diff --git a/SOURCES/0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch b/SOURCES/0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch new file mode 100644 index 0000000..b629a03 --- /dev/null +++ b/SOURCES/0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch @@ -0,0 +1,482 @@ +From 1eb69f434883ca685c5ee6136203f28231e18039 Mon Sep 17 00:00:00 2001 +From: Elkhan Mammadli +Date: Tue, 10 Oct 2023 02:11:23 +0400 +Subject: [PATCH 1/1] Improvements for AlmaLinux OS and CloudLinux OS + +Add AlmaLinux OS and CloudLinux OS support to: + +Modules: +- cc_ca_certs +- cc_ntp +- cc_resolv_conf + +Datasources: +- Rbx Cloud Datasource + +Systemd services: +- cloud-config.service +- cloud-final.service +- cloud-init-local.service +- cloud-init.service + +Signed-off-by: Elkhan Mammadli +--- + cloudinit/config/cc_ca_certs.py | 8 ++++ + cloudinit/config/cc_ntp.py | 11 ++--- + cloudinit/config/cc_resolv_conf.py | 2 + + cloudinit/settings.py | 2 +- + cloudinit/sources/DataSourceRbxCloud.py | 2 +- + systemd/cloud-config.service.tmpl | 2 +- + systemd/cloud-final.service.tmpl | 4 +- + systemd/cloud-init-local.service.tmpl | 12 ++--- + systemd/cloud-init.service.tmpl | 4 +- + templates/chrony.conf.almalinux.tmpl | 45 ++++++++++++++++++ + templates/chrony.conf.cloudlinux.tmpl | 45 ++++++++++++++++++ + templates/ntp.conf.almalinux.tmpl | 61 +++++++++++++++++++++++++ + templates/ntp.conf.cloudlinux.tmpl | 61 +++++++++++++++++++++++++ + 13 files changed, 238 insertions(+), 21 deletions(-) + create mode 100644 templates/chrony.conf.almalinux.tmpl + create mode 100644 templates/chrony.conf.cloudlinux.tmpl + create mode 100644 templates/ntp.conf.almalinux.tmpl + create mode 100644 templates/ntp.conf.cloudlinux.tmpl + +diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py +index 4dc0868..1665d30 100644 +--- a/cloudinit/config/cc_ca_certs.py ++++ b/cloudinit/config/cc_ca_certs.py +@@ -51,6 +51,12 @@ for distro in ( + ): + DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"] + ++for distro in ( ++ "almalinux", ++ "cloudlinux", ++): ++ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["rhel"] ++ + MODULE_DESCRIPTION = """\ + This module adds CA certificates to the system's CA store and updates any + related files using the appropriate OS-specific utility. The default CA +@@ -66,6 +72,8 @@ configuration option ``remove_defaults``. + order to provide the ``update-ca-certificates`` command. + """ + distros = [ ++ "almalinux", ++ "cloudlinux", + "alpine", + "debian", + "rhel", +diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py +index b5620f3..eae4099 100644 +--- a/cloudinit/config/cc_ntp.py ++++ b/cloudinit/config/cc_ntp.py +@@ -110,14 +110,6 @@ DISTRO_CLIENT_CONFIG = { + "service_name": "ntpd", + }, + }, +- "centos": { +- "ntp": { +- "service_name": "ntpd", +- }, +- "chrony": { +- "service_name": "chronyd", +- }, +- }, + "cos": { + "chrony": { + "service_name": "chronyd", +@@ -225,6 +217,9 @@ DISTRO_CLIENT_CONFIG = { + for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"): + DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["opensuse"] + ++for distro in ("almalinux", "centos", "cloudlinux"): ++ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"] ++ + for distro in ("sle_hpc", "sle-micro"): + DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"] + +diff --git a/cloudinit/config/cc_resolv_conf.py b/cloudinit/config/cc_resolv_conf.py +index 4629ca7..21057a1 100644 +--- a/cloudinit/config/cc_resolv_conf.py ++++ b/cloudinit/config/cc_resolv_conf.py +@@ -58,7 +58,9 @@ meta: MetaSchema = { + "title": "Configure resolv.conf", + "description": MODULE_DESCRIPTION, + "distros": [ ++ "almalinux", + "alpine", ++ "cloudlinux", + "fedora", + "mariner", + "opensuse", +diff --git a/cloudinit/settings.py b/cloudinit/settings.py +index a36c518..9f0a5f4 100644 +--- a/cloudinit/settings.py ++++ b/cloudinit/settings.py +@@ -62,7 +62,7 @@ CFG_BUILTIN = { + "cloud_dir": "/var/lib/cloud", + "templates_dir": "/etc/cloud/templates/", + }, +- "distro": "rhel", ++ "distro": "almalinux", + "network": {"renderers": None}, + }, + "vendor_data": {"enabled": True, "prefix": []}, +diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py +index 6890562..0b3c80c 100644 +--- a/cloudinit/sources/DataSourceRbxCloud.py ++++ b/cloudinit/sources/DataSourceRbxCloud.py +@@ -60,7 +60,7 @@ def _sub_arp(cmd): + + def gratuitous_arp(items, distro): + source_param = "-S" +- if distro.name in ["fedora", "centos", "rhel"]: ++ if distro.name in ["almalinux", "fedora", "centos", "cloudlinux", "rhel"]: + source_param = "-s" + for item in items: + try: +diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl +index d5568a6..a4d6038 100644 +--- a/systemd/cloud-config.service.tmpl ++++ b/systemd/cloud-config.service.tmpl +@@ -4,7 +4,7 @@ Description=Apply the settings specified in cloud-config + After=network-online.target cloud-config.target + After=snapd.seeded.service + Wants=network-online.target cloud-config.target +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl +index 85f423a..578c7f4 100644 +--- a/systemd/cloud-final.service.tmpl ++++ b/systemd/cloud-final.service.tmpl +@@ -7,7 +7,7 @@ After=multi-user.target + Before=apt-daily.service + {% endif %} + Wants=network-online.target cloud-config.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +@@ -19,7 +19,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final + RemainAfterExit=yes + TimeoutSec=0 + KillMode=process +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + # Restart NetworkManager if it is present and running. + ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \ + out=$(systemctl show --property=SubState $u) || exit; \ +diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl +index 6f3f9d8..f5521c4 100644 +--- a/systemd/cloud-init-local.service.tmpl ++++ b/systemd/cloud-init-local.service.tmpl +@@ -1,23 +1,23 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (pre-networking) +-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %} ++{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel" ] %} + DefaultDependencies=no + {% endif %} + Wants=network-pre.target + After=hv_kvp_daemon.service + After=systemd-remount-fs.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Requires=dbus.socket + After=dbus.socket + {% endif %} + Before=NetworkManager.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Before=network.service + {% endif %} + Before=network-pre.target + Before=shutdown.target +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Before=firewalld.target + Conflicts=shutdown.target + {% endif %} +@@ -26,14 +26,14 @@ Before=sysinit.target + Conflicts=shutdown.target + {% endif %} + RequiresMountsFor=/var/lib/cloud +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} + + [Service] + Type=oneshot +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ExecStartPre=/bin/mkdir -p /run/cloud-init + ExecStartPre=/sbin/restorecon /run/cloud-init + ExecStartPre=/usr/bin/touch /run/cloud-init/enabled +diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl +index 1b1f9a8..875555d 100644 +--- a/systemd/cloud-init.service.tmpl ++++ b/systemd/cloud-init.service.tmpl +@@ -1,7 +1,7 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (metadata service crawler) +-{% if variant not in ["photon", "rhel"] %} ++{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %} + DefaultDependencies=no + {% endif %} + Wants=cloud-init-local.service +@@ -39,7 +39,7 @@ Before=shutdown.target + Conflicts=shutdown.target + {% endif %} + Before=systemd-user-sessions.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl +new file mode 100644 +index 0000000..5b3542e +--- /dev/null ++++ b/templates/chrony.conf.almalinux.tmpl +@@ -0,0 +1,45 @@ ++## template:jinja ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++# Record the rate at which the system clock gains/losses time. ++driftfile /var/lib/chrony/drift ++ ++# Allow the system clock to be stepped in the first three updates ++# if its offset is larger than 1 second. ++makestep 1.0 3 ++ ++# Enable kernel synchronization of the real-time clock (RTC). ++rtcsync ++ ++# Enable hardware timestamping on all interfaces that support it. ++#hwtimestamp * ++ ++# Increase the minimum number of selectable sources required to adjust ++# the system clock. ++#minsources 2 ++ ++# Allow NTP client access from local network. ++#allow 192.168.0.0/16 ++ ++# Serve time even if not synchronized to a time source. ++#local stratum 10 ++ ++# Specify file containing keys for NTP authentication. ++#keyfile /etc/chrony.keys ++ ++# Specify directory for log files. ++logdir /var/log/chrony ++ ++# Select which information is logged. ++#log measurements statistics tracking +diff --git a/templates/chrony.conf.cloudlinux.tmpl b/templates/chrony.conf.cloudlinux.tmpl +new file mode 100644 +index 0000000..5b3542e +--- /dev/null ++++ b/templates/chrony.conf.cloudlinux.tmpl +@@ -0,0 +1,45 @@ ++## template:jinja ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++# Record the rate at which the system clock gains/losses time. ++driftfile /var/lib/chrony/drift ++ ++# Allow the system clock to be stepped in the first three updates ++# if its offset is larger than 1 second. ++makestep 1.0 3 ++ ++# Enable kernel synchronization of the real-time clock (RTC). ++rtcsync ++ ++# Enable hardware timestamping on all interfaces that support it. ++#hwtimestamp * ++ ++# Increase the minimum number of selectable sources required to adjust ++# the system clock. ++#minsources 2 ++ ++# Allow NTP client access from local network. ++#allow 192.168.0.0/16 ++ ++# Serve time even if not synchronized to a time source. ++#local stratum 10 ++ ++# Specify file containing keys for NTP authentication. ++#keyfile /etc/chrony.keys ++ ++# Specify directory for log files. ++logdir /var/log/chrony ++ ++# Select which information is logged. ++#log measurements statistics tracking +diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl +new file mode 100644 +index 0000000..62b4776 +--- /dev/null ++++ b/templates/ntp.conf.almalinux.tmpl +@@ -0,0 +1,61 @@ ++## template:jinja ++ ++# For more information about this file, see the man pages ++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). ++ ++driftfile /var/lib/ntp/drift ++ ++# Permit time synchronization with our time source, but do not ++# permit the source to query or modify the service on this system. ++restrict default kod nomodify notrap nopeer noquery ++restrict -6 default kod nomodify notrap nopeer noquery ++ ++# Permit all access over the loopback interface. This could ++# be tightened as well, but to do so would effect some of ++# the administrative functions. ++restrict 127.0.0.1 ++restrict -6 ::1 ++ ++# Hosts on local network are less restricted. ++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap ++ ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++#broadcast 192.168.1.255 autokey # broadcast server ++#broadcastclient # broadcast client ++#broadcast 224.0.1.1 autokey # multicast server ++#multicastclient 224.0.1.1 # multicast client ++#manycastserver 239.255.254.254 # manycast server ++#manycastclient 239.255.254.254 autokey # manycast client ++ ++# Enable public key cryptography. ++#crypto ++ ++includefile /etc/ntp/crypto/pw ++ ++# Key file containing the keys and key identifiers used when operating ++# with symmetric key cryptography. ++keys /etc/ntp/keys ++ ++# Specify the key identifiers which are trusted. ++#trustedkey 4 8 42 ++ ++# Specify the key identifier to use with the ntpdc utility. ++#requestkey 8 ++ ++# Specify the key identifier to use with the ntpq utility. ++#controlkey 8 ++ ++# Enable writing of statistics records. ++#statistics clockstats cryptostats loopstats peerstats +diff --git a/templates/ntp.conf.cloudlinux.tmpl b/templates/ntp.conf.cloudlinux.tmpl +new file mode 100644 +index 0000000..62b4776 +--- /dev/null ++++ b/templates/ntp.conf.cloudlinux.tmpl +@@ -0,0 +1,61 @@ ++## template:jinja ++ ++# For more information about this file, see the man pages ++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). ++ ++driftfile /var/lib/ntp/drift ++ ++# Permit time synchronization with our time source, but do not ++# permit the source to query or modify the service on this system. ++restrict default kod nomodify notrap nopeer noquery ++restrict -6 default kod nomodify notrap nopeer noquery ++ ++# Permit all access over the loopback interface. This could ++# be tightened as well, but to do so would effect some of ++# the administrative functions. ++restrict 127.0.0.1 ++restrict -6 ::1 ++ ++# Hosts on local network are less restricted. ++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap ++ ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++#broadcast 192.168.1.255 autokey # broadcast server ++#broadcastclient # broadcast client ++#broadcast 224.0.1.1 autokey # multicast server ++#multicastclient 224.0.1.1 # multicast client ++#manycastserver 239.255.254.254 # manycast server ++#manycastclient 239.255.254.254 autokey # manycast client ++ ++# Enable public key cryptography. ++#crypto ++ ++includefile /etc/ntp/crypto/pw ++ ++# Key file containing the keys and key identifiers used when operating ++# with symmetric key cryptography. ++keys /etc/ntp/keys ++ ++# Specify the key identifiers which are trusted. ++#trustedkey 4 8 42 ++ ++# Specify the key identifier to use with the ntpdc utility. ++#requestkey 8 ++ ++# Specify the key identifier to use with the ntpq utility. ++#controlkey 8 ++ ++# Enable writing of statistics records. ++#statistics clockstats cryptostats loopstats peerstats +-- +2.41.0 +