From 0f8a307f72568a67256888ba38e560fc8141ec7a Mon Sep 17 00:00:00 2001 From: "flowzone-app[bot]" <124931076+flowzone-app[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 00:36:27 +0000 Subject: [PATCH] v6.1.11 --- .versionbot/CHANGELOG.yml | 452 +++++++++++++------------------------- CHANGELOG.md | 31 +++ VERSION | 2 +- 3 files changed, 185 insertions(+), 300 deletions(-) diff --git a/.versionbot/CHANGELOG.yml b/.versionbot/CHANGELOG.yml index 1cd1a4bf..16af681f 100644 --- a/.versionbot/CHANGELOG.yml +++ b/.versionbot/CHANGELOG.yml @@ -1,3 +1,53 @@ +- commits: + - subject: Update layers/meta-balena to 2d7b9e10fb6564aa7383dc427876e91c9ab5cb1c + hash: 6a9b67030e4b4ae1eb6ff7ef1fb7b7bebd488a99 + body: Update layers/meta-balena + footer: + Changelog-entry: Update layers/meta-balena to 2d7b9e10fb6564aa7383dc427876e91c9ab5cb1c + changelog-entry: Update layers/meta-balena to 2d7b9e10fb6564aa7383dc427876e91c9ab5cb1c + author: balena-renovate[bot] + nested: + - commits: + - subject: Update tests/leviathan digest to ae505eb + hash: 42464576742648b84f86795f7d39cae12ff9bb9a + body: Update tests/leviathan + footer: + Change-type: patch + change-type: patch + author: balena-renovate[bot] + nested: + - commits: + - subject: Update actions/checkout digest to 11bd719 + hash: 9653c1e68ca07d9a9d7545cb018c4b2e09cbe914 + body: | + Update actions/checkout + footer: + Change-type: patch + change-type: patch + author: balena-renovate[bot] + nested: [] + version: leviathan-2.31.62 + title: "" + date: 2024-11-20T16:48:51.826Z + - commits: + - subject: Update balena-io/balena-cli to v19.16.0 + hash: 6b53a5af4bd9cb758ae28a3b595d1effd7d96b82 + body: | + Update balena-io/balena-cli from 19.0.18 to 19.16.0 + footer: + Change-type: patch + change-type: patch + author: balena-renovate[bot] + nested: [] + version: leviathan-2.31.61 + title: "" + date: 2024-11-20T15:54:30.635Z + version: meta-balena-6.1.11 + title: "" + date: 2024-11-20T18:59:00.812Z + version: 6.1.11 + title: "" + date: 2024-11-21T00:36:18.988Z - commits: - subject: Update layers/meta-balena to 9060838858c8461f42f88c344c8f63ab50c7707b hash: 3933454cf89aa155e595b03c211146964344bfdc @@ -1912,16 +1962,11 @@ - commits: - subject: "modemmanager: Fix SIM7100E crash" hash: e397c18742117596fed133e0b5992362e230f538 - body: > + body: | With the update to MM 1.22.0 we have received reports that - SIM7100E is not functioning correctly. - - Followed up with ModemManager devs and it was discovered the - issue - + Followed up with ModemManager devs and it was discovered the issue is related to a PCO setting: - https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/884 footer: Change-type: patch @@ -3830,11 +3875,8 @@ - commits: - subject: "hw.device-type: Update provisioning instructions for AGX Orin 64GB" hash: f8d665f044ea2e39a100fb865ffd5f8a8f4ae65f - body: > - The AGX Orin 64GB should be provisioned on the eMMC by default - as per the internal thread - https://balena.zulipchat.com/#narrow/stream/346009-aspect.2Fcustomer-success/topic/Get.20feedback.20on.20draft.20balenaOS.20with.20L4T.2036.2E3.20for.20Jetson.20Orin/near/455889690 - + body: | + The AGX Orin 64GB should be provisioned on the eMMC by default as per the internal thread https://balena.zulipchat.com/#narrow/stream/346009-aspect.2Fcustomer-success/topic/Get.20feedback.20on.20draft.20balenaOS.20with.20L4T.2036.2E3.20for.20Jetson.20Orin/near/455889690 We thus update the provisioning instructions accordingly footer: @@ -5727,14 +5769,8 @@ nested: [] - subject: unroll balena_api_is_dt_private function hash: cc3102dbb1348ee563b08dfd3afd37daaa0404ca - body: > - when building + deploying or a private DT , the check to see if - the DT is private fails. This is due to - https://github.com/balena-os/balena-yocto-scripts/blob/master/automation/include/balena-api.inc#L424 - using this function: - https://github.com/balena-os/balena-yocto-scripts/blob/master/automation/include/balena-lib.inc#L191 - - which uses the jenkins deployTo variable to select the correct - api url and token. + body: | + when building + deploying or a private DT , the check to see if the DT is private fails. This is due to https://github.com/balena-os/balena-yocto-scripts/blob/master/automation/include/balena-api.inc#L424 using this function: https://github.com/balena-os/balena-yocto-scripts/blob/master/automation/include/balena-lib.inc#L191 - which uses the jenkins deployTo variable to select the correct api url and token. footer: Change-type: patch change-type: patch @@ -8000,15 +8036,11 @@ nested: [] - subject: "os-helpers-tpm2: specify TCTI backend" hash: c4eb9d7f6ad412bd74d77ece0e534c8dd2dd6fac - body: > - Specify the TCTI backend [0], which also silences error messages - from - + body: | + Specify the TCTI backend [0], which also silences error messages from trying unsupported backends - - [0] - https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md + [0] https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md footer: Change-type: patch change-type: patch @@ -8866,38 +8898,21 @@ nested: [] - subject: "os-helpers: compute_pcr7: merge event log digests" hash: e10d67084621e5ce10f14557f2466e91ff684b41 - body: > + body: | The main variables measured into PCR7 to ensure secure boot - - configuration integrity are the state and EFI vars, including - PK, KEK, - + configuration integrity are the state and EFI vars, including PK, KEK, db, dbx, etc. - - However, some systems have firmware that will measure other, - unexpected - - events, such as "DMA Protection Disabled" (related to a Windows - feature - + However, some systems have firmware that will measure other, unexpected + events, such as "DMA Protection Disabled" (related to a Windows feature [0]), or "Unknown event type" with strange data. - - These events can't be predicted, and other devices may have - different - - measured events that aren't compliant with the TCG spec, so - attempt to - - check the TPM event log and extend our digest with any unknown - events - + These events can't be predicted, and other devices may have different + measured events that aren't compliant with the TCG spec, so attempt to + check the TPM event log and extend our digest with any unknown events that fit the bill. - - [0] - https://learn.microsoft.com/en-us/windows/security/hardware-security/kernel-dma-protection-for-thunderbolt + [0] https://learn.microsoft.com/en-us/windows/security/hardware-security/kernel-dma-protection-for-thunderbolt footer: Change-type: patch change-type: patch @@ -9493,15 +9508,9 @@ - commits: - subject: Remove dependency on @balena/happy-eyeballs hash: 08727ed2b5f67c55b2469d3ee5c5e2857119521b - body: > - Node 20 now implements the happy eyeballs algorithm as - part of its core - - `net` module, with the - [autoSelectFamily](https://nodejs.org/docs/latest-v20.x/api/net.html#netgetdefaultautoselectfamily) - option of `socket.connect`. This option defaults to - `true`, meaning that a separate - + body: | + Node 20 now implements the happy eyeballs algorithm as part of its core + `net` module, with the [autoSelectFamily](https://nodejs.org/docs/latest-v20.x/api/net.html#netgetdefaultautoselectfamily) option of `socket.connect`. This option defaults to `true`, meaning that a separate implementation of happy eyeballs is no longer needed. footer: Change-type: patch @@ -9903,15 +9912,10 @@ - subject: "resin-init-flasher: Allow building images for non-flasher devices that have internal storage" hash: 3a887512b343b80208196f6792a48f81d1a8c8f9 - body: > - As per the internal thread: - https://balena.zulipchat.com/#narrow/stream/360838-balena-io.2Fos.2Fdevices/topic/balena-raspberrypi.20jenkins.20build.20failures/near/423970246 - + body: | + As per the internal thread: https://balena.zulipchat.com/#narrow/stream/360838-balena-io.2Fos.2Fdevices/topic/balena-raspberrypi.20jenkins.20build.20failures/near/423970246 - Currently devices with on-board storage fail to build in - jenkins, if they don't provide a flasher image. One example is - the CM4. Since there are multiple devices using this - configuration, let's re-enable builds for all of them. + Currently devices with on-board storage fail to build in jenkins, if they don't provide a flasher image. One example is the CM4. Since there are multiple devices using this configuration, let's re-enable builds for all of them. footer: Change-type: patch change-type: patch @@ -10029,17 +10033,10 @@ - commits: - subject: Fix support for rsync deltas hash: 24e222045ac511cd4fbb3be66e57eb678a29d854 - body: > - Rsync (v2) deltas have been broken since [Supervisor - v14](https://github.com/balena-os/balena-supervisor/commit/460c3ba0aab31d18a02e3f5dda1838691768c494). - While considered legacy, - - they are still used by a few customers with devices - running OS < 2.47.1. - - This should fix v2 delta support for those devices until - we can - + body: | + Rsync (v2) deltas have been broken since [Supervisor v14](https://github.com/balena-os/balena-supervisor/commit/460c3ba0aab31d18a02e3f5dda1838691768c494). While considered legacy, + they are still used by a few customers with devices running OS < 2.47.1. + This should fix v2 delta support for those devices until we can completely remove rsync deltas from the supervisor footer: Change-type: patch @@ -10114,39 +10111,19 @@ - commits: - subject: Add special case for base DTO params on RPI config hash: 6e6a796da5ecc846248eae4c8495bc626964c038 - body: > - While ordering is important in the RPI firmware - configuration file (config.txt), - - some dt params are by default considered part of the - base dt overlay - + body: | + While ordering is important in the RPI firmware configuration file (config.txt), + some dt params are by default considered part of the base dt overlay if they are not used by other overlays. - - Unfortunately the [list of - dtparams](https://github.com/raspberrypi/firmware/blob/master/boot/overlays/README#L133) - - is too long to add all of them as exceptions, but we can - add the params - - used in the default config.txt provided in OS images, to - avoid reboots - - when updating to this new supervisor and correctly - parsing the - + Unfortunately the [list of dtparams](https://github.com/raspberrypi/firmware/blob/master/boot/overlays/README#L133) + is too long to add all of them as exceptions, but we can add the params + used in the default config.txt provided in OS images, to avoid reboots + when updating to this new supervisor and correctly parsing the provisioning config.txt as variables. - - While this addition handles most common scenarios, there - is still a - - chance a user may have use other base overlay dt params - in the initial - - config, in which case those will be interpreted - according to the - + While this addition handles most common scenarios, there is still a + chance a user may have use other base overlay dt params in the initial + config, in which case those will be interpreted according to the relative ordering footer: Change-type: patch @@ -13792,16 +13769,12 @@ - commits: - subject: 'Revert "kernel-balena: Remove apparmor support"' hash: ddc94ae58072323cf94ac39d6c2d16c78ff794d8 - body: > - This is no longer needed after the balena_os/balena-engine - commit: - + body: | + This is no longer needed after the balena_os/balena-engine commit: https://github.com/balena-os/balena-engine/commit/ed8ba18e8776a7bf37b3326baeca8196b4ea76b0 - released in balena-engine v20.10.39 - This reverts commit 18cd233a83554b58b3540164afd768fdeda60b03. footer: Change-type: patch @@ -15372,9 +15345,8 @@ - commits: - subject: "automation/balena-deploy: Pin to known working version of balena-img" hash: 927310397896f35bd1921202e8b1f30ba3ef47d8 - body: > - As per internal thread - https://balena.zulipchat.com/#narrow/stream/345890-balena-io/topic/Jenkins.20build.20failures/near/409602914 + body: | + As per internal thread https://balena.zulipchat.com/#narrow/stream/345890-balena-io/topic/Jenkins.20build.20failures/near/409602914 footer: Change-type: patch change-type: patch @@ -16855,12 +16827,9 @@ - commits: - subject: "linux/kernel-devsrc: Fix aarch64 kernel-headers-test build" hash: 65abb381ec266066b24f53fa3119dd47ec8af1a3 - body: > + body: | This fix has been ported from the following upstream - - change: - https://patchwork.yoctoproject.org/project/oe-core/patch/002c31d6add77e1002fb1ccd4050ce826a654170.1659653543.git.bruce.ashfield@gmail.com/ - + change: https://patchwork.yoctoproject.org/project/oe-core/patch/002c31d6add77e1002fb1ccd4050ce826a654170.1659653543.git.bruce.ashfield@gmail.com/ and fixes the following compilation error on generic-aarch64: make[1]: *** No rule to make target 'arch/arm64/tools/gen-sysreg.awk', @@ -17580,21 +17549,15 @@ - commits: - subject: "kernel-devsrc: fix for v6.1+" hash: 1687110706cbde4a4d968afb04b3abc07e5c7eaa - body: > + body: | Adapted as a bbappend from: - https://git.yoctoproject.org/poky/commit/meta/recipes-kernel/linux/kernel-devsrc.bb?id=2be1b5d7d38d72c35ec593b98366d128fe5ce12c - The 6.1 kernel has a number of Kbuild and architecture changes - that required us to update our devsrc recipe. With these changes - we are once again able to build on target modules for all - supported archectures. - (From OE-Core rev: a3972b3f919400a12bb9a546ae98092cbfdcdbb8) footer: Change-type: patch @@ -19857,10 +19820,8 @@ - commits: - subject: Fix LED support for ISG-503 hash: 8c779e12dbb16892528af17d8749cff1902146ad - body: > - The LED support was incorrectly changed in - https://github.com/balena-io/contracts/commit/4bb6eb1f732957e605f00e47b068199f14ff1765 - + body: | + The LED support was incorrectly changed in https://github.com/balena-io/contracts/commit/4bb6eb1f732957e605f00e47b068199f14ff1765 Let's switch it back to unsupported. footer: Change-type: patch @@ -21332,24 +21293,13 @@ - commits: - subject: Log uncaught promise exceptions on the app entry hash: 676464142690da2e36a810cb35e4ea4d0d751636 - body: > - Node 15 [changed the way it treats unhandled promise - rejections](https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V15.md#throw-on-unhandled-rejections---33021) - from a warning to a throw. - - For this reason errors like a corrupt migration - directory, that happens when trying to - - roll back to a previous supervisor version were no - longer showing a - - message but dumping the full minimized code into the - journal logs. - - - This PR adds a catchall on app.ts to log the exception - and throw an exit + body: | + Node 15 [changed the way it treats unhandled promise rejections](https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V15.md#throw-on-unhandled-rejections---33021) from a warning to a throw. + For this reason errors like a corrupt migration directory, that happens when trying to + roll back to a previous supervisor version were no longer showing a + message but dumping the full minimized code into the journal logs. + This PR adds a catchall on app.ts to log the exception and throw an exit code of 1. footer: Change-type: patch @@ -21362,15 +21312,10 @@ - commits: - subject: Fix assertion error in restart-service hash: b9e1464d96824f5332c71324d753d94ddbdecf90 - body: > - From: - https://github.com/balena-os/balena-supervisor/pull/2153/commits/c0b4fafe842115933b1da9b4d68e601a19c3e4eb - - Restart-service checks that both services have restarted - in its test assertion, which is - - incorrect as restart-service should only restart one - service. + body: | + From: https://github.com/balena-os/balena-supervisor/pull/2153/commits/c0b4fafe842115933b1da9b4d68e601a19c3e4eb + Restart-service checks that both services have restarted in its test assertion, which is + incorrect as restart-service should only restart one service. footer: Change-type: patch change-type: patch @@ -21964,20 +21909,14 @@ nested: [] - subject: Make sure balenaEngine owns the container cgroups hash: 5efa793c5af63ef177de95b8b4251799b0de7f40 - body: > - Setting `Delegate=yes` ensures that systemd will not change - anything on - + body: | + Setting `Delegate=yes` ensures that systemd will not change anything on the cgroups created for running the containers. - This setting is used upstream since this commit: - https://github.com/moby/moby/commit/d16737f971092767c1b9d28302a3f5aedbe2f576 - - And also is recommended by systemd: - https://systemd.io/CGROUP_DELEGATION/ + And also is recommended by systemd: https://systemd.io/CGROUP_DELEGATION/ footer: Signed-off-by: Leandro Motta Barros signed-off-by: Leandro Motta Barros @@ -22626,9 +22565,8 @@ - commits: - subject: "kernel-balena: Include NFS V2, V3 and V4 client and server modules" hash: 54c4090b518bccfdba0b635ead129502572685be - body: > + body: | As per internal discussion thread - https://balena.zulipchat.com/#narrow/stream/345882-_help/topic/.E2.9C.94.20nfs.20.283.20or.204.29.20on.20jetson.20nano/near/342072698 footer: Change-type: patch @@ -22643,23 +22581,15 @@ - commits: - subject: "dunfell+: remove obsolete systemd patch" hash: f649288c2b284cb06081d296e52b4562f512107b - body: > + body: | The patch applied to systemd addressed this upstream moby issue: - https://github.com/moby/moby/issues/27202 - This was fixed in containerd 1.0.2: - https://github.com/containerd/console/pull/10/commits/c358734ec94e72903243bd1c9034874a1de09424 - - This fix is present in balena engine since v17.13.5, which has - been in - - use since commit 53ce147. Drop this patch from - meta-balena-dunfell and - + This fix is present in balena engine since v17.13.5, which has been in + use since commit 53ce147. Drop this patch from meta-balena-dunfell and later. footer: Change-type: patch @@ -22971,15 +22901,11 @@ - commits: - subject: "balena-image-flasher: Default image type to balenaos-img" hash: 36750c1d0e75d82ec096faeff6d61579c075e0c4 - body: > - This avoids device repositories having to specify it, and it can - always - + body: | + This avoids device repositories having to specify it, and it can always be overwritten in append files. - - This change is an extension of - https://github.com/balena-os/meta-balena/commit/a3c276a1058d05e66991871bf167079fc2824843 + This change is an extension of https://github.com/balena-os/meta-balena/commit/a3c276a1058d05e66991871bf167079fc2824843 footer: Change-type: patch change-type: patch @@ -23790,19 +23716,13 @@ date: 2023-02-28T18:19:17.093Z - subject: trigger deploy builds on multi-digit revisions too hash: cfe54f654614dd51b6ff021a6f223acd636d175d - body: > + body: | According to github action syntax [1], there is no special character - to denote a match on zero or more of the preceding character, so - replace `[0-9]?` which only matches zero or one of the preceding - characters with a `*`. - - [1] - https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet - + [1] https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet [skip ci] footer: @@ -24725,42 +24645,21 @@ nested: [] - subject: Reference networks by Id instead of by name hash: 180c4ff31ad719fb2b00217548514d42a4b5c4cf - body: > - We have seen a few times devices with duplicated network - names for some - - reason. While we don't know the cause the networks get - duplicates, - - this is disruptive of updates, as the supervisor usually - queries - - resource by name, resulting in a 400 error from the - engine because of - + body: | + We have seen a few times devices with duplicated network names for some + reason. While we don't know the cause the networks get duplicates, + this is disruptive of updates, as the supervisor usually queries + resource by name, resulting in a 400 error from the engine because of the ambiguity. - - This replaces those queries by name to queries by id. - This includes - - network removal. If a `removeNetwork` step is generated, - the supervisor - - opts to remove all instances of the network with the - same name as it - + This replaces those queries by name to queries by id. This includes + network removal. If a `removeNetwork` step is generated, the supervisor + opts to remove all instances of the network with the same name as it cannot easily resolve the ambiguity. - - This doesn't solve the problem of ambiguous networks, - because even if - - networks are referenced by id when creating a container, - the engine will - - throw an error (see - https://github.com/balena-os/balena-supervisor/issues/590#issuecomment-1423557871) + This doesn't solve the problem of ambiguous networks, because even if + networks are referenced by id when creating a container, the engine will + throw an error (see https://github.com/balena-os/balena-supervisor/issues/590#issuecomment-1423557871) footer: Change-type: patch change-type: patch @@ -25345,9 +25244,8 @@ - commits: - subject: "efitools: backport patch to fix build failure" hash: 4497229d9d3435384564cde802a3d16cbc47300c - body: > + body: | Copied from buildroot mailing list: - http://lists.busybox.net/pipermail/buildroot/2021-April/610255.html footer: Change-type: patch @@ -26475,15 +26373,11 @@ - commits: - subject: "redsocks: Increase maximum number of open files" hash: e90b9159ed5f0dac3d9fe1b1b486201ee85f1161 - body: > - This increases the number of open connections that redsocks can - support - + body: | + This increases the number of open connections that redsocks can support to a new maximum of 2048. - - See - https://github.com/darkk/redsocks/blob/19b822e345f6a291f6cff6b168f1cfdfeeb2cd7d/base.c#L419 + See https://github.com/darkk/redsocks/blob/19b822e345f6a291f6cff6b168f1cfdfeeb2cd7d/base.c#L419 footer: Change-type: patch change-type: patch @@ -27236,35 +27130,22 @@ - commits: - subject: "Engine healthcheck: deal with empty uuid file" hash: 345d1440d34fe042f03884c4ae32f0ba7e7768e8 - body: > - In rare cases (believed to be caused by a non-atomic file - creation and - - writing operation in containerd), we end up with an empty file - at - + body: | + In rare cases (believed to be caused by a non-atomic file creation and + writing operation in containerd), we end up with an empty file at `/mnt/data/docker/containerd/daemon/io.containerd.grpc.v1.introspection/uuid`. - - This causes `ctr version` (and hence the health check) to fail. - See - + This causes `ctr version` (and hence the health check) to fail. See https://github.com/balena-os/balena-engine/issues/322 - This commit addresses this issue in two ways: - - 1. Before running `ctr version`, we check if the uuid file - exists and is + 1. Before running `ctr version`, we check if the uuid file exists and is empty. If so, we remove it. (The subsequent execution of `ctr version` by the healthcheck will create the file again.) - 2. After running `ctr version`, we check if the uuid file was - really + 2. After running `ctr version`, we check if the uuid file was really created and is not empty. - In both cases, when an empty uuid file is detected, we log the - event to - + In both cases, when an empty uuid file is detected, we log the event to help us confirm our hypothesis about the root cause. footer: Signed-off-by: Leandro Motta Barros @@ -28544,21 +28425,14 @@ - subject: "core: Reduce to 30 the retries number when trying to get the IP address of the DUT" hash: 02b270e1c55429c7316a9c65f70362185bbe3aec - body: > - Instead of retrying to get the DUT IP address 120 times - on a 1 seconds interval, - - let's reduce it to 30 times because the - resolveLocalTarget which we call will - + body: | + Instead of retrying to get the DUT IP address 120 times on a 1 seconds interval, + let's reduce it to 30 times because the resolveLocalTarget which we call will timeout too in 15 seconds: - https://github.com/balena-os/leviathan-worker/blob/master/lib/helpers/index.ts#L162 - - So reducing the retries number to 30 will effectly bring - the total combined timeout to a maximum of 8 minutes. + So reducing the retries number to 30 will effectly bring the total combined timeout to a maximum of 8 minutes. footer: Change-type: patch change-type: patch @@ -29989,12 +29863,10 @@ - commits: - subject: "wpa-supplicant: Sync with v2.10 from upstream" hash: 5464be07070bbc4a06a4d432250dd70b2b2e1522 - body: > + body: | Synced from: - http://cgit.openembedded.org/openembedded-core/commit/meta/recipes-connectivity/wpa-supplicant?id=3a43c2a82881688d85238464db371f695e60b572 - Closes #2838 footer: Change-type: patch @@ -30496,39 +30368,21 @@ - commits: - subject: "ntp: Remove race condition from directory creation" hash: 5fd19e26d35d7160e2531277a9a14e194d0b95c6 - body: > - Chronyd checks that the directory specified as `sourcedir` in - `chrony.conf` - - (in this case `/var/chrony`) is not world accessible if it - exists (chrony - - will create it correctly if it does not exist), and does not - start - + body: | + Chronyd checks that the directory specified as `sourcedir` in `chrony.conf` + (in this case `/var/chrony`) is not world accessible if it exists (chrony + will create it correctly if it does not exist), and does not start if that's the case. - - The way that the `/var/chrony` is created when it does not exist - opens - - the possibility of the directory existing with the wrong - permissions and - + The way that the `/var/chrony` is created when it does not exist opens + the possibility of the directory existing with the wrong permissions and hitting this problem. - - This commit creates the directory with the correct permissions - from the - + This commit creates the directory with the correct permissions from the start to avoid the race condition. - - It also changes the permissiong from 750 to 770 to match what - chrony - + It also changes the permissiong from 750 to 770 to match what chrony does (see - https://github.com/mlichvar/chrony/blob/7b197953e8add5515b7e58c4638dc55aa4bb91b7/conf.c#L1761) footer: Change-type: patch diff --git a/CHANGELOG.md b/CHANGELOG.md index 244b42d7..0df718de 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,37 @@ # v2.105.10 ## (2022-10-13) +# v6.1.11 +## (2024-11-21) + + +
+ Update layers/meta-balena to 2d7b9e10fb6564aa7383dc427876e91c9ab5cb1c [balena-renovate[bot]] + +> ## meta-balena-6.1.11 +> ### (2024-11-20) +> +> +>
+> Update tests/leviathan digest to ae505eb [balena-renovate[bot]] +> +>> ### leviathan-2.31.62 +>> #### (2024-11-20) +>> +>> * Update actions/checkout digest to 11bd719 [balena-renovate[bot]] +>> +>> ### leviathan-2.31.61 +>> #### (2024-11-20) +>> +>> * Update balena-io/balena-cli to v19.16.0 [balena-renovate[bot]] +>> +> +>
+> +> + +
+ # v6.1.10 ## (2024-11-18) diff --git a/VERSION b/VERSION index 444b194d..9a968b3a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -6.1.10 \ No newline at end of file +6.1.11 \ No newline at end of file