Name: cloud-init Version: 21.1 Release: 15%{?dist} Summary: Cloud instance init scripts License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init Source0: https://launchpad.net/cloud-init/trunk/%{version}/+download/%{name}-%{version}.tar.gz Source1: cloud-init-tmpfiles.conf Patch0001: 0001-Add-initial-redhat-setup.patch Patch0002: 0002-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch Patch0003: 0003-limit-permissions-on-def_log_file.patch # For bz#1970909 - [cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image[rhel-9] Patch4: ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch # For bz#1943511 - [Aliyun][RHEL9.0][cloud-init] cloud-init service failed to start with Alibaba instance Patch5: ci-Fix-requiring-device-number-on-EC2-derivatives-836.patch # For bz#1945892 - CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-9.0] Patch6: ci-write-passwords-only-to-serial-console-lock-down-clo.patch # For bz#1979099 - [cloud-init]Customize ssh AuthorizedKeysFile causes login failure[RHEL-9.0] Patch7: ci-ssh-util-allow-cloudinit-to-merge-all-ssh-keys-into-.patch # For bz#1979099 - [cloud-init]Customize ssh AuthorizedKeysFile causes login failure[RHEL-9.0] Patch8: ci-Stop-copying-ssh-system-keys-and-check-folder-permis.patch # For bz#1995843 - [cloudinit] Fix home permissions modified by ssh module Patch9: ci-Fix-home-permissions-modified-by-ssh-module-SC-338-9.patch # For bz#2002302 - cloud-init fails with ValueError: need more than 1 value to unpack[rhel-9] Patch10: ci-ssh_utils.py-ignore-when-sshd_config-options-are-not.patch # For bz#2002492 - util.py[WARNING]: Failed generating key type rsa to file /etc/ssh/ssh_host_rsa_key Patch11: ci-Inhibit-sshd-keygen-.service-if-cloud-init-is-active.patch # For bz#2015974 - cloud-init fails to set host key permissions correctly Patch12: ci-cc_ssh.py-fix-private-key-group-owner-and-permission.patch # For bz#2016305 - disable-sshd-keygen-if-cloud-init-active.conf:8: Missing '=', ignoring line Patch13: ci-remove-unnecessary-EOF-string-in-disable-sshd-keygen.patch # For bz#2028381 - cloud-init.service fails to start after package update Patch14: ci-fix-error-on-upgrade-caused-by-new-vendordata2-attri.patch # For bz#2028031 - [RHEL-9] Above 19.2 of cloud-init fails to configure routes when configuring static and default routes to the same destination IP Patch15: ci-cloudinit-net-handle-two-different-routes-for-the-sa.patch # Source-git patches BuildArch: noarch BuildRequires: pkgconfig(systemd) BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: systemd # For tests BuildRequires: iproute BuildRequires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 BuildRequires: python3-distro # https://bugzilla.redhat.com/show_bug.cgi?id=1417029 BuildRequires: python3-httpretty >= 0.8.14-2 BuildRequires: python3-jinja2 BuildRequires: python3-jsonpatch BuildRequires: python3-oauthlib BuildRequires: python3-prettytable BuildRequires: python3-pyserial BuildRequires: python3-PyYAML BuildRequires: python3-requests BuildRequires: python3-six # dnf is needed to make cc_ntp unit tests work # https://bugs.launchpad.net/cloud-init/+bug/1721573 BuildRequires: /usr/bin/dnf Requires: e2fsprogs Requires: iproute Requires: libselinux-python3 Requires: policycoreutils-python3 Requires: procps Requires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 Requires: python3-distro Requires: python3-jinja2 Requires: python3-jsonpatch Requires: python3-oauthlib Requires: python3-prettytable Requires: python3-pyserial Requires: python3-PyYAML Requires: python3-requests Requires: python3-six Requires: shadow-utils Requires: util-linux Requires: xfsprogs Requires: dhcp-client # https://bugzilla.redhat.com/show_bug.cgi?id=2032524 Requires: gdisk Requires: openssl %{?systemd_requires} %description Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts. %prep %autosetup -p1 # Change shebangs sed -i -e 's|#!/usr/bin/env python|#!/usr/bin/env python3|' \ -e 's|#!/usr/bin/python|#!/usr/bin/python3|' tools/* cloudinit/ssh_util.py %build %py3_build %install %py3_install -- %if 0%{?fedora} python3 tools/render-cloudcfg --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg %elif 0%{?rhel} cp -p rhel/cloud.cfg $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg %endif sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $RPM_BUILD_ROOT/%{python3_sitelib}/cloudinit/version.py mkdir -p $RPM_BUILD_ROOT/var/lib/cloud # /run/cloud-init needs a tmpfiles.d entry mkdir -p $RPM_BUILD_ROOT/run/cloud-init mkdir -p $RPM_BUILD_ROOT/%{_tmpfilesdir} cp -p %{SOURCE1} $RPM_BUILD_ROOT/%{_tmpfilesdir}/%{name}.conf # We supply our own config file since our software differs from Ubuntu's. cp -p rhel/cloud.cfg $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d cp -p tools/21-cloudinit.conf $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf # Make installed NetworkManager hook name less generic mv $RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/hook-network-manager \ $RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook # Install our own systemd units (rhbz#1440831) mkdir -p $RPM_BUILD_ROOT%{_unitdir} cp rhel/systemd/* $RPM_BUILD_ROOT%{_unitdir}/ [ ! -d $RPM_BUILD_ROOT%{_systemdgeneratordir} ] && mkdir -p $RPM_BUILD_ROOT%{_systemdgeneratordir} python3 tools/render-cloudcfg --variant rhel systemd/cloud-init-generator.tmpl > $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator chmod 755 $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator [ ! -d $RPM_BUILD_ROOT/usr/lib/%{name} ] && mkdir -p $RPM_BUILD_ROOT/usr/lib/%{name} cp -p tools/ds-identify $RPM_BUILD_ROOT%{_libexecdir}/%{name}/ds-identify # installing man pages mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1/ for man in cloud-id.1 cloud-init.1 cloud-init-per.1; do install -c -m 0644 doc/man/${man} ${RPM_BUILD_ROOT}%{_mandir}/man1/${man} chmod -x ${RPM_BUILD_ROOT}%{_mandir}/man1/* done %clean rm -rf $RPM_BUILD_ROOT %post if [ $1 -eq 1 ] ; then # Initial installation # Enabled by default per "runs once then goes away" exception /bin/systemctl enable cloud-config.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-final.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-init.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-init-local.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-init.target >/dev/null 2>&1 || : elif [ $1 -eq 2 ]; then # Upgrade. If the upgrade is from a version older than 0.7.9-8, # there will be stale systemd config /bin/systemctl is-enabled cloud-config.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-config.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-final.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-final.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-init.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-init.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-init-local.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-init-local.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-init.target >/dev/null 2>&1 && /bin/systemctl reenable cloud-init.target >/dev/null 2>&1 || : fi %preun if [ $1 -eq 0 ] ; then # Package removal, not upgrade /bin/systemctl --no-reload disable cloud-config.service >/dev/null 2>&1 || : /bin/systemctl --no-reload disable cloud-final.service >/dev/null 2>&1 || : /bin/systemctl --no-reload disable cloud-init.service >/dev/null 2>&1 || : /bin/systemctl --no-reload disable cloud-init-local.service >/dev/null 2>&1 || : /bin/systemctl --no-reload disable cloud-init.target >/dev/null 2>&1 || : # One-shot services -> no need to stop fi %postun %systemd_postun cloud-config.service cloud-config.target cloud-final.service cloud-init.service cloud-init.target cloud-init-local.service %files %license LICENSE %doc ChangeLog rhel/README.rhel %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg %dir %{_sysconfdir}/cloud/cloud.cfg.d %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d/*.cfg %doc %{_sysconfdir}/cloud/cloud.cfg.d/README %dir %{_sysconfdir}/cloud/templates %config(noreplace) %{_sysconfdir}/cloud/templates/* %{_unitdir}/cloud-config.service %{_unitdir}/cloud-config.target %{_unitdir}/cloud-final.service %{_unitdir}/cloud-init-local.service %{_unitdir}/cloud-init.service %{_unitdir}/cloud-init.target %{_tmpfilesdir}/%{name}.conf %{python3_sitelib}/* %{_libexecdir}/%{name} %{_bindir}/cloud-init* %doc %{_datadir}/doc/%{name} %{_mandir}/man1/* %dir %verify(not mode) /run/cloud-init %dir /var/lib/cloud /etc/NetworkManager/dispatcher.d/cloud-init-azure-hook %{_udevrulesdir}/66-azure-ephemeral.rules %{_sysconfdir}/bash_completion.d/cloud-init %{_bindir}/cloud-id %{_libexecdir}/%{name}/ds-identify %{_systemdgeneratordir}/cloud-init-generator %{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf %dir %{_sysconfdir}/rsyslog.d %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog * Thu Jan 13 2022 Miroslav Rezanina - 21.1-15 - ci-Add-gdisk-and-openssl-as-deps-to-fix-UEFI-Azure-init.patch [bz#2032524] - Resolves: bz#2032524 ([RHEL9] [Azure] cloud-init fails to configure the system) * Tue Dec 14 2021 Miroslav Rezanina - 21.1-14 - ci-cloudinit-net-handle-two-different-routes-for-the-sa.patch [bz#2028031] - Resolves: bz#2028031 ([RHEL-9] Above 19.2 of cloud-init fails to configure routes when configuring static and default routes to the same destination IP) * Mon Dec 06 2021 Miroslav Rezanina - 21.1-13 - ci-fix-error-on-upgrade-caused-by-new-vendordata2-attri.patch [bz#2028381] - Resolves: bz#2028381 (cloud-init.service fails to start after package update) * Mon Nov 01 2021 Miroslav Rezanina - 21.1-12 - ci-remove-unnecessary-EOF-string-in-disable-sshd-keygen.patch [bz#2016305] - Resolves: bz#2016305 (disable-sshd-keygen-if-cloud-init-active.conf:8: Missing '=', ignoring line) * Tue Oct 26 2021 Miroslav Rezanina - 21.1-11 - ci-cc_ssh.py-fix-private-key-group-owner-and-permission.patch [bz#2015974] - Resolves: bz#2015974 (cloud-init fails to set host key permissions correctly) * Mon Oct 18 2021 Miroslav Rezanina - 21.1-10 - ci-Inhibit-sshd-keygen-.service-if-cloud-init-is-active.patch [bz#2002492] - ci-add-the-drop-in-also-in-the-files-section-of-cloud-i.patch [bz#2002492] - Resolves: bz#2002492 (util.py[WARNING]: Failed generating key type rsa to file /etc/ssh/ssh_host_rsa_key) * Fri Sep 10 2021 Miroslav Rezanina - 21.1-9 - ci-ssh_utils.py-ignore-when-sshd_config-options-are-not.patch [bz#2002302] - Resolves: bz#2002302 (cloud-init fails with ValueError: need more than 1 value to unpack[rhel-9]) * Fri Sep 03 2021 Miroslav Rezanina - 21.1-8 - ci-Fix-home-permissions-modified-by-ssh-module-SC-338-9.patch [bz#1995843] - Resolves: bz#1995843 ([cloudinit] Fix home permissions modified by ssh module) * Mon Aug 16 2021 Miroslav Rezanina - 21.1-7 - ci-Stop-copying-ssh-system-keys-and-check-folder-permis.patch [bz#1979099] - ci-Report-full-specific-version-with-cloud-init-version.patch [bz#1971002] - Resolves: bz#1979099 ([cloud-init]Customize ssh AuthorizedKeysFile causes login failure[RHEL-9.0]) - Resolves: bz#1971002 (cloud-init should report full specific full version with "cloud-init --version" [rhel-9]) * Mon Aug 09 2021 Mohan Boddu - 21.1-6 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Fri Aug 06 2021 Miroslav Rezanina - 21.1-5 - ci-Add-dhcp-client-as-a-dependency.patch [bz#1964900] - Resolves: bz#1964900 ([Azure][RHEL-9] cloud-init must require dhcp-client on Azure) * Thu Jul 15 2021 Miroslav Rezanina - 21.1-4 - ci-write-passwords-only-to-serial-console-lock-down-clo.patch [bz#1945892] - ci-ssh-util-allow-cloudinit-to-merge-all-ssh-keys-into-.patch [bz#1979099] - Resolves: bz#1945892 (CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-9.0]) - Resolves: bz#1979099 ([cloud-init]Customize ssh AuthorizedKeysFile causes login failure[RHEL-9.0]) * Fri Jul 02 2021 Miroslav Rezanina - 21.1-3 - ci-Fix-requiring-device-number-on-EC2-derivatives-836.patch [bz#1943511] - Resolves: bz#1943511 ([Aliyun][RHEL9.0][cloud-init] cloud-init service failed to start with Alibaba instance) * Mon Jun 21 2021 Miroslav Rezanina - 21.1-2 - ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch [bz#1970909] - ci-Use-_systemdgeneratordir-macro-for-cloud-init-genera.patch [bz#1971480] - Resolves: bz#1970909 ([cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image[rhel-9]) - Resolves: bz#1971480 (Use systemdgenerators macro in spec file) * Thu Jun 10 2021 Miroslav Rezanina - 21.1-1 - Rebase to 21.1 [bz#1958209] - Resolves: bz#1958209 ([RHEL-9.0] Rebase cloud-init to 21.1) * Wed Apr 21 2021 Miroslav Rezanina - 20.4-5 - Removing python-mock dependency - Resolves: bz#1922323 * Thu Apr 15 2021 Mohan Boddu - 20.4-4 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 * Wed Apr 07 2021 Miroslav Rezanina - 20.4-3.el9 - ci-Removing-python-nose-and-python-tox-as-dependency.patch [bz#1916777 bz#1918892] - Resolves: bz#1916777 (cloud-init requires python-nose) - Resolves: bz#1918892 (cloud-init requires tox) * Tue Jan 26 2021 Fedora Release Engineering - 20.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Dec 03 2020 Eduardo Otubo - 20.4-2 - Updated to 20.4 [bz#1902250] * Mon Sep 07 2020 Eduardo Otubo - 19.4-7 - Fix execution fail with backtrace * Mon Sep 07 2020 Eduardo Otubo - 19.4-6 - Adding missing patches to spec file * Mon Jul 27 2020 Fedora Release Engineering - 19.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon May 25 2020 Miro Hrončok - 19.4-4 - Rebuilt for Python 3.9 * Tue Apr 14 2020 Eduardo Otubo - 19.4-3 - Fix BZ#1798729 - CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py - Fix BZ#1798732 - CVE-2020-8631 cloud-init: Use of random.choice when generating random password * Sun Feb 23 2020 Dusty Mabe - 19.4-2 - Fix sed substitutions for unittest2 and assertItemsEqual - Fix failing unittests by including `BuildRequires: passwd` - The unittests started failing because of upstream commit 7c07af2 where cloud-init can now support using `usermod` to lock an account if `passwd` isn't installed. Since `passwd` wasn't installed in our mock buildroot it was choosing to use `usermod` and the unittests were failing. See: https://github.com/canonical/cloud-init/commit/7c07af2 - Add missing files to package - /usr/bin/cloud-id - /usr/share/bash-completion/completions/cloud-init * Fri Feb 14 2020 Eduardo Otubo - 19.4-1 - Updated to 19.4 - Rebasing the Fedora specific patches but removing patches that don't apply anymore * Tue Jan 28 2020 Fedora Release Engineering - 17.1-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Nov 08 2019 Miro Hrončok - 17.1-14 - Drop unneeded build dependency on python3-unittest2 * Thu Oct 03 2019 Miro Hrončok - 17.1-13 - Rebuilt for Python 3.8.0rc1 (#1748018) * Sun Aug 18 2019 Miro Hrončok - 17.1-12 - Rebuilt for Python 3.8 * Wed Jul 24 2019 Fedora Release Engineering - 17.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Tue Apr 23 2019 Björn Esser - 17.1-10 - Add patch to replace platform.dist() [RH:1695953] - Add (Build)Requires: python3-distro * Tue Apr 23 2019 Björn Esser - 17.1-9 - Fix %%systemd_postun macro [RH:1695953] - Add patch to fix failing test for EPOCHREALTIME bash env [RH:1695953] * Thu Jan 31 2019 Fedora Release Engineering - 17.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jul 12 2018 Fedora Release Engineering - 17.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 18 2018 Miro Hrončok - 17.1-6 - Rebuilt for Python 3.7 * Sat Apr 21 2018 Lars Kellogg-Stedman - 17.1-5 - Enable dhcp on EC2 interfaces with only local ipv4 addresses [RH:1569321] (cherry pick upstream commit eb292c1) * Mon Mar 26 2018 Patrick Uiterwijk - 17.1-4 - Make sure the patch does not add infinitely many entries * Mon Mar 26 2018 Patrick Uiterwijk - 17.1-3 - Add patch to retain old values of /etc/sysconfig/network * Wed Feb 07 2018 Fedora Release Engineering - 17.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Oct 4 2017 Garrett Holmstrom - 17.1-1 - Updated to 17.1 * Tue Sep 26 2017 Ryan McCabe 0.7.9-10 - AliCloud: Add support for the Alibaba Cloud datasource (rhbz#1482547) * Thu Jun 22 2017 Lars Kellogg-Stedman 0.7.9-9 - RHEL/CentOS: Fix default routes for IPv4/IPv6 configuration. (rhbz#1438082) - azure: ensure that networkmanager hook script runs (rhbz#1440831 rhbz#1460206) - Fix ipv6 subnet detection (rhbz#1438082) * Tue May 23 2017 Lars Kellogg-Stedman 0.7.9-8 - Update patches * Mon May 22 2017 Lars Kellogg-Stedman 0.7.9-7 - Add missing sysconfig unit test data (rhbz#1438082) - Fix dual stack IPv4/IPv6 configuration for RHEL (rhbz#1438082) - sysconfig: Raise ValueError when multiple default gateways are present. (rhbz#1438082) - Bounce network interface for Azure when using the built-in path. (rhbz#1434109) - Do not write NM_CONTROLLED=no in generated interface config files (rhbz#1385172) * Wed May 10 2017 Lars Kellogg-Stedman 0.7.9-6 - add power-state-change module to cloud_final_modules (rhbz#1252477) - remove 'tee' command from logging configuration (rhbz#1424612) - limit permissions on def_log_file (rhbz#1424612) - Bounce network interface for Azure when using the built-in path. (rhbz#1434109) - OpenStack: add 'dvs' to the list of physical link types. (rhbz#1442783) * Wed May 10 2017 Lars Kellogg-Stedman 0.7.9-5 - systemd: replace generator with unit conditionals (rhbz#1440831) * Thu Apr 13 2017 Charalampos Stratakis 0.7.9-4 - Import to RHEL 7 Resolves: rhbz#1427280 * Tue Mar 07 2017 Lars Kellogg-Stedman 0.7.9-3 - fixes for network config generation - avoid dependency cycle at boot (rhbz#1420946) * Tue Jan 17 2017 Lars Kellogg-Stedman 0.7.9-2 - use timeout from datasource config in openstack get_data (rhbz#1408589) * Thu Dec 01 2016 Lars Kellogg-Stedman - 0.7.9-1 - Rebased on upstream 0.7.9. - Remove dependency on run-parts * Wed Jan 06 2016 Lars Kellogg-Stedman - 0.7.6-8 - make rh_subscription plugin do nothing in the absence of a valid configuration [RH:1295953] - move rh_subscription module to cloud_config stage * Wed Jan 06 2016 Lars Kellogg-Stedman - 0.7.6-7 - correct permissions on /etc/ssh/sshd_config [RH:1296191] * Thu Sep 03 2015 Lars Kellogg-Stedman - 0.7.6-6 - rebuild for ppc64le * Tue Jul 07 2015 Lars Kellogg-Stedman - 0.7.6-5 - bump revision for new build * Tue Jul 07 2015 Lars Kellogg-Stedman - 0.7.6-4 - ensure rh_subscription plugin is enabled by default * Wed Apr 29 2015 Lars Kellogg-Stedman - 0.7.6-3 - added dependency on python-jinja2 [RH:1215913] - added rhn_subscription plugin [RH:1227393] - require pyserial to support smartos data source [RH:1226187] * Fri Jan 16 2015 Lars Kellogg-Stedman - 0.7.6-2 - Rebased RHEL version to Fedora rawhide - Backported fix for https://bugs.launchpad.net/cloud-init/+bug/1246485 - Backported fix for https://bugs.launchpad.net/cloud-init/+bug/1411829 * Fri Nov 14 2014 Colin Walters - 0.7.6-1 - New upstream version [RH:974327] - Drop python-cheetah dependency (same as above bug)