From 319c9501e5085f27de05ce071a0324ceeb857227 Mon Sep 17 00:00:00 2001
From: Kai Lueke <kailuke@microsoft.com>
Date: Wed, 29 Nov 2023 15:25:55 +0100
Subject: [PATCH 1/2] sys-kernel/bootengine: Bump ebuild revision

---
 ...{bootengine-0.0.38-r25.ebuild => bootengine-0.0.38-r26.ebuild} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/{bootengine-0.0.38-r25.ebuild => bootengine-0.0.38-r26.ebuild} (100%)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r25.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r26.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r25.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r26.ebuild

From 5590da400e3a9342d87b591d767b9cb6307c9afa Mon Sep 17 00:00:00 2001
From: Kai Lueke <kailuke@microsoft.com>
Date: Wed, 29 Nov 2023 12:43:48 +0100
Subject: [PATCH 2/2] build_image_util: Store path list for recreating tmpfiles
 rules

The removal of files in the overlay present in the lowerdir creates
whiteout entries that mask the lowerdir entries. For those files that
have a tmpfile rule for creation, a reboot would cause the file to be
created in the upperdir, meaning this file is not updated from the
lowerdir when it changes. In addition we have filtered out some tmpfile
rules that caused upcopies (symlinks and directories) which meant that
removing the /etc/resolv.conf symlink didn't bring it back after reboot.
To make files from the lowerdir show up if they have a tmpfile rule that
normally would recreate them we keep a list of whiteout entries that we
clean up on boot. This also prevents freezing files because
systemd-tmpfiles does not need to recreate them in the upperdir.
---
 build_library/build_image_util.sh                     | 11 +++++++++--
 changelog/bugfixes/2023-11-29-recreate-etc-files.md   |  1 +
 .../sys-kernel/bootengine/bootengine-9999.ebuild      |  2 +-
 3 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 changelog/bugfixes/2023-11-29-recreate-etc-files.md

diff --git a/build_library/build_image_util.sh b/build_library/build_image_util.sh
index 95714c373a2..570743c2393 100755
--- a/build_library/build_image_util.sh
+++ b/build_library/build_image_util.sh
@@ -737,9 +737,16 @@ EOF
   done
   sudo "${root_fs_dir}"/usr/sbin/flatcar-tmpfiles "${root_fs_dir}"
   # Now that we used the tmpfiles for creating /etc we delete them because
-  # the L, d, and C entries cause upcopies. Also filter out rules with ! or - but no other modifiers
+  # the L, d, D, and C entries cause upcopies. Also filter out rules with ! or - but no other modifiers
   # like + or = which explicitly recreate files.
-  sudo sed -i '/^[CLd]-*!*-*[ \t]*\/etc\//d' "${root_fs_dir}"/usr/lib/tmpfiles.d/*
+  # But before filtering, first store rules that would recreate missing files
+  # to /usr/share/flatcar/etc-no-whiteouts so that we can ensure that
+  # no overlayfs whiteouts exist for these files (example: /etc/resolv.conf).
+  # These rules are combined with the + modifier in addition.
+  # Other rules like w, e, x, do not create files that don't exist.
+  # Note: '-' must come first in the modifier pattern.
+  grep -Ph '^[fcCdDLvqQpb][-=~^!+]*[ \t]*/etc' "${root_fs_dir}"/usr/lib/tmpfiles.d/* | grep -oP '/etc[^ \t]*' | sudo_clobber "${root_fs_dir}"/usr/share/flatcar/etc-no-whiteouts
+  sudo sed -i '/^[CdDL][-=~^!]*[ \t]*\/etc\//d' "${root_fs_dir}"/usr/lib/tmpfiles.d/*
 
   # SELinux: Label the root filesystem for using 'file_contexts'.
   # The labeling has to be done before moving /etc to /usr/share/flatcar/etc to prevent wrong labels for these files and as
diff --git a/changelog/bugfixes/2023-11-29-recreate-etc-files.md b/changelog/bugfixes/2023-11-29-recreate-etc-files.md
new file mode 100644
index 00000000000..46ba8afaccf
--- /dev/null
+++ b/changelog/bugfixes/2023-11-29-recreate-etc-files.md
@@ -0,0 +1 @@
+- Deleted files in `/etc` that have a tmpfiles rule that normally would recreate them will now show up again through the `/etc` lowerdir ([Flatcar#1265](https://github.com/flatcar/Flatcar/issues/1265), [bootengine#79](https://github.com/flatcar/bootengine/pull/79))
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild
index 4fcc7d98a94..ab889033303 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild
@@ -10,7 +10,7 @@ CROS_WORKON_REPO="https://github.com"
 if [[ "${PV}" == 9999 ]]; then
 	KEYWORDS="~amd64 ~arm ~arm64 ~x86"
 else
-	CROS_WORKON_COMMIT="10cea163fa12a5686e367041bc9254b30461f261" # flatcar-master
+	CROS_WORKON_COMMIT="31d24b87717e6ee3b2970af5926a481d6bbff933" # flatcar-master
 	KEYWORDS="amd64 arm arm64 x86"
 fi