NOTICE: Keystone is deprecated from ClearLinux
by Munoz, Obed N
Hi all,
On last year, we decided that our Cloud Orchestrator for ClearLinux would be CIAO<https://clearlinux.org/ciao> Project. At that moment, the only OpenStack pieces that we kept in ClearLinux were Keystone (identity service) and OpenStack clients.
On last weeks we have been experiencing so much trouble with Keystone and its dependencies. All of this is because the hard requirements that Keystone has with certain packages that cannot be upgraded.
We have decided to remove Keystone service support from ClearLinux.
Why?
· As Keystone’s python3 support is still in progress, it affects ClearLinux’s plans for machine learning software which is mostly python3 developed.
o We want to ship python3 versions of software that will be required for Machine Learning usages.
· Keystone is not fitting with the ClearLinux’s philosophy of rolling release and having latest software versions.
· Keystone’s dependencies are really sensitive and a single dependency upgrade could cause a major damage.
We’ll only keep the OpenStack clients which don’t have any trouble with being on latest release. They are also Python2/Python3 build-able.
We encourage you to take a look on Ciao Project<https://clearlinux.org/ciao>.
Regards,
--
Obed N Munoz
Cloud Engineer @ ClearLinux Project
Open Source Technology Center
5 years, 7 months
Missing dependency for krb5-dev
by Allen, Benjamin S.
Package krb5-dev: /usr/include/krb5/krb5.h, line 8320:
#include <et/com_err.h>
This file is part of e2fsprogs-dev. e2fsprogs-dev is not listed as a dependency of the krb5-dev RPM.
Note, I ran into this while building packages with autospec and thus using Yum and RPMs.
Ben
5 years, 7 months
clearlinux-pkgs and Makefile.common
by Allen, Benjamin S.
It appears all of the Makefiles in the clearlinux-pkgs repos have an include of ../common/Makefile.common. Is there a parent repository for these package repositories?
Thanks,
Ben
5 years, 7 months
flake8 needs mccabe<0.7.0,>=0.6.0
by Allen, Benjamin S.
The current flake8 package needs mccabe<0.7.0,>=0.6.0. Currently mccabe 0.5.2 is available.
vagrant@clr-94ba9f0123c4422dade67c18df0c63ff ~ $ flake8
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 659, in _build_master
ws.require(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 967, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 858, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (mccabe 0.5.2 (/usr/lib/python3.6/site-packages), Requirement.parse('mccabe<0.7.0,>=0.6.0'), {'flake8'})
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/flake8", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3017, in <module>
@_call_aside
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3003, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3030, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 661, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 674, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 853, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'mccabe<0.7.0,>=0.6.0' distribution was not found and is required by flake8
Ben
5 years, 7 months
kernel-lts 4.9.10-308.lts missing VirtualBox modules and install script
by Allen, Benjamin S.
It looks like as of 13520, kernel-lts has moved to 4.9.10. This release is missing VirtualBox kernel modules and the handy install-vbox-lga script.
Also both the clearlinux-pkgs/linux-lts and clearlinux-pkgs/linux Github repos haven't been updated to reflect the current packages. Is this normal, i.e. pushing updated packages before updating the package repo?
Thanks,
Ben
5 years, 7 months
Following Mixer Docs, Ister fails with "self signed certificate"
by Allen, Benjamin S.
Following https://clearlinux.org/documentation/mixer.html. At the step to run ister.py to generate an image, swupd verify fails on validating the Manifest.Mom:
Cmd: ister.py -t release-image-config.json -V file:///media/mixer/update/www/ -C file:///media/mixer/update/www/ -f 1
Log: /var/log/ister.log
2017-02-22 14:40:30,007-DEBUG: Running command stdbuf -o 0 swupd verify --install --path=/tmp/ister-10-n30z3p6l --manifest=10 --contenturl=file:///media/mixer/update/www/ --versionurl=file:///media/mixer/update/www/ --format=1 --statedir=/var/lib/swupd
2017-02-22 14:40:30,012-INFO: swupd-client software verify 3.8.1
2017-02-22 14:40:30,012-INFO: Copyright (C) 2012-2016 Intel Corporation
2017-02-22 14:40:30,012-INFO:
2017-02-22 14:40:30,012-INFO: Verifying version 10
2017-02-22 14:40:30,012-INFO: Attempting to download version string to memory
2017-02-22 14:40:30,012-INFO: Certificate verification error: self signed certificate
2017-02-22 14:40:30,013-INFO: Certificate verification error: self signed certificate
2017-02-22 14:40:30,013-INFO: WARNING!!! FAILED TO VERIFY SIGNATURE OF Manifest.MoM
2017-02-22 14:40:30,013-INFO: Unable to download/verify 10 Manifest.MoM
2017-02-22 14:40:30,013-INFO: Error: Fix did not fully succeed
2017-02-22 14:40:30,013-DEBUG: Error Signature check failed!
140452224268056:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:336:Verify error:self signed certificate
2017-02-22 14:40:30,014-ERROR: Couldn't install ClearLinux
2017-02-22 14:40:30,014-INFO: Cleaning up
2017-02-22 14:40:30,014-DEBUG: Running command umount -R /tmp/ister-10-n30z3p6l
2017-02-22 14:40:30,030-DEBUG: Running command rm -fr /tmp/ister-10-n30z3p6l
2017-02-22 14:40:30,032-DEBUG: Running command losetup --detach /dev/loop0
2017-02-22 14:40:30,044-DEBUG: Failed: Exception('stdbuf -o 0 swupd verify --install --path=/tmp/ister-10-n30z3p6l --manifest=10 --contenturl=file:///media/mixer/update/www/ --versionurl=file:///media/mixer/update/www/ --format=1 --statedir=/var/lib/swupd failed: stdbuf -o 0 swupd verify --install --path=/tmp/ister-10-n30z3p6l --manifest=10 --contenturl=file:///media/mixer/update/www/ --versionurl=file:///media/mixer/update/www/ --format=1 --statedir=/var/lib/swupd failed',)
Thoughts?
Thanks,
Ben
5 years, 7 months
Container Security
by Erik Carlson
Good Morning,
We are a research and development company that is looking into the use of
containers in a highly secure manor. I was wondering if we could get some
information or get a demo that can get us more information about the Clear
Linux project. I specific focus would be how clear might allow for greater
MAC within a container
Regards,
Erik Carlson, MBA, CISSP
Direct (240)436-2299
5 years, 7 months
[PATCH clr-bundles] Enable swupd telemetry.
by Auke Kok
This autostart package installs the required symlink to enable swupd
telemetry for all clients that have opted in to telemetry.
---
bundles/telemetrics | 1 +
1 file changed, 1 insertion(+)
diff --git a/bundles/telemetrics b/bundles/telemetrics
index 383960e..26b8dbc 100644
--- a/bundles/telemetrics
+++ b/bundles/telemetrics
@@ -5,4 +5,5 @@
# [MAINTAINER]: Robert A Nesius <robert.a.nesius(a)intel.com>
clr-debug-info
swupd-probe
+swupd-probe-autostart
telemetrics-client
--
2.11.1
5 years, 7 months
[PATCH clr-bundles] nslookup doesn't work without openssl
by Robert Nesius
Signed-off-by: Robert Nesius <robert.a.nesius(a)intel.com>
---
bundles/network-basic | 1 +
1 file changed, 1 insertion(+)
diff --git a/bundles/network-basic b/bundles/network-basic
index e51d5a8..7659c1f 100644
--- a/bundles/network-basic
+++ b/bundles/network-basic
@@ -35,6 +35,7 @@ nftables
openconnect
opensm
openssh
+openssl
openvswitch
pacrunner
quagga
--
2.11.1
5 years, 7 months
