python
+Paste
+PasteDeploy
+PyMySQL
+PyYAML
+Routes
+SQLAlchemy
+Tempita
+WebOb
+alembic
+amqp
+anyjson
+cachetools
+cffi
+contextlib2
+crudini
cryptography
+decorator
dogpile.cache
dogpile.core
+enum34
+eventlet
+fasteners
+futurist
+greenlet
idna
+iniparse
ipaddress
keystone
+keystonemiddleware
+kombu
ldappool
+librabbitmq
memcached
-mariadb-server
nginx
oauthlib
openssl
oslo.cache
+oslo.concurrency
+oslo.db
+oslo.messaging
+oslo.middleware
+oslo.policy
+oslo.service
+osprofiler
passlib
+pika
+pika-pool
pyOpenSSL
+pyasn1
+pycadf
+pycparser
+pycrypto
pymongo
pysaml2
+python-editor
python-ldap
python-memcached
+repoze.lru
repoze.who
+retrying
+sqlalchemy-migrate
+sqlparse
uwsgi
+wrapt
zope.interface
diff --git a/bundles/openstack-python-clients b/bundles/openstack-python-clients
index 5cb4180..97659a4 100644
--- a/bundles/openstack-python-clients
+++ b/bundles/openstack-python-clients
@@ -4,17 +4,31 @@
# [CAPABILITIES]:
# [MAINTAINER]: Obed Munoz <obed.n.munoz(a)intel.com>
include(openstack-common)
+PyYAML
appdirs
+cliff
clr-python-timestamp
+cmd2
+jsonpatch
+jsonpointer
openstacksdk
os-client-config
pip
+pyparsing
+python-barbicanclient
python-ceilometerclient
python-cinderclient
python-designateclient
+python-glanceclient
python-heatclient
python-neutronclient
+python-novaclient
python-openstackclient
python-saharaclient
+python-swiftclient
python-troveclient
requestsexceptions
+simplejson
+unicodecsv
+warlock
+wrapt
--
2.10.1
4 years, 2 months
[PATCH openssh] Add patch for default server keep alive
by William Douglas
Update the ssh client default configuration to send a keep alive message
to the server every 120s in order to avoid disconnects due to NAT or
firewall timeouts.
---
0001-Set-default-server-keep-alive.patch | 25 +++++++++++++++++++++++++
openssh.spec | 4 +++-
release | 2 +-
series | 1 +
4 files changed, 30 insertions(+), 2 deletions(-)
create mode 100644 0001-Set-default-server-keep-alive.patch
diff --git a/0001-Set-default-server-keep-alive.patch b/0001-Set-default-server-keep-alive.patch
new file mode 100644
index 0000000..79b598c
--- /dev/null
+++ b/0001-Set-default-server-keep-alive.patch
@@ -0,0 +1,25 @@
+From cdd3b0a6bf7400932271e0a5e8b36cb1f780712c Mon Sep 17 00:00:00 2001
+From: William Douglas <william.douglas(a)intel.com>
+Date: Thu, 27 Oct 2016 18:21:20 +0000
+Subject: [PATCH] Set default server keep alive
+
+---
+ readconf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/readconf.c b/readconf.c
+index c177202..eecaa48 100644
+--- a/readconf.c
++++ b/readconf.c
+@@ -2006,7 +2006,7 @@ fill_default_options(Options * options)
+ if (options->verify_host_key_dns == -1)
+ options->verify_host_key_dns = 0;
+ if (options->server_alive_interval == -1)
+- options->server_alive_interval = 0;
++ options->server_alive_interval = 120;
+ if (options->server_alive_count_max == -1)
+ options->server_alive_count_max = 3;
+ if (options->control_master == -1)
+--
+2.10.1
+
diff --git a/openssh.spec b/openssh.spec
index c8db1bf..f9575ef 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -4,7 +4,7 @@
#
Name : openssh
Version : 7.3p1
-Release : 42
+Release : 43
URL : http://openbsd.c3sl.ufpr.br/pub/OpenBSD/OpenSSH/portable/openssh-7.3p1.ta...
Source0 : http://openbsd.c3sl.ufpr.br/pub/OpenBSD/OpenSSH/portable/openssh-7.3p1.ta...
Source1 : openssh.tmpfiles
@@ -29,6 +29,7 @@ Patch2: moduli-lookup.patch
Patch3: ciphers.patch
Patch4: default-ciphers-configuration.patch
Patch5: default-enable-pam.patch
+Patch6: 0001-Set-default-server-keep-alive.patch
%description
Ssh (Secure Shell) is a program for logging into a remote machine and for
@@ -93,6 +94,7 @@ extras components for the openssh package.
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
%build
export LANG=C
diff --git a/release b/release
index d81cc07..920a139 100644
--- a/release
+++ b/release
@@ -1 +1 @@
-42
+43
diff --git a/series b/series
index 43c0089..75a6961 100644
--- a/series
+++ b/series
@@ -3,3 +3,4 @@ moduli-lookup.patch
ciphers.patch
default-ciphers-configuration.patch
default-enable-pam.patch
+0001-Set-default-server-keep-alive.patch
--
2.10.1
4 years, 3 months
[PATCH clr-bundles] Update os-clr-on-clr after auto doc removal
by William Douglas
Remove doc bundles from os-clr-on-clr and in their place add the base
bundle when it wasn't included before (since these were previously auto
included by the doc bundle).
---
bundles/os-clr-on-clr | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/bundles/os-clr-on-clr b/bundles/os-clr-on-clr
index 8e5d242..ea4be5a 100644
--- a/bundles/os-clr-on-clr
+++ b/bundles/os-clr-on-clr
@@ -4,27 +4,27 @@
# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
include(c-basic)
+include(dev-utils)
include(dev-utils-dev)
-include(dev-utils-doc)
-include(editors-doc)
+include(editors)
include(go-basic)
include(koji)
include(kvm-host)
include(mail-utils)
include(mail-utils-dev)
include(mixer)
+include(network-basic)
include(network-basic-dev)
-include(network-basic-doc)
include(openssh-server)
+include(os-core)
include(os-core-dev)
-include(os-core-doc)
include(os-core-update-dev)
include(perl-basic)
include(python-basic)
+include(storage-utils)
include(storage-utils-dev)
-# needs autodoc first include(storage-utils-doc)
+include(sysadmin-basic)
include(sysadmin-basic-dev)
-include(sysadmin-basic-doc)
Mako-python
catkin
catkin_pkg
--
2.10.1
4 years, 3 months
[PATCH clr-bundles] Deprecate auto doc bundles
by William Douglas
Since autospec'd packages contain the doc bundle and most bundles list
the main package instead of subpackages auto doc bundles didn't turn out
to be as useful as first thought.
The major change here is the addition of os-core packages in
sysadmin-basic to pull in the doc subpackages.
---
auto.docbundles | 6 ------
bundles/dev-utils-doc | 11 +++--------
bundles/editors-doc | 11 +++--------
bundles/network-basic | 2 +-
bundles/network-basic-doc | 12 +++---------
bundles/os-core-doc | 10 +++-------
bundles/storage-utils | 1 +
bundles/sysadmin-basic | 22 +++++++++++++++++++---
bundles/sysadmin-basic-doc | 16 ++++------------
9 files changed, 37 insertions(+), 54 deletions(-)
delete mode 100644 auto.docbundles
diff --git a/auto.docbundles b/auto.docbundles
deleted file mode 100644
index 80a49a1..0000000
--- a/auto.docbundles
+++ /dev/null
@@ -1,6 +0,0 @@
-dev-utils
-editors
-network-basic
-os-core
-storage-utils
-sysadmin-basic
diff --git a/bundles/dev-utils-doc b/bundles/dev-utils-doc
index 79f5a8a..8fd03e6 100644
--- a/bundles/dev-utils-doc
+++ b/bundles/dev-utils-doc
@@ -1,11 +1,6 @@
# [TITLE]: dev-utils-doc
# [DESCRIPTION]: Provides documentation and manpages for dev-utils
-# [STATUS]: ACTIVE
-# [CAPABILITIES]:
+# [STATUS]: Deprecated
+# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
-include(dev-utils)
-cgdb-doc
-gdb-doc
-strace-doc
-valgrind-doc
-lcov-doc
+filesystem
diff --git a/bundles/editors-doc b/bundles/editors-doc
index 3fbc4dd..9123daa 100644
--- a/bundles/editors-doc
+++ b/bundles/editors-doc
@@ -1,11 +1,6 @@
# [TITLE]: editors-doc
# [DESCRIPTION]: Provides documentation and manpages for editors
-# [STATUS]: ACTIVE
-# [CAPABILITIES]:
+# [STATUS]: Deprecated
+# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
-include(editors)
-joe-doc
-emacs-doc
-ctags-doc
-vim-doc
-nano-doc
+filesystem
diff --git a/bundles/network-basic b/bundles/network-basic
index 7383f41..47686c1 100644
--- a/bundles/network-basic
+++ b/bundles/network-basic
@@ -12,7 +12,7 @@ bind-utils
bridge-utils
connman
conntrack-tools
-curl-bin
+curl
dpdk
ebtables
ethtool
diff --git a/bundles/network-basic-doc b/bundles/network-basic-doc
index 8a1a4d5..2e91751 100644
--- a/bundles/network-basic-doc
+++ b/bundles/network-basic-doc
@@ -1,12 +1,6 @@
# [TITLE]: network-basic-doc
# [DESCRIPTION]: Provides documentation and manpages for network-basic
-# [STATUS]: ACTIVE
-# [CAPABILITIES]:
+# [STATUS]: Deprecated
+# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
-include(network-basic)
-openssh-doc
-openssh-extras
-tcpdump-doc
-net-tools-doc
-rsync-doc
-ethtool-doc
+filesystem
diff --git a/bundles/os-core-doc b/bundles/os-core-doc
index ac04dae..ef44aa9 100644
--- a/bundles/os-core-doc
+++ b/bundles/os-core-doc
@@ -1,10 +1,6 @@
# [TITLE]: os-core-doc
# [DESCRIPTION]: Provides documentation and manpages for os-core
-# [STATUS]: ACTIVE
-# [CAPABILITIES]:
+# [STATUS]: Deprecated
+# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
-include(os-core)
-systemd-doc
-systemd-extras
-shadow-doc
-clr-systemd-config-extras
+filesystem
diff --git a/bundles/storage-utils b/bundles/storage-utils
index 5a3c866..b189d63 100644
--- a/bundles/storage-utils
+++ b/bundles/storage-utils
@@ -7,6 +7,7 @@ LVM2
LVM2-extras
btrfs-progs
dosfstools
+e2fsprogs
e2fsprogs-extras
gptfdisk
ibutils
diff --git a/bundles/sysadmin-basic b/bundles/sysadmin-basic
index b7dd763..164aa2a 100644
--- a/bundles/sysadmin-basic
+++ b/bundles/sysadmin-basic
@@ -3,16 +3,27 @@
# [STATUS]: Active
# [CAPABILITIES]:
# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
+# pciutils is not autospeced and so -data and -doc are specified manually
+# This bundle specificly contains all -doc bundles for os-core as well due
+# to size constraints for os-core.
bzip2
clr-hardware-files
collectl
+coreutils
cpuid
+dbus
dos2unix
+e2fsprogs
file
findutils
+gawk
gawk-extras
+grep
+hostname
htop
+iproute2
kbd
+kmod
less
libc-bin
lsacpi
@@ -21,6 +32,7 @@ man-db
man-pages
mc
mosh
+motd-update
parallel
pciutils
pciutils-data
@@ -28,13 +40,17 @@ pciutils-doc
powertop
procps-ng
psmisc
+sed
+shadow
sharutils
-sudo
strace
-systemd-doc
+sudo
+systemd
+systemd-bootchart
+systemd-extras
tmux
tree
unzip
usbutils
+util-linux
which
-motd-update
diff --git a/bundles/sysadmin-basic-doc b/bundles/sysadmin-basic-doc
index 2312a82..d776e43 100644
--- a/bundles/sysadmin-basic-doc
+++ b/bundles/sysadmin-basic-doc
@@ -1,14 +1,6 @@
# [TITLE]: sysadmin-basic-doc
# [DESCRIPTION]: Provides documentation and manpages for sysadmin-basic
-# [STATUS]: ACTIVE
-# [CAPABILITIES]:
-# [MAINTAINER]: Jim Chamings <jim.chamings(a)intel.com>
-include(sysadmin-basic)
-powertop-doc
-pciutils-doc
-strace-doc
-usbutils-doc
-collectl-doc
-htop-doc
-mosh-doc
-cpuid-doc
+# [STATUS]: Deprecated
+# [CAPABILITIES]:
+# [MAINTAINER]: William Douglas <william.douglas(a)intel.com>
+filesystem
--
2.10.1
4 years, 3 months
Clear Linux Highlights #4
by Hutanu, Eva P
[cid:image001.png@01D22877.4BB57C50]
Summary:
The latest release includes the potential for considerable performance boost for Python components in Clear Linux. It also adds several GNOME 3.22 components and continues to track the latest Linux kernel very closely.
Key component updates
kernel 4.8.1
systemd 231
nodejs 6.8
vim 8.0
emacs 25.1
Key new components
Apache Maven
GNOME 3.22 components
Wayland 1.12
Noteworthy items
Key Python components of the OS, like NumPy, SciPy, and scikit-learn, can now get a measurable performance gain on systems with an Intel(r) Advanced Vector Extensions 2 (Intel AVX2) capable processor. Some performance sensitive Python modules include compiled C code in the form of shared libraries. Typically, these shared libraries are compiled for the same CPU as the OS and do not use Intel AVX2 instructions. Python in Clear Linux now has two versions of these shared libraries pre-installed automatically, one without and one with the Intel AVX2 instructions enabled. At runtime, the Python interpreter picks the suitable version for the system's CPU.
The Clear Linux installer (Ister) now finds cloud-init configuration data during the install and uses micro config drive (ucf) to configure the host as directed by the cloud-init configuration file, allowing for customized and automated installation with the same configuration format for bare metal that is used for cloud provisioning.
Performance on Clear Linux maintains its advantage in several areas, including the latest tests from Phoronix showing our graphics performance advantage over Ubuntu, see the details here<http://www.phoronix.com/scan.php?page=article&item=clr-ubuntu-yak&num=1>.
4 years, 3 months
Systemd 231 & tmux
by Miguel Bernal Marin
Hi,
Clear Linux recently updated systemd to 231 release. This update brings
some changes on how systemd-logind handle the remained process after a
user logs out (see CHANGES WITH 230).
To back to the previous behavior (do not kill tmux when exit), you can
configure logind.conf system-wide to not kill user process after
log out.
#. Create logind.conf directory
mkdir -p /etc/systemd/logind.conf.d
#. Set KilluserProcesses to no
echo -e "[Login]\nKillUserProcesses=no" >
/etc/systemd/logind.conf.d/notkilluserprocesses.conf
#. Restart systemd-logind service
systemctl restart systemd-logind
Furthermore you can use a lists of usernames to override the
KillUserProcesses= settings, by using KillOnlyUsers=, KillExcludeUsers=
(see man logind.conf(5)).
An other workaround is explained in [1].
From systemd NEWS file:
CHANGES WITH 230:
* systemd-logind will now by default terminate user processes that are
part of the user session scope unit (session-XX.scope) when the user
logs out. This behavior is controlled by the KillUserProcesses=
setting in logind.conf, and the previous default of "no" is now
changed to "yes". This means that user sessions will be properly
cleaned up after, but additional steps are necessary to allow
intentionally long-running processes to survive logout.
CHANGES WITH 231:
* systemd will now log about all service processes it kills forcibly
(using SIGKILL) because they remained after the clean shutdown phase
of the service completed. This should help identifying services that
shut down uncleanly. Moreover if KillUserProcesses= is enabled in
systemd-logind's configuration a similar log message is generated for
processes killed at the end of each session due to this setting.
[1] https://github.com/tmux/tmux/issues/428
--
Regards,
Miguel Bernal Marin Open Source Technology Center
https://clearlinux.org Intel Corporation
4 years, 3 months
Clear Containers Queries
by Manideep Konakandla
Hey Team,
This is Manideep from Carnegie Mellon University. I am doing research on
container security from quite some time (results about which will be
published sometime mid-March or later). I came across clear containers
recently and started exploring more on that. Would need some confirmations
from your side so that I can proceed exploring more and include about your
work in my research. Please let me know if I get any of the below
statements wrong.
1. When I use clear containers, there will be no necessity for namespaces
and cgroups anymore.
2. Clear containers will have their own kernel which is clear linux's
kernel. They get it as a part of clear containers installation. Though it
is solving the core security problem of shared kernel in containers
environment , the concept of space wastage (having multiple) kernels on the
same host is still in place.
3. Do the concept of KGT etc. comes in-built with Clear Linux?
Also, I am assuming that TPM/TCB for containers (where docker daemon is
also included in the process of boot verification process) is just an
extension to already existing TPM chip and has no relation to clear
linux project. TPM can be used to further enhance the security of Clear
Linux.
4. It would be of great help if you can let me know what all packages does
Clear Linux comes up with? Does it trim most of the packages from Ubuntu or
else keeps all of them and then highly optimizes them? How does it work?
--
Regards,
*Manideep K*
*www.manideepk.com <http://www.manideepk.com>*
4 years, 3 months