Bug 1808459

Summary: rpm-ostree insert file into initramfs may not work
Product: Red Hat Enterprise Linux 8 Reporter: Jonathan Lebon <jlebon>
Component: rpm-ostreeAssignee: Jonathan Lebon <jlebon>
Status: CLOSED ERRATA QA Contact: atomic-bugs <atomic-bugs>
Severity: unspecified Docs Contact:
Priority: high    
Version: 8.2CC: imcleod, jistone, jlebon, jwboyer, lmiksik, mnguyen, walters
Target Milestone: rc   
Target Release: 8.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 15:34:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1806588    

Description Jonathan Lebon 2020-02-28 15:02:10 UTC
Backport patches for rpm-ostree in 8.2 for OCP4.4:
https://bugzilla.redhat.com/show_bug.cgi?id=1806588

Comment 3 Colin Walters 2020-03-03 15:44:15 UTC
Side note, builds are getting blocked in Errata Tool due to what looks like a potential rust-lang regression around -fPIC, see
https://rpmdiff.engineering.redhat.com/run/435278/7/

I raised it with Josh Stone but I think short term we should just ask the security team to waive this; it's mostly impacting i686 which we don't even ship with OpenShift, *and* using a memory safe language without null pointers etc. is a much stronger security improvement than PIC code - doesn't hurt to have both but we shouldn't allow weaker mitigations to block stronger ones.

Comment 5 Colin Walters 2020-03-03 18:46:27 UTC
https://bugzilla.redhat.com/show_bug.cgi?id=1809724

Comment 11 errata-xmlrpc 2020-04-28 15:34:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1589