diff --git a/SOURCES/0001-Fix-and-Improve-AlmaLinux-support.patch b/SOURCES/0001-Fix-and-Improve-AlmaLinux-support.patch new file mode 100644 index 0000000..bbc871b --- /dev/null +++ b/SOURCES/0001-Fix-and-Improve-AlmaLinux-support.patch @@ -0,0 +1,519 @@ +From 4ca71d349bb17d6e4e00077064f68053c24b176e Mon Sep 17 00:00:00 2001 +From: Elkhan Mammadli +Date: Sun, 19 Feb 2023 15:57:36 +0400 +Subject: [PATCH] Fix and Improve AlmaLinux support + +- Fix cc_yum_add_repo module +- Fix cc_ntp module +- Add support for cc_ca_certs module +- Improve the AlmaLinux support in Cloud-init configuration +- Improve the AlmaLinux support in Cloud-init systemd services +- Add support to Rbx Cloud Datasource + +Signed-off-by: Elkhan Mammadli +--- + cloudinit/config/cc_ca_certs.py | 9 +++- + cloudinit/settings.py | 2 +- + cloudinit/sources/DataSourceRbxCloud.py | 2 +- + config/cloud.cfg.tmpl | 10 ++-- + packages/pkg-deps.json | 14 ++++++ + systemd/cloud-config.service.tmpl | 2 +- + systemd/cloud-final.service.tmpl | 4 +- + systemd/cloud-init-local.service.tmpl | 12 ++--- + systemd/cloud-init.service.tmpl | 4 +- + templates/chrony.conf.almalinux.tmpl | 45 ++++++++++++++++++ + templates/ntp.conf.almalinux.tmpl | 61 +++++++++++++++++++++++++ + tests/unittests/test_net.py | 1 + + tests/unittests/test_render_cloudcfg.py | 2 + + tools/read-dependencies | 8 +++- + tools/run-container | 12 ++--- + 15 files changed, 161 insertions(+), 27 deletions(-) + create mode 100644 templates/chrony.conf.almalinux.tmpl + create mode 100644 templates/ntp.conf.almalinux.tmpl + +diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py +index 6084cb4..55746ea 100644 +--- a/cloudinit/config/cc_ca_certs.py ++++ b/cloudinit/config/cc_ca_certs.py +@@ -19,6 +19,13 @@ DEFAULT_CONFIG = { + "ca_cert_update_cmd": ["update-ca-certificates"], + } + DISTRO_OVERRIDES = { ++ "almalinux": { ++ "ca_cert_path": "/usr/share/pki/ca-trust-source/", ++ "ca_cert_filename": "anchors/cloud-init-ca-certs.crt", ++ "ca_cert_config": None, ++ "ca_cert_system_path": "/etc/pki/ca-trust/", ++ "ca_cert_update_cmd": ["update-ca-trust"], ++ }, + "rhel": { + "ca_cert_path": "/usr/share/pki/ca-trust-source/", + "ca_cert_filename": "anchors/cloud-init-ca-certs.crt", +@@ -43,7 +50,7 @@ can be removed from the system with the configuration option + ca-certificates package is installed but not if the + ca-certificates-bundle package is installed. + """ +-distros = ["alpine", "debian", "ubuntu", "rhel"] ++distros = ["almalinux", "alpine", "debian", "ubuntu", "rhel"] + + meta: MetaSchema = { + "id": "cc_ca_certs", +diff --git a/cloudinit/settings.py b/cloudinit/settings.py +index 71672e1..e8224f8 100644 +--- a/cloudinit/settings.py ++++ b/cloudinit/settings.py +@@ -58,7 +58,7 @@ CFG_BUILTIN = { + "cloud_dir": "/var/lib/cloud", + "templates_dir": "/etc/cloud/templates/", + }, +- "distro": "rhel", ++ "distro": "almalinux", + "network": {"renderers": None}, + }, + "vendor_data": {"enabled": True, "prefix": []}, +diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py +index 14ac77e..7cd14a1 100644 +--- a/cloudinit/sources/DataSourceRbxCloud.py ++++ b/cloudinit/sources/DataSourceRbxCloud.py +@@ -55,7 +55,7 @@ def _sub_arp(cmd): + + def gratuitous_arp(items, distro): + source_param = "-S" +- if distro.name in ["fedora", "centos", "rhel"]: ++ if distro.name in ["almalinux", "fedora", "centos", "rhel"]: + source_param = "-s" + for item in items: + try: +diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl +index 80ab4f9..ce63c1b 100644 +--- a/config/cloud.cfg.tmpl ++++ b/config/cloud.cfg.tmpl +@@ -34,7 +34,7 @@ disable_root: true + + {% if variant in ["almalinux", "alpine", "amazon", "centos", "cloudlinux", "eurolinux", + "fedora", "miraclelinux", "openEuler", "rhel", "rocky", "virtuozzo"] %} +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2'] + {% else %} + mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2'] +@@ -70,7 +70,7 @@ network: + config: disabled + {% endif %} + +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + # Default redhat settings: + ssh_deletekeys: true + ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519'] +@@ -119,7 +119,7 @@ cloud_config_modules: + {% endif %} + {% if variant not in ["photon"] %} + - ssh-import-id +-{% if variant not in ["rhel"] %} ++{% if variant not in ["almalinux", "rhel"] %} + - keyboard + {% endif %} + - locale +@@ -128,7 +128,7 @@ cloud_config_modules: + {% if variant in ["rhel"] %} + - rh_subscription + {% endif %} +-{% if variant in ["rhel", "fedora", "photon"] %} ++{% if variant in ["almalinux", "rhel", "fedora", "photon"] %} + {% if variant not in ["photon"] %} + - spacewalk + {% endif %} +@@ -275,7 +275,7 @@ system_info: + groups: [adm, sudo] + {% elif variant == "arch" %} + groups: [wheel, users] +-{% elif variant == "rhel" %} ++{% elif variant in ["almalinux", "rhel"] %} + groups: [adm, systemd-journal] + {% else %} + groups: [wheel, adm, systemd-journal] +diff --git a/packages/pkg-deps.json b/packages/pkg-deps.json +index eaf1346..0c22fd4 100644 +--- a/packages/pkg-deps.json ++++ b/packages/pkg-deps.json +@@ -13,6 +13,20 @@ + "procps" + ] + }, ++ "almalinux" : { ++ "build-requires" : [ ++ "python3-devel" ++ ], ++ "requires" : [ ++ "e2fsprogs", ++ "iproute", ++ "net-tools", ++ "procps", ++ "rsyslog", ++ "shadow-utils", ++ "sudo" ++ ] ++ }, + "centos" : { + "build-requires" : [ + "python3-devel" +diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl +index d5568a6..4b88f83 100644 +--- a/systemd/cloud-config.service.tmpl ++++ b/systemd/cloud-config.service.tmpl +@@ -4,7 +4,7 @@ Description=Apply the settings specified in cloud-config + After=network-online.target cloud-config.target + After=snapd.seeded.service + Wants=network-online.target cloud-config.target +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl +index 85f423a..aa5990c 100644 +--- a/systemd/cloud-final.service.tmpl ++++ b/systemd/cloud-final.service.tmpl +@@ -7,7 +7,7 @@ After=multi-user.target + Before=apt-daily.service + {% endif %} + Wants=network-online.target cloud-config.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +@@ -19,7 +19,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final + RemainAfterExit=yes + TimeoutSec=0 + KillMode=process +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + # Restart NetworkManager if it is present and running. + ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \ + out=$(systemctl show --property=SubState $u) || exit; \ +diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl +index a6b8265..29ac717 100644 +--- a/systemd/cloud-init-local.service.tmpl ++++ b/systemd/cloud-init-local.service.tmpl +@@ -1,23 +1,23 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (pre-networking) +-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %} ++{% if variant in ["almalinux", "ubuntu", "unknown", "debian", "rhel" ] %} + DefaultDependencies=no + {% endif %} + Wants=network-pre.target + After=hv_kvp_daemon.service + After=systemd-remount-fs.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + Requires=dbus.socket + After=dbus.socket + {% endif %} + Before=NetworkManager.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + Before=network.service + {% endif %} + Before=network-pre.target + Before=shutdown.target +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + Before=firewalld.target + Conflicts=shutdown.target + {% endif %} +@@ -26,14 +26,14 @@ Before=sysinit.target + Conflicts=shutdown.target + {% endif %} + RequiresMountsFor=/var/lib/cloud +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} + + [Service] + Type=oneshot +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + ExecStartPre=/bin/mkdir -p /run/cloud-init + ExecStartPre=/sbin/restorecon /run/cloud-init + ExecStartPre=/usr/bin/touch /run/cloud-init/enabled +diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl +index c170aef..08da708 100644 +--- a/systemd/cloud-init.service.tmpl ++++ b/systemd/cloud-init.service.tmpl +@@ -1,7 +1,7 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (metadata service crawler) +-{% if variant not in ["photon", "rhel"] %} ++{% if variant not in ["almalinux", "photon", "rhel"] %} + DefaultDependencies=no + {% endif %} + Wants=cloud-init-local.service +@@ -36,7 +36,7 @@ Before=shutdown.target + Conflicts=shutdown.target + {% endif %} + Before=systemd-user-sessions.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "rhel"] %} + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + {% endif %} +diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl +new file mode 100644 +index 0000000..5b3542e +--- /dev/null ++++ b/templates/chrony.conf.almalinux.tmpl +@@ -0,0 +1,45 @@ ++## template:jinja ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++# Record the rate at which the system clock gains/losses time. ++driftfile /var/lib/chrony/drift ++ ++# Allow the system clock to be stepped in the first three updates ++# if its offset is larger than 1 second. ++makestep 1.0 3 ++ ++# Enable kernel synchronization of the real-time clock (RTC). ++rtcsync ++ ++# Enable hardware timestamping on all interfaces that support it. ++#hwtimestamp * ++ ++# Increase the minimum number of selectable sources required to adjust ++# the system clock. ++#minsources 2 ++ ++# Allow NTP client access from local network. ++#allow 192.168.0.0/16 ++ ++# Serve time even if not synchronized to a time source. ++#local stratum 10 ++ ++# Specify file containing keys for NTP authentication. ++#keyfile /etc/chrony.keys ++ ++# Specify directory for log files. ++logdir /var/log/chrony ++ ++# Select which information is logged. ++#log measurements statistics tracking +diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl +new file mode 100644 +index 0000000..62b4776 +--- /dev/null ++++ b/templates/ntp.conf.almalinux.tmpl +@@ -0,0 +1,61 @@ ++## template:jinja ++ ++# For more information about this file, see the man pages ++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). ++ ++driftfile /var/lib/ntp/drift ++ ++# Permit time synchronization with our time source, but do not ++# permit the source to query or modify the service on this system. ++restrict default kod nomodify notrap nopeer noquery ++restrict -6 default kod nomodify notrap nopeer noquery ++ ++# Permit all access over the loopback interface. This could ++# be tightened as well, but to do so would effect some of ++# the administrative functions. ++restrict 127.0.0.1 ++restrict -6 ::1 ++ ++# Hosts on local network are less restricted. ++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap ++ ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++ ++#broadcast 192.168.1.255 autokey # broadcast server ++#broadcastclient # broadcast client ++#broadcast 224.0.1.1 autokey # multicast server ++#multicastclient 224.0.1.1 # multicast client ++#manycastserver 239.255.254.254 # manycast server ++#manycastclient 239.255.254.254 autokey # manycast client ++ ++# Enable public key cryptography. ++#crypto ++ ++includefile /etc/ntp/crypto/pw ++ ++# Key file containing the keys and key identifiers used when operating ++# with symmetric key cryptography. ++keys /etc/ntp/keys ++ ++# Specify the key identifiers which are trusted. ++#trustedkey 4 8 42 ++ ++# Specify the key identifier to use with the ntpdc utility. ++#requestkey 8 ++ ++# Specify the key identifier to use with the ntpq utility. ++#controlkey 8 ++ ++# Enable writing of statistics records. ++#statistics clockstats cryptostats loopstats peerstats +diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py +index 591241b..05aa3f9 100644 +--- a/tests/unittests/test_net.py ++++ b/tests/unittests/test_net.py +@@ -6254,6 +6254,7 @@ class TestNetRenderers(CiTestCase): + def test_sysconfig_available_uses_variant_mapping(self, m_info, m_avail): + m_avail.return_value = True + variants = [ ++ "almalinux", + "suse", + "centos", + "eurolinux", +diff --git a/tests/unittests/test_render_cloudcfg.py b/tests/unittests/test_render_cloudcfg.py +index 9f95d44..f1844e9 100644 +--- a/tests/unittests/test_render_cloudcfg.py ++++ b/tests/unittests/test_render_cloudcfg.py +@@ -9,6 +9,7 @@ from tests.unittests.helpers import cloud_init_project_dir + + # TODO(Look to align with tools.render-cloudcfg or cloudinit.distos.OSFAMILIES) + DISTRO_VARIANTS = [ ++ "almalinux", + "amazon", + "arch", + "centos", +@@ -66,6 +67,7 @@ class TestRenderCloudCfg: + system_cfg = util.load_yaml(stream.read()) + + default_user_exceptions = { ++ "almalinux": "almalinux", + "amazon": "ec2-user", + "debian": "ubuntu", + "rhel": "cloud-user", +diff --git a/tools/read-dependencies b/tools/read-dependencies +index efa5879..7888c8f 100755 +--- a/tools/read-dependencies ++++ b/tools/read-dependencies +@@ -22,6 +22,7 @@ DEFAULT_REQUIREMENTS = 'requirements.txt' + + # Map the appropriate package dir needed for each distro choice + DISTRO_PKG_TYPE_MAP = { ++ 'almalinux': 'redhat', + 'centos': 'redhat', + 'eurolinux': 'redhat', + 'miraclelinux': 'redhat', +@@ -68,6 +69,7 @@ ZYPPER_INSTALL = [ + '--auto-agree-with-licenses'] + + DRY_DISTRO_INSTALL_PKG_CMD = { ++ 'almalinux': ['yum', 'install', '--assumeyes'], + 'rocky': ['yum', 'install', '--assumeyes'], + 'centos': ['yum', 'install', '--assumeyes'], + 'eurolinux': ['yum', 'install', '--assumeyes'], +@@ -76,6 +78,7 @@ DRY_DISTRO_INSTALL_PKG_CMD = { + } + + DISTRO_INSTALL_PKG_CMD = { ++ 'almalinux': MAYBE_RELIABLE_YUM_INSTALL, + 'rocky': MAYBE_RELIABLE_YUM_INSTALL, + 'eurolinux': MAYBE_RELIABLE_YUM_INSTALL, + 'miraclelinux': MAYBE_RELIABLE_YUM_INSTALL, +@@ -90,6 +93,7 @@ DISTRO_INSTALL_PKG_CMD = { + + # List of base system packages required to enable ci automation + CI_SYSTEM_BASE_PKGS = { ++ 'almalinux': ['python3-tox'], + 'common': ['make', 'sudo', 'tar'], + 'eurolinux': ['python3-tox'], + 'miraclelinux': ['python3-tox'], +@@ -285,10 +289,10 @@ def pkg_install(pkg_list, distro, test_distro=False, dry_run=False): + cmd = DRY_DISTRO_INSTALL_PKG_CMD[distro] + install_cmd.extend(cmd) + +- if distro in ['centos', 'redhat', 'rocky', 'eurolinux']: ++ if distro in ['almalinux', 'centos', 'redhat', 'rocky', 'eurolinux']: + # CentOS and Redhat need epel-release to access oauthlib and jsonschema + subprocess.check_call(install_cmd + ['epel-release']) +- if distro in ['suse', 'opensuse', 'redhat', 'rocky', 'centos', 'eurolinux']: ++ if distro in ['almalinux', 'suse', 'opensuse', 'redhat', 'rocky', 'centos', 'eurolinux']: + pkg_list.append('rpm-build') + subprocess.check_call(install_cmd + pkg_list) + +diff --git a/tools/run-container b/tools/run-container +index e049dfd..02088aa 100755 +--- a/tools/run-container ++++ b/tools/run-container +@@ -102,7 +102,7 @@ inject_cloud_init(){ + } + local t=${gitdir%/*} + case "$t" in +- */worktrees) ++ */worktrees) + if [ -f "${t%worktrees}/config" ]; then + gitdir="${t%worktrees}" + fi +@@ -191,7 +191,7 @@ os_info() { + + get_os_info() { + # run inside container, set OS_NAME, OS_VERSION +- # example OS_NAME are centos, debian, opensuse, rockylinux ++ # example OS_NAME are almalinux, centos, debian, opensuse, rockylinux + [ -n "${OS_NAME:-}" -a -n "${OS_VERSION:-}" ] && return 0 + if [ -f /etc/os-release ]; then + OS_NAME=$(sh -c '. /etc/os-release; echo $ID') +@@ -247,7 +247,7 @@ apt_install() { + install_packages() { + get_os_info || return + case "$OS_NAME" in +- centos|rocky*) yum_install "$@";; ++ almalinux|centos|rocky*) yum_install "$@";; + opensuse) zypper_install "$@";; + debian|ubuntu) apt_install "$@";; + *) error "Do not know how to install packages on ${OS_NAME}"; +@@ -486,16 +486,16 @@ main() { + + local build_pkg="" build_srcpkg="" pkg_ext="" distflag="" + case "$OS_NAME" in +- centos|rocky) distflag="--distro=redhat";; ++ almalinux|centos|rocky) distflag="--distro=redhat";; + opensuse) distflag="--distro=suse";; + esac + + case "$OS_NAME" in + debian|ubuntu) +- build_pkg="./packages/bddeb -d" ++ build_pkg="./packages/bddeb -d" + build_srcpkg="./packages/bddeb -S -d" + pkg_ext=".deb";; +- centos|opensuse|rocky) ++ almalinux|centos|opensuse|rocky) + build_pkg="./packages/brpm $distflag" + build_srcpkg="./packages/brpm $distflag --srpm" + pkg_ext=".rpm";; +-- +2.39.2 + diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec index 58a1b58..b6ad79b 100644 --- a/SPECS/cloud-init.spec +++ b/SPECS/cloud-init.spec @@ -46,6 +46,9 @@ Patch13: ci-Revert-Add-native-NetworkManager-support-1224.patch # For bz#2098624 - [RHEL-8.7] IPv6 not workable when cloud-init configure network using NM keyfiles Patch14: ci-Revert-Use-Network-Manager-and-Netplan-as-default-re.patch +# AlmaLinux patches +Patch100: 0001-Fix-and-Improve-AlmaLinux-support.patch + BuildArch: noarch BuildRequires: pkgconfig(systemd)