import WALinuxAgent-2.2.32-2.el8
This commit is contained in:
commit
0eabeaff29
1
.WALinuxAgent.metadata
Normal file
1
.WALinuxAgent.metadata
Normal file
@ -0,0 +1 @@
|
||||
3b5c6eac24e6545e3ce56262210a7ac8dbdc8ace SOURCES/WALinuxAgent-2.2.32.tar.gz
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/WALinuxAgent-2.2.32.tar.gz
|
219
SOURCES/0001-Add-inital-redhat-build-support.patch
Normal file
219
SOURCES/0001-Add-inital-redhat-build-support.patch
Normal file
@ -0,0 +1,219 @@
|
||||
From 00dcd65f731e4a44418029c0a8b7107bbbbefc94 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
Date: Thu, 6 Oct 2016 12:25:35 +0200
|
||||
Subject: Add inital redhat build support
|
||||
|
||||
Rebase notes (2.2.32):
|
||||
- Fix license text
|
||||
|
||||
Rebase notes (2.2.26):
|
||||
- update to RHEL 8 build
|
||||
- Do not use INSTALED_FILES for %files
|
||||
|
||||
Rebase notes (2.2.10):
|
||||
- switched to sha256
|
||||
- added .gitpublish profile
|
||||
|
||||
Merged patches (2.2.32):
|
||||
- ce36fd9 Use Python3
|
||||
- 952c830 Remove FIPS setting from the default config
|
||||
- cc9df73 Switch hardcoded python3 shebangs into the %%{__python3} macro
|
||||
- 66b6f8c Use correct macro for waagent.service
|
||||
- 1b15ada Switch to platform-python in systemd unit file
|
||||
- 59f682b Use sys.executable to find system python
|
||||
|
||||
(cherry picked from commit 19d4f82cd5345fdc52b357afcf3b5aa4bc4ce4d9)
|
||||
(cherry picked from commit 1676db295321adbd571f04773782eed5b0817d64)
|
||||
---
|
||||
.gitpublish | 8 +
|
||||
azurelinuxagent/ga/update.py | 12 +-
|
||||
bin/waagent | 2 +-
|
||||
bin/waagent2.0 | 2 +-
|
||||
config/waagent.conf | 3 -
|
||||
init/arch/waagent.service | 2 +-
|
||||
init/clearlinux/waagent.service | 2 +-
|
||||
init/suse/waagent | 2 +-
|
||||
init/waagent.service | 2 +-
|
||||
makepkg.py | 2 +-
|
||||
redhat/.gitignore | 1 +
|
||||
redhat/Makefile | 72 +++++++
|
||||
redhat/Makefile.common | 37 ++++
|
||||
redhat/WALinuxAgent.spec.template | 169 +++++++++++++++
|
||||
redhat/rpmbuild/BUILD/.gitignore | 2 +
|
||||
redhat/rpmbuild/RPMS/.gitignore | 2 +
|
||||
redhat/rpmbuild/SOURCES/.gitignore | 2 +
|
||||
redhat/rpmbuild/SPECS/.gitignore | 2 +
|
||||
redhat/rpmbuild/SRPMS/.gitignore | 2 +
|
||||
redhat/scripts/frh.py | 27 +++
|
||||
redhat/scripts/git-backport-diff | 327 ++++++++++++++++++++++++++++++
|
||||
redhat/scripts/git-compile-check | 215 ++++++++++++++++++++
|
||||
redhat/scripts/process-patches.sh | 79 ++++++++
|
||||
redhat/scripts/tarball_checksum.sh | 3 +
|
||||
setup.py | 2 +-
|
||||
tests/data/ext/sample_ext-1.3.0/sample.py | 2 +-
|
||||
26 files changed, 964 insertions(+), 17 deletions(-)
|
||||
create mode 100644 .gitpublish
|
||||
create mode 100644 redhat/.gitignore
|
||||
create mode 100644 redhat/Makefile
|
||||
create mode 100644 redhat/Makefile.common
|
||||
create mode 100644 redhat/WALinuxAgent.spec.template
|
||||
create mode 100644 redhat/rpmbuild/BUILD/.gitignore
|
||||
create mode 100644 redhat/rpmbuild/RPMS/.gitignore
|
||||
create mode 100644 redhat/rpmbuild/SOURCES/.gitignore
|
||||
create mode 100644 redhat/rpmbuild/SPECS/.gitignore
|
||||
create mode 100644 redhat/rpmbuild/SRPMS/.gitignore
|
||||
create mode 100755 redhat/scripts/frh.py
|
||||
create mode 100755 redhat/scripts/git-backport-diff
|
||||
create mode 100755 redhat/scripts/git-compile-check
|
||||
create mode 100755 redhat/scripts/process-patches.sh
|
||||
create mode 100755 redhat/scripts/tarball_checksum.sh
|
||||
|
||||
diff --git a/azurelinuxagent/ga/update.py b/azurelinuxagent/ga/update.py
|
||||
index d3c39c1..3617809 100644
|
||||
--- a/azurelinuxagent/ga/update.py
|
||||
+++ b/azurelinuxagent/ga/update.py
|
||||
@@ -92,8 +92,11 @@ def get_update_handler():
|
||||
|
||||
|
||||
def get_python_cmd():
|
||||
- major_version = platform.python_version_tuple()[0]
|
||||
- return "python" if int(major_version) <= 2 else "python{0}".format(major_version)
|
||||
+ if sys.executable:
|
||||
+ return sys.executable
|
||||
+ else:
|
||||
+ major_version = platform.python_version_tuple()[0]
|
||||
+ return "python" if int(major_version) <= 2 else "python{0}".format(major_version)
|
||||
|
||||
|
||||
class UpdateHandler(object):
|
||||
@@ -150,9 +153,8 @@ class UpdateHandler(object):
|
||||
|
||||
# Launch the correct Python version for python-based agents
|
||||
cmds = textutil.safe_shlex_split(agent_cmd)
|
||||
- if cmds[0].lower() == "python":
|
||||
- cmds[0] = get_python_cmd()
|
||||
- agent_cmd = " ".join(cmds)
|
||||
+ cmds[0] = get_python_cmd()
|
||||
+ agent_cmd = " ".join(cmds)
|
||||
|
||||
self._evaluate_agent_health(latest_agent)
|
||||
|
||||
diff --git a/bin/waagent b/bin/waagent
|
||||
index 4039e03..10836c2 100755
|
||||
--- a/bin/waagent
|
||||
+++ b/bin/waagent
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
#
|
||||
# Azure Linux Agent
|
||||
#
|
||||
diff --git a/bin/waagent2.0 b/bin/waagent2.0
|
||||
index 25aa0ce..a868211 100644
|
||||
--- a/bin/waagent2.0
|
||||
+++ b/bin/waagent2.0
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
#
|
||||
# Azure Linux Agent
|
||||
#
|
||||
diff --git a/config/waagent.conf b/config/waagent.conf
|
||||
index 79daacb..513cbf2 100644
|
||||
--- a/config/waagent.conf
|
||||
+++ b/config/waagent.conf
|
||||
@@ -62,9 +62,6 @@ ResourceDisk.MountOptions=None
|
||||
# Enable verbose logging (y|n)
|
||||
Logs.Verbose=n
|
||||
|
||||
-# Is FIPS enabled
|
||||
-OS.EnableFIPS=n
|
||||
-
|
||||
# Root device timeout in seconds.
|
||||
OS.RootDeviceScsiTimeout=300
|
||||
|
||||
diff --git a/init/arch/waagent.service b/init/arch/waagent.service
|
||||
index d426eb2..ff1ebab 100644
|
||||
--- a/init/arch/waagent.service
|
||||
+++ b/init/arch/waagent.service
|
||||
@@ -8,7 +8,7 @@ ConditionPathExists=/etc/waagent.conf
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
-ExecStart=/usr/bin/python -u /usr/bin/waagent -daemon
|
||||
+ExecStart=/usr/bin/python3 -u /usr/bin/waagent -daemon
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
diff --git a/init/clearlinux/waagent.service b/init/clearlinux/waagent.service
|
||||
index 9afee45..c29fc1b 100644
|
||||
--- a/init/clearlinux/waagent.service
|
||||
+++ b/init/clearlinux/waagent.service
|
||||
@@ -8,7 +8,7 @@ ConditionPathExists=/usr/share/defaults/waagent/waagent.conf
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
-ExecStart=/usr/bin/python -u /usr/bin/waagent -daemon
|
||||
+ExecStart=/usr/bin/python3 -u /usr/bin/waagent -daemon
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
diff --git a/init/suse/waagent b/init/suse/waagent
|
||||
index b77b0fa..317e89e 100755
|
||||
--- a/init/suse/waagent
|
||||
+++ b/init/suse/waagent
|
||||
@@ -34,7 +34,7 @@
|
||||
# Description: Start the MicrosoftAzureLinuxAgent
|
||||
### END INIT INFO
|
||||
|
||||
-PYTHON=/usr/bin/python
|
||||
+PYTHON=/usr/bin/python3
|
||||
WAZD_BIN=/usr/sbin/waagent
|
||||
WAZD_CONF=/etc/waagent.conf
|
||||
WAZD_PIDFILE=/var/run/waagent.pid
|
||||
diff --git a/init/waagent.service b/init/waagent.service
|
||||
index e91f143..3c7710f 100644
|
||||
--- a/init/waagent.service
|
||||
+++ b/init/waagent.service
|
||||
@@ -8,7 +8,7 @@ ConditionPathExists=/etc/waagent.conf
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
-ExecStart=/usr/bin/python -u /usr/sbin/waagent -daemon
|
||||
+ExecStart=/usr/libexec/platform-python -u /usr/sbin/waagent -daemon
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
diff --git a/makepkg.py b/makepkg.py
|
||||
index 52e0eae..51c263c 100755
|
||||
--- a/makepkg.py
|
||||
+++ b/makepkg.py
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
|
||||
import glob
|
||||
import os
|
||||
diff --git a/setup.py b/setup.py
|
||||
index e15a2d4..6fbf0ba 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
#
|
||||
# Microsoft Azure Linux Agent setup.py
|
||||
#
|
||||
diff --git a/tests/data/ext/sample_ext-1.3.0/sample.py b/tests/data/ext/sample_ext-1.3.0/sample.py
|
||||
index 74bd839..bf6ed99 100755
|
||||
--- a/tests/data/ext/sample_ext-1.3.0/sample.py
|
||||
+++ b/tests/data/ext/sample_ext-1.3.0/sample.py
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
|
||||
import os
|
||||
|
||||
--
|
||||
1.8.3.1
|
||||
|
@ -0,0 +1,413 @@
|
||||
From c0d49d739d39573b59c827c89f56386d162d9381 Mon Sep 17 00:00:00 2001
|
||||
From: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Date: Wed, 13 Mar 2019 18:44:24 +0000
|
||||
Subject: [PATCH] Add fixes for handling swap file and other nit fixes (#1485)
|
||||
|
||||
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Message-id: <20190313184424.29299-1-vkuznets@redhat.com>
|
||||
Patchwork-id: 84860
|
||||
O-Subject: [RHEL8 WALinuxAgent PATCH] Add fixes for handling swap file and other nit fixes (#1485)
|
||||
Bugzilla: 1688276
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1684181
|
||||
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=20581233
|
||||
Tested: by me
|
||||
|
||||
This is to fix CVE-2019-0804: swapfile is created with weak permission.
|
||||
|
||||
commit 8b2fa7d6051d0ee9952be4b42185c24d2a2eacff
|
||||
Author: Varad Meru <vrdmr@users.noreply.github.com>
|
||||
Date: Tue Mar 12 12:54:08 2019 -0700
|
||||
|
||||
Add fixes for handling swap file and other nit fixes (#1485)
|
||||
|
||||
* Add fixes for handling swap file and other nit fixes
|
||||
|
||||
* Fixing bytearray and other nits
|
||||
|
||||
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||
|
||||
Conflicts:
|
||||
azurelinuxagent/daemon/resourcedisk/freebsd.py
|
||||
(requires additional commits, irrelevant to RHEL)
|
||||
|
||||
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||
---
|
||||
azurelinuxagent/daemon/resourcedisk/default.py | 74 +++++++++++++++++++-------
|
||||
azurelinuxagent/daemon/resourcedisk/freebsd.py | 53 ++++++++++++------
|
||||
tests/distro/test_resourceDisk.py | 47 ++++++++++++++--
|
||||
3 files changed, 133 insertions(+), 41 deletions(-)
|
||||
|
||||
diff --git a/azurelinuxagent/daemon/resourcedisk/default.py b/azurelinuxagent/daemon/resourcedisk/default.py
|
||||
index 0f0925d..cfb76d2 100644
|
||||
--- a/azurelinuxagent/daemon/resourcedisk/default.py
|
||||
+++ b/azurelinuxagent/daemon/resourcedisk/default.py
|
||||
@@ -17,6 +17,7 @@
|
||||
|
||||
import os
|
||||
import re
|
||||
+import stat
|
||||
import sys
|
||||
import threading
|
||||
from time import sleep
|
||||
@@ -124,12 +125,13 @@ class ResourceDiskHandler(object):
|
||||
force_option = 'F'
|
||||
if self.fs == 'xfs':
|
||||
force_option = 'f'
|
||||
- mkfs_string = "mkfs.{0} -{2} {1}".format(self.fs, partition, force_option)
|
||||
+ mkfs_string = "mkfs.{0} -{2} {1}".format(
|
||||
+ self.fs, partition, force_option)
|
||||
|
||||
if "gpt" in ret[1]:
|
||||
logger.info("GPT detected, finding partitions")
|
||||
parts = [x for x in ret[1].split("\n") if
|
||||
- re.match("^\s*[0-9]+", x)]
|
||||
+ re.match(r"^\s*[0-9]+", x)]
|
||||
logger.info("Found {0} GPT partition(s).", len(parts))
|
||||
if len(parts) > 1:
|
||||
logger.info("Removing old GPT partitions")
|
||||
@@ -138,18 +140,23 @@ class ResourceDiskHandler(object):
|
||||
shellutil.run("parted {0} rm {1}".format(device, i))
|
||||
|
||||
logger.info("Creating new GPT partition")
|
||||
- shellutil.run("parted {0} mkpart primary 0% 100%".format(device))
|
||||
+ shellutil.run(
|
||||
+ "parted {0} mkpart primary 0% 100%".format(device))
|
||||
|
||||
logger.info("Format partition [{0}]", mkfs_string)
|
||||
shellutil.run(mkfs_string)
|
||||
else:
|
||||
logger.info("GPT not detected, determining filesystem")
|
||||
- ret = self.change_partition_type(suppress_message=True, option_str="{0} 1 -n".format(device))
|
||||
+ ret = self.change_partition_type(
|
||||
+ suppress_message=True,
|
||||
+ option_str="{0} 1 -n".format(device))
|
||||
ptype = ret[1].strip()
|
||||
if ptype == "7" and self.fs != "ntfs":
|
||||
logger.info("The partition is formatted with ntfs, updating "
|
||||
"partition type to 83")
|
||||
- self.change_partition_type(suppress_message=False, option_str="{0} 1 83".format(device))
|
||||
+ self.change_partition_type(
|
||||
+ suppress_message=False,
|
||||
+ option_str="{0} 1 83".format(device))
|
||||
self.reread_partition_table(device)
|
||||
logger.info("Format partition [{0}]", mkfs_string)
|
||||
shellutil.run(mkfs_string)
|
||||
@@ -169,7 +176,8 @@ class ResourceDiskHandler(object):
|
||||
attempts -= 1
|
||||
|
||||
if not os.path.exists(partition):
|
||||
- raise ResourceDiskError("Partition was not created [{0}]".format(partition))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Partition was not created [{0}]".format(partition))
|
||||
|
||||
logger.info("Mount resource disk [{0}]", mount_string)
|
||||
ret, output = shellutil.run_get_output(mount_string, chk_err=False)
|
||||
@@ -215,14 +223,19 @@ class ResourceDiskHandler(object):
|
||||
"""
|
||||
|
||||
command_to_use = '--part-type'
|
||||
- input = "sfdisk {0} {1} {2}".format(command_to_use, '-f' if suppress_message else '', option_str)
|
||||
- err_code, output = shellutil.run_get_output(input, chk_err=False, log_cmd=True)
|
||||
+ input = "sfdisk {0} {1} {2}".format(
|
||||
+ command_to_use, '-f' if suppress_message else '', option_str)
|
||||
+ err_code, output = shellutil.run_get_output(
|
||||
+ input, chk_err=False, log_cmd=True)
|
||||
|
||||
# fall back to -c
|
||||
if err_code != 0:
|
||||
- logger.info("sfdisk with --part-type failed [{0}], retrying with -c", err_code)
|
||||
+ logger.info(
|
||||
+ "sfdisk with --part-type failed [{0}], retrying with -c",
|
||||
+ err_code)
|
||||
command_to_use = '-c'
|
||||
- input = "sfdisk {0} {1} {2}".format(command_to_use, '-f' if suppress_message else '', option_str)
|
||||
+ input = "sfdisk {0} {1} {2}".format(
|
||||
+ command_to_use, '-f' if suppress_message else '', option_str)
|
||||
err_code, output = shellutil.run_get_output(input, log_cmd=True)
|
||||
|
||||
if err_code == 0:
|
||||
@@ -245,16 +258,30 @@ class ResourceDiskHandler(object):
|
||||
else:
|
||||
return 'mount {0} {1}'.format(partition, mount_point)
|
||||
|
||||
+ @staticmethod
|
||||
+ def check_existing_swap_file(swapfile, swaplist, size):
|
||||
+ if swapfile in swaplist and os.path.isfile(
|
||||
+ swapfile) and os.path.getsize(swapfile) == size:
|
||||
+ logger.info("Swap already enabled")
|
||||
+ # restrict access to owner (remove all access from group, others)
|
||||
+ swapfile_mode = os.stat(swapfile).st_mode
|
||||
+ if swapfile_mode & (stat.S_IRWXG | stat.S_IRWXO):
|
||||
+ swapfile_mode = swapfile_mode & ~(stat.S_IRWXG | stat.S_IRWXO)
|
||||
+ logger.info(
|
||||
+ "Changing mode of {0} to {1:o}".format(
|
||||
+ swapfile, swapfile_mode))
|
||||
+ os.chmod(swapfile, swapfile_mode)
|
||||
+ return True
|
||||
+
|
||||
+ return False
|
||||
+
|
||||
def create_swap_space(self, mount_point, size_mb):
|
||||
size_kb = size_mb * 1024
|
||||
size = size_kb * 1024
|
||||
swapfile = os.path.join(mount_point, 'swapfile')
|
||||
swaplist = shellutil.run_get_output("swapon -s")[1]
|
||||
|
||||
- if swapfile in swaplist \
|
||||
- and os.path.isfile(swapfile) \
|
||||
- and os.path.getsize(swapfile) == size:
|
||||
- logger.info("Swap already enabled")
|
||||
+ if self.check_existing_swap_file(swapfile, swaplist, size):
|
||||
return
|
||||
|
||||
if os.path.isfile(swapfile) and os.path.getsize(swapfile) != size:
|
||||
@@ -296,7 +323,8 @@ class ResourceDiskHandler(object):
|
||||
os.remove(filename)
|
||||
|
||||
# If file system is xfs, use dd right away as we have been reported that
|
||||
- # swap enabling fails in xfs fs when disk space is allocated with fallocate
|
||||
+ # swap enabling fails in xfs fs when disk space is allocated with
|
||||
+ # fallocate
|
||||
ret = 0
|
||||
fn_sh = shellutil.quote((filename,))
|
||||
if self.fs != 'xfs':
|
||||
@@ -305,13 +333,21 @@ class ResourceDiskHandler(object):
|
||||
# Probable errors:
|
||||
# - OSError: Seen on Cygwin, libc notimpl?
|
||||
# - AttributeError: What if someone runs this under...
|
||||
+ fd = None
|
||||
+
|
||||
try:
|
||||
- with open(filename, 'w') as f:
|
||||
- os.posix_fallocate(f.fileno(), 0, nbytes)
|
||||
- return 0
|
||||
- except:
|
||||
+ fd = os.open(
|
||||
+ filename,
|
||||
+ os.O_CREAT | os.O_WRONLY | os.O_EXCL,
|
||||
+ stat.S_IRUSR | stat.S_IWUSR)
|
||||
+ os.posix_fallocate(fd, 0, nbytes)
|
||||
+ return 0
|
||||
+ except BaseException:
|
||||
# Not confident with this thing, just keep trying...
|
||||
pass
|
||||
+ finally:
|
||||
+ if fd is not None:
|
||||
+ os.close(fd)
|
||||
|
||||
# fallocate command
|
||||
ret = shellutil.run(
|
||||
diff --git a/azurelinuxagent/daemon/resourcedisk/freebsd.py b/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
||||
index a65d7f8..a29df3a 100644
|
||||
--- a/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
||||
+++ b/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
||||
@@ -22,6 +22,7 @@ import azurelinuxagent.common.utils.shellutil as shellutil
|
||||
from azurelinuxagent.common.exception import ResourceDiskError
|
||||
from azurelinuxagent.daemon.resourcedisk.default import ResourceDiskHandler
|
||||
|
||||
+
|
||||
class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
||||
"""
|
||||
This class handles resource disk mounting for FreeBSD.
|
||||
@@ -34,6 +35,7 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
||||
1. MBR: The resource disk partition is /dev/da1s1
|
||||
2. GPT: The resource disk partition is /dev/da1p2, /dev/da1p1 is for reserved usage.
|
||||
"""
|
||||
+
|
||||
def __init__(self):
|
||||
super(FreeBSDResourceDiskHandler, self).__init__()
|
||||
|
||||
@@ -50,25 +52,30 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
||||
def mount_resource_disk(self, mount_point):
|
||||
fs = self.fs
|
||||
if fs != 'ufs':
|
||||
- raise ResourceDiskError("Unsupported filesystem type:{0}, only ufs is supported.".format(fs))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Unsupported filesystem type:{0}, only ufs is supported.".format(fs))
|
||||
|
||||
# 1. Detect device
|
||||
err, output = shellutil.run_get_output('gpart list')
|
||||
if err:
|
||||
- raise ResourceDiskError("Unable to detect resource disk device:{0}".format(output))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Unable to detect resource disk device:{0}".format(output))
|
||||
disks = self.parse_gpart_list(output)
|
||||
|
||||
device = self.osutil.device_for_ide_port(1)
|
||||
- if device is None or not device in disks:
|
||||
- # fallback logic to find device
|
||||
- err, output = shellutil.run_get_output('camcontrol periphlist 2:1:0')
|
||||
+ if device is None or device not in disks:
|
||||
+ # fallback logic to find device
|
||||
+ err, output = shellutil.run_get_output(
|
||||
+ 'camcontrol periphlist 2:1:0')
|
||||
if err:
|
||||
# try again on "3:1:0"
|
||||
- err, output = shellutil.run_get_output('camcontrol periphlist 3:1:0')
|
||||
+ err, output = shellutil.run_get_output(
|
||||
+ 'camcontrol periphlist 3:1:0')
|
||||
if err:
|
||||
- raise ResourceDiskError("Unable to detect resource disk device:{0}".format(output))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Unable to detect resource disk device:{0}".format(output))
|
||||
|
||||
- # 'da1: generation: 4 index: 1 status: MORE\npass2: generation: 4 index: 2 status: LAST\n'
|
||||
+ # 'da1: generation: 4 index: 1 status: MORE\npass2: generation: 4 index: 2 status: LAST\n'
|
||||
for line in output.split('\n'):
|
||||
index = line.find(':')
|
||||
if index > 0:
|
||||
@@ -89,9 +96,11 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
||||
elif partition_table_type == 'GPT':
|
||||
provider_name = device + 'p2'
|
||||
else:
|
||||
- raise ResourceDiskError("Unsupported partition table type:{0}".format(output))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Unsupported partition table type:{0}".format(output))
|
||||
|
||||
- err, output = shellutil.run_get_output('gpart show -p {0}'.format(device))
|
||||
+ err, output = shellutil.run_get_output(
|
||||
+ 'gpart show -p {0}'.format(device))
|
||||
if err or output.find(provider_name) == -1:
|
||||
raise ResourceDiskError("Resource disk partition not found.")
|
||||
|
||||
@@ -110,14 +119,24 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
||||
mount_cmd = 'mount -t {0} {1} {2}'.format(fs, partition, mount_point)
|
||||
err = shellutil.run(mount_cmd, chk_err=False)
|
||||
if err:
|
||||
- logger.info('Creating {0} filesystem on partition {1}'.format(fs, partition))
|
||||
- err, output = shellutil.run_get_output('newfs -U {0}'.format(partition))
|
||||
+ logger.info(
|
||||
+ 'Creating {0} filesystem on partition {1}'.format(
|
||||
+ fs, partition))
|
||||
+ err, output = shellutil.run_get_output(
|
||||
+ 'newfs -U {0}'.format(partition))
|
||||
if err:
|
||||
- raise ResourceDiskError("Failed to create new filesystem on partition {0}, error:{1}"
|
||||
- .format(partition, output))
|
||||
+ raise ResourceDiskError(
|
||||
+ "Failed to create new filesystem on partition {0}, error:{1}" .format(
|
||||
+ partition, output))
|
||||
err, output = shellutil.run_get_output(mount_cmd, chk_err=False)
|
||||
if err:
|
||||
- raise ResourceDiskError("Failed to mount partition {0}, error {1}".format(partition, output))
|
||||
-
|
||||
- logger.info("Resource disk partition {0} is mounted at {1} with fstype {2}", partition, mount_point, fs)
|
||||
+ raise ResourceDiskError(
|
||||
+ "Failed to mount partition {0}, error {1}".format(
|
||||
+ partition, output))
|
||||
+
|
||||
+ logger.info(
|
||||
+ "Resource disk partition {0} is mounted at {1} with fstype {2}",
|
||||
+ partition,
|
||||
+ mount_point,
|
||||
+ fs)
|
||||
return mount_point
|
||||
diff --git a/tests/distro/test_resourceDisk.py b/tests/distro/test_resourceDisk.py
|
||||
index d2ce6e1..5f9db0a 100644
|
||||
--- a/tests/distro/test_resourceDisk.py
|
||||
+++ b/tests/distro/test_resourceDisk.py
|
||||
@@ -18,6 +18,8 @@
|
||||
# http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
|
||||
# http://msdn.microsoft.com/en-us/library/cc227259%28PROT.13%29.aspx
|
||||
|
||||
+import os
|
||||
+import stat
|
||||
import sys
|
||||
from azurelinuxagent.common.utils import shellutil
|
||||
from azurelinuxagent.daemon.resourcedisk import get_resourcedisk_handler
|
||||
@@ -38,6 +40,11 @@ class TestResourceDisk(AgentTestCase):
|
||||
# assert
|
||||
assert os.path.exists(test_file)
|
||||
|
||||
+ # only the owner should have access
|
||||
+ mode = os.stat(test_file).st_mode & (
|
||||
+ stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO)
|
||||
+ assert mode == stat.S_IRUSR | stat.S_IWUSR
|
||||
+
|
||||
# cleanup
|
||||
os.remove(test_file)
|
||||
|
||||
@@ -49,7 +56,7 @@ class TestResourceDisk(AgentTestCase):
|
||||
file_size = 1024 * 128
|
||||
|
||||
# execute
|
||||
- if sys.version_info >= (3,3):
|
||||
+ if sys.version_info >= (3, 3):
|
||||
with patch("os.posix_fallocate",
|
||||
side_effect=Exception('failure')):
|
||||
get_resourcedisk_handler().mkfile(test_file, file_size)
|
||||
@@ -76,20 +83,20 @@ class TestResourceDisk(AgentTestCase):
|
||||
resource_disk_handler.mkfile(test_file, file_size)
|
||||
|
||||
# assert
|
||||
- if sys.version_info >= (3,3):
|
||||
+ if sys.version_info >= (3, 3):
|
||||
with patch("os.posix_fallocate") as posix_fallocate:
|
||||
self.assertEqual(0, posix_fallocate.call_count)
|
||||
|
||||
assert run_patch.call_count == 1
|
||||
assert "dd if" in run_patch.call_args_list[0][0][0]
|
||||
|
||||
-
|
||||
def test_change_partition_type(self):
|
||||
resource_handler = get_resourcedisk_handler()
|
||||
# test when sfdisk --part-type does not exist
|
||||
with patch.object(shellutil, "run_get_output",
|
||||
side_effect=[[1, ''], [0, '']]) as run_patch:
|
||||
- resource_handler.change_partition_type(suppress_message=True, option_str='')
|
||||
+ resource_handler.change_partition_type(
|
||||
+ suppress_message=True, option_str='')
|
||||
|
||||
# assert
|
||||
assert run_patch.call_count == 2
|
||||
@@ -99,12 +106,42 @@ class TestResourceDisk(AgentTestCase):
|
||||
# test when sfdisk --part-type exists
|
||||
with patch.object(shellutil, "run_get_output",
|
||||
side_effect=[[0, '']]) as run_patch:
|
||||
- resource_handler.change_partition_type(suppress_message=True, option_str='')
|
||||
+ resource_handler.change_partition_type(
|
||||
+ suppress_message=True, option_str='')
|
||||
|
||||
# assert
|
||||
assert run_patch.call_count == 1
|
||||
assert "sfdisk --part-type" in run_patch.call_args_list[0][0][0]
|
||||
|
||||
+ def test_check_existing_swap_file(self):
|
||||
+ test_file = os.path.join(self.tmp_dir, 'test_swap_file')
|
||||
+ file_size = 1024 * 128
|
||||
+ if os.path.exists(test_file):
|
||||
+ os.remove(test_file)
|
||||
+
|
||||
+ with open(test_file, "wb") as file:
|
||||
+ file.write(bytearray(file_size))
|
||||
+
|
||||
+ os.chmod(test_file, stat.S_ISUID | stat.S_ISGID | stat.S_IRUSR |
|
||||
+ stat.S_IWUSR | stat.S_IRWXG | stat.S_IRWXO) # 0o6677
|
||||
+
|
||||
+ def swap_on(_): # mimic the output of "swapon -s"
|
||||
+ return [
|
||||
+ "Filename Type Size Used Priority",
|
||||
+ "{0} partition 16498684 0 -2".format(test_file)
|
||||
+ ]
|
||||
+
|
||||
+ with patch.object(shellutil, "run_get_output", side_effect=swap_on):
|
||||
+ get_resourcedisk_handler().check_existing_swap_file(
|
||||
+ test_file, test_file, file_size)
|
||||
+
|
||||
+ # it should remove access from group, others
|
||||
+ mode = os.stat(test_file).st_mode & (stat.S_ISUID | stat.S_ISGID |
|
||||
+ stat.S_IRWXU | stat.S_IWUSR | stat.S_IRWXG | stat.S_IRWXO) # 0o6777
|
||||
+ assert mode == stat.S_ISUID | stat.S_ISGID | stat.S_IRUSR | stat.S_IWUSR # 0o6600
|
||||
+
|
||||
+ os.remove(test_file)
|
||||
+
|
||||
|
||||
if __name__ == '__main__':
|
||||
unittest.main()
|
||||
--
|
||||
1.8.3.1
|
||||
|
185
SPECS/WALinuxAgent.spec
Normal file
185
SPECS/WALinuxAgent.spec
Normal file
@ -0,0 +1,185 @@
|
||||
Summary: Microsoft Azure Linux Agent
|
||||
Name: WALinuxAgent
|
||||
Version: 2.2.32
|
||||
Release: 2%{?dist}
|
||||
|
||||
License: Apache License Version 2.0
|
||||
Group: Development/Libraries
|
||||
Url: https://github.com/Azure/WALinuxAgent
|
||||
Source0: WALinuxAgent-2.2.32.tar.gz
|
||||
|
||||
BuildArch: noarch
|
||||
Patch0001: 0001-Add-inital-redhat-build-support.patch
|
||||
# For bz#1684181 - CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions
|
||||
# For bz#1688276 - CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions [rhel-8]
|
||||
Patch2: wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch
|
||||
|
||||
# rhel requirements
|
||||
BuildRequires: python3-devel
|
||||
BuildRequires: python3-setuptools
|
||||
Requires: openssh
|
||||
Requires: openssh-server
|
||||
Requires: openssl
|
||||
Requires: parted
|
||||
Requires: python3-pyasn1
|
||||
|
||||
BuildRequires: systemd
|
||||
Requires(post): systemd
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
|
||||
%description
|
||||
The Azure Linux Agent supports the provisioning and running of Linux
|
||||
VMs in the Azure cloud. This package should be installed on Linux disk
|
||||
images that are built to run in the Azure environment.
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
%patch0001 -p1
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
%py3_build
|
||||
|
||||
%install
|
||||
%{__python3} setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
|
||||
|
||||
# Change the shebang to the __python3 macro instead of leaving it hardcoded
|
||||
pathfix.py -pni "%{__python3}" %{buildroot}%{_sbindir}/waagent
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%post
|
||||
%systemd_post waagent.service
|
||||
|
||||
%preun
|
||||
%systemd_preun waagent.service
|
||||
|
||||
%postun
|
||||
%systemd_postun_with_restart waagent.service
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%{python3_sitelib}/*
|
||||
%config(noreplace) %{_sysconfdir}/waagent.conf
|
||||
%{_sysconfdir}/logrotate.d/waagent.logrotate
|
||||
%{_sbindir}/waagent
|
||||
%{_sbindir}/waagent2.0
|
||||
%{_unitdir}/waagent.service
|
||||
/etc/udev/rules.d/66-azure-storage.rules
|
||||
/etc/udev/rules.d/99-azure-product-uuid.rules
|
||||
|
||||
%changelog
|
||||
* Tue Apr 30 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 2.2.32-2.el8
|
||||
- wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch [bz#1684181 bz#1688276]
|
||||
- Resolves: bz#1684181
|
||||
(CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions)
|
||||
- Resolves: bz#1688276
|
||||
(CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions [rhel-8])
|
||||
|
||||
* Fri Dec 14 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.32-1.el8
|
||||
- Rebase to 2.2.32 [bz#1639498]
|
||||
- Resolves: bz#1639498]
|
||||
(walinuxagent 2.2.32 packaging request for RHEL 8)
|
||||
|
||||
* Tue Oct 23 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.26-6.el8
|
||||
- wala-Use-sys.executable-to-find-system-python.patch [bz#1639775]
|
||||
- Resolves: bz#1639775
|
||||
(WALinuxAgent: Systemd unit file will fail to execute)
|
||||
|
||||
* Mon Oct 22 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.26-5.el8
|
||||
- wala-Switch-to-platform-python-in-systemd-unit-file.patch [bz#1639775]
|
||||
- Resolves: bz#1639775
|
||||
(WALinuxAgent: Systemd unit file will fail to execute)
|
||||
|
||||
* Wed Aug 29 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.26-4.el8
|
||||
- Fix unit file location [bz#1637545]
|
||||
- Resolves: bz#1637545
|
||||
(Wrong macro used for systemd unit file location)
|
||||
|
||||
* Wed Jul 04 2018 Tomas Orsava <torsava@redhat.com> - 2.2.26-3
|
||||
- Switch hardcoded python3 shebangs into the %%{__python3} macro
|
||||
|
||||
* Tue Jul 03 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.26-2.el8
|
||||
- Include 7.6 patches
|
||||
|
||||
* Tue Jul 03 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.26-1.el7
|
||||
- Rebase to 2.2.26 [bz#1571523]
|
||||
- Resolves: bz#1571523
|
||||
(Rebase WALinuxAgent in RHEL-8.0)
|
||||
|
||||
* Thu May 03 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.18-2.el7
|
||||
- wa-Add-show-configuration-option.patch [bz#1508340]
|
||||
- Resolves: bz#1508340
|
||||
([WALA] WALA usage prompt lack of " waagent -show-configuration")
|
||||
|
||||
* Tue Oct 10 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.18-1.el7
|
||||
- Rebase to 2.2.18 [bz#1491873]
|
||||
- Resolves: bz#1491873
|
||||
([WALA]Request to package WALA 2.2.18 into RHEL 7 Repo)
|
||||
|
||||
|
||||
* Tue Jul 04 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.14-1.el7
|
||||
- Rebase to 2.2.14 [bz#1451172]
|
||||
- wla-Remove-FIPS-setting-from-the-default-config.patch [bz#1467553]
|
||||
- Resolves: bz#1451172
|
||||
([WALA] Request to package WALA 2.2.14 into RHEL 7 Repo)
|
||||
- Resolves: bz#1467553
|
||||
([WALA] Remove FIPS from default config in WALA-2.2.14)
|
||||
|
||||
* Wed Apr 26 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.10-1.el7
|
||||
- Rebase to 2.2.10 [bz#1443425]
|
||||
- Resolves: bz#1443425
|
||||
([WALA]Request to package WALA 2.2.10 into RHEL 7 Repo)
|
||||
|
||||
* Wed Apr 19 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.4-2.el7
|
||||
- Enable AutoUpdate by default [bz#1434933]
|
||||
- Resolves: bz#1434933
|
||||
([WALA][RHEL-7] Enable AutoUpdate by default)
|
||||
|
||||
* Wed Mar 01 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.4-1.el7
|
||||
- Rebase to 2.2.4 [bz#1419201]
|
||||
- resolves: bz#1419201
|
||||
WALA 2.2.4
|
||||
|
||||
* Mon Jan 16 2017 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.0-4.el7
|
||||
- agent-RHEL-7-hostname-533.patch [bz#1413674]
|
||||
- agent-fix-for-hostnamectl-534.patch [bz#1413674]
|
||||
- Resolves: bz#1413674
|
||||
([WALA] Fail to send hostname to DHCP server during provisioning)
|
||||
|
||||
* Fri Sep 30 2016 Dave Anderson <anderson@redhat.com> - 2.2.0-1
|
||||
- Update to v2.2.0
|
||||
Resolves: rhbz#1360492
|
||||
|
||||
* Wed Sep 21 2016 Dave Anderson <anderson@redhat.com> - 2.1.5-2
|
||||
- Several QE updates to this file
|
||||
Resolves: rhbz#1360492
|
||||
|
||||
* Tue Sep 13 2016 Dave Anderson <anderson@redhat.com> - 2.1.5-1
|
||||
- Update to v2.1.5
|
||||
Resolves: rhbz#1360492
|
||||
|
||||
* Thu Jan 14 2016 Dave Anderson <anderson@redhat.com> - 2.0.16-1
|
||||
- Update to 2.0.16
|
||||
Resolves: rhbz#1296360
|
||||
|
||||
* Mon Jun 01 2015 Dave Anderson <anderson@redhat.com> - 2.0.13-1
|
||||
- Update to upstream 2.0.13 package.
|
||||
- Remove global commit md5sum and fix Source0 to point to correct location.
|
||||
- Fix setup to deal with "WALinuxAgent-WALinuxAgent" naming scheme
|
||||
- Added files reference for /udev/rules.d/99-azure-product-uuid.rules
|
||||
|
||||
* Thu May 07 2015 Dave Anderson <anderson@redhat.com> - 2.0.11-3
|
||||
- Remove Requires: ntfsprogs for RHEL7
|
||||
|
||||
* Sat Jan 10 2015 Scott K Logan <logans@cottsay.net> - 2.0.11-2
|
||||
- Use systemd for rhel7
|
||||
- Own logrotate.d
|
||||
- Fix python2-devel dep
|
||||
|
||||
* Sat Dec 20 2014 Scott K Logan <logans@cottsay.net> - 2.0.11-1
|
||||
- Initial package
|
Loading…
Reference in New Issue
Block a user