Jeremi Piotrowski

Thanks for the report. With this ignition config: ```yaml storage: disks: - device: /dev/vda wipe_table: false partitions: - label: STORAGE number: 10 start: 43GB size: 0 filesystems: - name: root...

The workaround has been provided; this could be revisited after the ignition v3 upgrade, which potentially solves it.

https://github.com/anchore/syft now supports the portage package database, and can be used to generate an SPDX SBOM.

The lbzip2 will soon be addressed by https://github.com/kinvolk/coreos-overlay/pull/1221.

> I'm also fine with down-casing all the names where - can be used, e.g. Flatcar-CAPI-stable- -> flatcar-capi-stable-. The names are case-insensitive, so lower-case makes sense. > If we would...

The first bullet point would require something like this in one of the ebuilds: ``` make modules_prepare HOSTLDFLAGS=-static```

Tried to go down the static linking path, that failed. sysdig-agent has a better build system which requires bind mounting /usr and relocates the binaries to find the correct libraries/linker....

So with this https://github.com/falcosecurity/falco/pull/2043 merged, this should work out-of-the-box when Falco 0.33.0 is released. You can already test this with the master tag of the falco container images: ``` docker...

@pothos suggests extending https://github.com/flatcar-linux/init/blob/flatcar-master/systemd/system-generators/flatcar-autologin-generator to react to a flag file (`flatcar-no-autologin`) or (re)parsing grub.cfg so that this can be influenced via ignition and applied at instance creation.

Merged these PRs: - [ ] https://github.com/flatcar-linux/scripts/pull/378 - [ ] https://github.com/flatcar-linux/coreos-overlay/pull/2027 Once releases happen through the container pipeline, `/usr/share/SLSA` will contain the required information.