import WALinuxAgent-2.2.38-1.el8
This commit is contained in:
parent
ff50cbadf3
commit
fc0adf2d6e
@ -1 +1 @@
|
|||||||
3b5c6eac24e6545e3ce56262210a7ac8dbdc8ace SOURCES/WALinuxAgent-2.2.32.tar.gz
|
45d136023c003b28a9b49fd89e6c9570b38fb397 SOURCES/WALinuxAgent-2.2.38.tar.gz
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/WALinuxAgent-2.2.32.tar.gz
|
SOURCES/WALinuxAgent-2.2.38.tar.gz
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
From 00dcd65f731e4a44418029c0a8b7107bbbbefc94 Mon Sep 17 00:00:00 2001
|
From 6b4aa78bf155631ee2d4b594a80e68e07b85b586 Mon Sep 17 00:00:00 2001
|
||||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
From: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
Date: Thu, 6 Oct 2016 12:25:35 +0200
|
Date: Thu, 6 Oct 2016 12:25:35 +0200
|
||||||
Subject: Add inital redhat build support
|
Subject: Add inital redhat build support
|
||||||
|
|
||||||
Rebase notes (2.2.32):
|
Rebase notes (2.2.38):
|
||||||
- Fix license text
|
- Fix license text
|
||||||
|
|
||||||
Rebase notes (2.2.26):
|
Rebase notes (2.2.26):
|
||||||
@ -14,6 +14,10 @@ Rebase notes (2.2.10):
|
|||||||
- switched to sha256
|
- switched to sha256
|
||||||
- added .gitpublish profile
|
- added .gitpublish profile
|
||||||
|
|
||||||
|
Merged patches (2.2.38):
|
||||||
|
- df29beb Switch from platform-python to python36
|
||||||
|
- 6749108 Stop packaging legacy waagent2.0
|
||||||
|
|
||||||
Merged patches (2.2.32):
|
Merged patches (2.2.32):
|
||||||
- ce36fd9 Use Python3
|
- ce36fd9 Use Python3
|
||||||
- 952c830 Remove FIPS setting from the default config
|
- 952c830 Remove FIPS setting from the default config
|
||||||
@ -24,6 +28,9 @@ Merged patches (2.2.32):
|
|||||||
|
|
||||||
(cherry picked from commit 19d4f82cd5345fdc52b357afcf3b5aa4bc4ce4d9)
|
(cherry picked from commit 19d4f82cd5345fdc52b357afcf3b5aa4bc4ce4d9)
|
||||||
(cherry picked from commit 1676db295321adbd571f04773782eed5b0817d64)
|
(cherry picked from commit 1676db295321adbd571f04773782eed5b0817d64)
|
||||||
|
|
||||||
|
Conflicts:
|
||||||
|
config/waagent.conf
|
||||||
---
|
---
|
||||||
.gitpublish | 8 +
|
.gitpublish | 8 +
|
||||||
azurelinuxagent/ga/update.py | 12 +-
|
azurelinuxagent/ga/update.py | 12 +-
|
||||||
@ -38,7 +45,7 @@ Merged patches (2.2.32):
|
|||||||
redhat/.gitignore | 1 +
|
redhat/.gitignore | 1 +
|
||||||
redhat/Makefile | 72 +++++++
|
redhat/Makefile | 72 +++++++
|
||||||
redhat/Makefile.common | 37 ++++
|
redhat/Makefile.common | 37 ++++
|
||||||
redhat/WALinuxAgent.spec.template | 169 +++++++++++++++
|
redhat/WALinuxAgent.spec.template | 190 +++++++++++++++++
|
||||||
redhat/rpmbuild/BUILD/.gitignore | 2 +
|
redhat/rpmbuild/BUILD/.gitignore | 2 +
|
||||||
redhat/rpmbuild/RPMS/.gitignore | 2 +
|
redhat/rpmbuild/RPMS/.gitignore | 2 +
|
||||||
redhat/rpmbuild/SOURCES/.gitignore | 2 +
|
redhat/rpmbuild/SOURCES/.gitignore | 2 +
|
||||||
@ -51,7 +58,7 @@ Merged patches (2.2.32):
|
|||||||
redhat/scripts/tarball_checksum.sh | 3 +
|
redhat/scripts/tarball_checksum.sh | 3 +
|
||||||
setup.py | 2 +-
|
setup.py | 2 +-
|
||||||
tests/data/ext/sample_ext-1.3.0/sample.py | 2 +-
|
tests/data/ext/sample_ext-1.3.0/sample.py | 2 +-
|
||||||
26 files changed, 964 insertions(+), 17 deletions(-)
|
26 files changed, 985 insertions(+), 17 deletions(-)
|
||||||
create mode 100644 .gitpublish
|
create mode 100644 .gitpublish
|
||||||
create mode 100644 redhat/.gitignore
|
create mode 100644 redhat/.gitignore
|
||||||
create mode 100644 redhat/Makefile
|
create mode 100644 redhat/Makefile
|
||||||
@ -69,7 +76,7 @@ Merged patches (2.2.32):
|
|||||||
create mode 100755 redhat/scripts/tarball_checksum.sh
|
create mode 100755 redhat/scripts/tarball_checksum.sh
|
||||||
|
|
||||||
diff --git a/azurelinuxagent/ga/update.py b/azurelinuxagent/ga/update.py
|
diff --git a/azurelinuxagent/ga/update.py b/azurelinuxagent/ga/update.py
|
||||||
index d3c39c1..3617809 100644
|
index bb66614..f77fbee 100644
|
||||||
--- a/azurelinuxagent/ga/update.py
|
--- a/azurelinuxagent/ga/update.py
|
||||||
+++ b/azurelinuxagent/ga/update.py
|
+++ b/azurelinuxagent/ga/update.py
|
||||||
@@ -92,8 +92,11 @@ def get_update_handler():
|
@@ -92,8 +92,11 @@ def get_update_handler():
|
||||||
@ -99,12 +106,12 @@ index d3c39c1..3617809 100644
|
|||||||
self._evaluate_agent_health(latest_agent)
|
self._evaluate_agent_health(latest_agent)
|
||||||
|
|
||||||
diff --git a/bin/waagent b/bin/waagent
|
diff --git a/bin/waagent b/bin/waagent
|
||||||
index 4039e03..10836c2 100755
|
index 4039e03..13d8d37 100755
|
||||||
--- a/bin/waagent
|
--- a/bin/waagent
|
||||||
+++ b/bin/waagent
|
+++ b/bin/waagent
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
-#!/usr/bin/env python
|
-#!/usr/bin/env python
|
||||||
+#!/usr/bin/env python3
|
+#!/usr/bin/python3.6
|
||||||
#
|
#
|
||||||
# Azure Linux Agent
|
# Azure Linux Agent
|
||||||
#
|
#
|
||||||
@ -119,12 +126,12 @@ index 25aa0ce..a868211 100644
|
|||||||
# Azure Linux Agent
|
# Azure Linux Agent
|
||||||
#
|
#
|
||||||
diff --git a/config/waagent.conf b/config/waagent.conf
|
diff --git a/config/waagent.conf b/config/waagent.conf
|
||||||
index 79daacb..513cbf2 100644
|
index 62a9441..4754029 100644
|
||||||
--- a/config/waagent.conf
|
--- a/config/waagent.conf
|
||||||
+++ b/config/waagent.conf
|
+++ b/config/waagent.conf
|
||||||
@@ -62,9 +62,6 @@ ResourceDisk.MountOptions=None
|
@@ -65,9 +65,6 @@ Logs.Verbose=n
|
||||||
# Enable verbose logging (y|n)
|
# Enable Console logging, default is y
|
||||||
Logs.Verbose=n
|
# Logs.Console=y
|
||||||
|
|
||||||
-# Is FIPS enabled
|
-# Is FIPS enabled
|
||||||
-OS.EnableFIPS=n
|
-OS.EnableFIPS=n
|
||||||
@ -172,7 +179,7 @@ index b77b0fa..317e89e 100755
|
|||||||
WAZD_CONF=/etc/waagent.conf
|
WAZD_CONF=/etc/waagent.conf
|
||||||
WAZD_PIDFILE=/var/run/waagent.pid
|
WAZD_PIDFILE=/var/run/waagent.pid
|
||||||
diff --git a/init/waagent.service b/init/waagent.service
|
diff --git a/init/waagent.service b/init/waagent.service
|
||||||
index e91f143..3c7710f 100644
|
index e91f143..99f3183 100644
|
||||||
--- a/init/waagent.service
|
--- a/init/waagent.service
|
||||||
+++ b/init/waagent.service
|
+++ b/init/waagent.service
|
||||||
@@ -8,7 +8,7 @@ ConditionPathExists=/etc/waagent.conf
|
@@ -8,7 +8,7 @@ ConditionPathExists=/etc/waagent.conf
|
||||||
@ -180,7 +187,7 @@ index e91f143..3c7710f 100644
|
|||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
-ExecStart=/usr/bin/python -u /usr/sbin/waagent -daemon
|
-ExecStart=/usr/bin/python -u /usr/sbin/waagent -daemon
|
||||||
+ExecStart=/usr/libexec/platform-python -u /usr/sbin/waagent -daemon
|
+ExecStart=/usr/bin/python3.6 -u /usr/sbin/waagent -daemon
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=5
|
RestartSec=5
|
||||||
|
|
||||||
@ -195,7 +202,7 @@ index 52e0eae..51c263c 100755
|
|||||||
import glob
|
import glob
|
||||||
import os
|
import os
|
||||||
diff --git a/setup.py b/setup.py
|
diff --git a/setup.py b/setup.py
|
||||||
index e15a2d4..6fbf0ba 100755
|
index ee0d839..da19bf1 100755
|
||||||
--- a/setup.py
|
--- a/setup.py
|
||||||
+++ b/setup.py
|
+++ b/setup.py
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
|
@ -1,413 +0,0 @@
|
|||||||
From c0d49d739d39573b59c827c89f56386d162d9381 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
Date: Wed, 13 Mar 2019 18:44:24 +0000
|
|
||||||
Subject: [PATCH] Add fixes for handling swap file and other nit fixes (#1485)
|
|
||||||
|
|
||||||
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
Message-id: <20190313184424.29299-1-vkuznets@redhat.com>
|
|
||||||
Patchwork-id: 84860
|
|
||||||
O-Subject: [RHEL8 WALinuxAgent PATCH] Add fixes for handling swap file and other nit fixes (#1485)
|
|
||||||
Bugzilla: 1688276
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
|
|
||||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1684181
|
|
||||||
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=20581233
|
|
||||||
Tested: by me
|
|
||||||
|
|
||||||
This is to fix CVE-2019-0804: swapfile is created with weak permission.
|
|
||||||
|
|
||||||
commit 8b2fa7d6051d0ee9952be4b42185c24d2a2eacff
|
|
||||||
Author: Varad Meru <vrdmr@users.noreply.github.com>
|
|
||||||
Date: Tue Mar 12 12:54:08 2019 -0700
|
|
||||||
|
|
||||||
Add fixes for handling swap file and other nit fixes (#1485)
|
|
||||||
|
|
||||||
* Add fixes for handling swap file and other nit fixes
|
|
||||||
|
|
||||||
* Fixing bytearray and other nits
|
|
||||||
|
|
||||||
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
||||||
|
|
||||||
Conflicts:
|
|
||||||
azurelinuxagent/daemon/resourcedisk/freebsd.py
|
|
||||||
(requires additional commits, irrelevant to RHEL)
|
|
||||||
|
|
||||||
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
||||||
---
|
|
||||||
azurelinuxagent/daemon/resourcedisk/default.py | 74 +++++++++++++++++++-------
|
|
||||||
azurelinuxagent/daemon/resourcedisk/freebsd.py | 53 ++++++++++++------
|
|
||||||
tests/distro/test_resourceDisk.py | 47 ++++++++++++++--
|
|
||||||
3 files changed, 133 insertions(+), 41 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/azurelinuxagent/daemon/resourcedisk/default.py b/azurelinuxagent/daemon/resourcedisk/default.py
|
|
||||||
index 0f0925d..cfb76d2 100644
|
|
||||||
--- a/azurelinuxagent/daemon/resourcedisk/default.py
|
|
||||||
+++ b/azurelinuxagent/daemon/resourcedisk/default.py
|
|
||||||
@@ -17,6 +17,7 @@
|
|
||||||
|
|
||||||
import os
|
|
||||||
import re
|
|
||||||
+import stat
|
|
||||||
import sys
|
|
||||||
import threading
|
|
||||||
from time import sleep
|
|
||||||
@@ -124,12 +125,13 @@ class ResourceDiskHandler(object):
|
|
||||||
force_option = 'F'
|
|
||||||
if self.fs == 'xfs':
|
|
||||||
force_option = 'f'
|
|
||||||
- mkfs_string = "mkfs.{0} -{2} {1}".format(self.fs, partition, force_option)
|
|
||||||
+ mkfs_string = "mkfs.{0} -{2} {1}".format(
|
|
||||||
+ self.fs, partition, force_option)
|
|
||||||
|
|
||||||
if "gpt" in ret[1]:
|
|
||||||
logger.info("GPT detected, finding partitions")
|
|
||||||
parts = [x for x in ret[1].split("\n") if
|
|
||||||
- re.match("^\s*[0-9]+", x)]
|
|
||||||
+ re.match(r"^\s*[0-9]+", x)]
|
|
||||||
logger.info("Found {0} GPT partition(s).", len(parts))
|
|
||||||
if len(parts) > 1:
|
|
||||||
logger.info("Removing old GPT partitions")
|
|
||||||
@@ -138,18 +140,23 @@ class ResourceDiskHandler(object):
|
|
||||||
shellutil.run("parted {0} rm {1}".format(device, i))
|
|
||||||
|
|
||||||
logger.info("Creating new GPT partition")
|
|
||||||
- shellutil.run("parted {0} mkpart primary 0% 100%".format(device))
|
|
||||||
+ shellutil.run(
|
|
||||||
+ "parted {0} mkpart primary 0% 100%".format(device))
|
|
||||||
|
|
||||||
logger.info("Format partition [{0}]", mkfs_string)
|
|
||||||
shellutil.run(mkfs_string)
|
|
||||||
else:
|
|
||||||
logger.info("GPT not detected, determining filesystem")
|
|
||||||
- ret = self.change_partition_type(suppress_message=True, option_str="{0} 1 -n".format(device))
|
|
||||||
+ ret = self.change_partition_type(
|
|
||||||
+ suppress_message=True,
|
|
||||||
+ option_str="{0} 1 -n".format(device))
|
|
||||||
ptype = ret[1].strip()
|
|
||||||
if ptype == "7" and self.fs != "ntfs":
|
|
||||||
logger.info("The partition is formatted with ntfs, updating "
|
|
||||||
"partition type to 83")
|
|
||||||
- self.change_partition_type(suppress_message=False, option_str="{0} 1 83".format(device))
|
|
||||||
+ self.change_partition_type(
|
|
||||||
+ suppress_message=False,
|
|
||||||
+ option_str="{0} 1 83".format(device))
|
|
||||||
self.reread_partition_table(device)
|
|
||||||
logger.info("Format partition [{0}]", mkfs_string)
|
|
||||||
shellutil.run(mkfs_string)
|
|
||||||
@@ -169,7 +176,8 @@ class ResourceDiskHandler(object):
|
|
||||||
attempts -= 1
|
|
||||||
|
|
||||||
if not os.path.exists(partition):
|
|
||||||
- raise ResourceDiskError("Partition was not created [{0}]".format(partition))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Partition was not created [{0}]".format(partition))
|
|
||||||
|
|
||||||
logger.info("Mount resource disk [{0}]", mount_string)
|
|
||||||
ret, output = shellutil.run_get_output(mount_string, chk_err=False)
|
|
||||||
@@ -215,14 +223,19 @@ class ResourceDiskHandler(object):
|
|
||||||
"""
|
|
||||||
|
|
||||||
command_to_use = '--part-type'
|
|
||||||
- input = "sfdisk {0} {1} {2}".format(command_to_use, '-f' if suppress_message else '', option_str)
|
|
||||||
- err_code, output = shellutil.run_get_output(input, chk_err=False, log_cmd=True)
|
|
||||||
+ input = "sfdisk {0} {1} {2}".format(
|
|
||||||
+ command_to_use, '-f' if suppress_message else '', option_str)
|
|
||||||
+ err_code, output = shellutil.run_get_output(
|
|
||||||
+ input, chk_err=False, log_cmd=True)
|
|
||||||
|
|
||||||
# fall back to -c
|
|
||||||
if err_code != 0:
|
|
||||||
- logger.info("sfdisk with --part-type failed [{0}], retrying with -c", err_code)
|
|
||||||
+ logger.info(
|
|
||||||
+ "sfdisk with --part-type failed [{0}], retrying with -c",
|
|
||||||
+ err_code)
|
|
||||||
command_to_use = '-c'
|
|
||||||
- input = "sfdisk {0} {1} {2}".format(command_to_use, '-f' if suppress_message else '', option_str)
|
|
||||||
+ input = "sfdisk {0} {1} {2}".format(
|
|
||||||
+ command_to_use, '-f' if suppress_message else '', option_str)
|
|
||||||
err_code, output = shellutil.run_get_output(input, log_cmd=True)
|
|
||||||
|
|
||||||
if err_code == 0:
|
|
||||||
@@ -245,16 +258,30 @@ class ResourceDiskHandler(object):
|
|
||||||
else:
|
|
||||||
return 'mount {0} {1}'.format(partition, mount_point)
|
|
||||||
|
|
||||||
+ @staticmethod
|
|
||||||
+ def check_existing_swap_file(swapfile, swaplist, size):
|
|
||||||
+ if swapfile in swaplist and os.path.isfile(
|
|
||||||
+ swapfile) and os.path.getsize(swapfile) == size:
|
|
||||||
+ logger.info("Swap already enabled")
|
|
||||||
+ # restrict access to owner (remove all access from group, others)
|
|
||||||
+ swapfile_mode = os.stat(swapfile).st_mode
|
|
||||||
+ if swapfile_mode & (stat.S_IRWXG | stat.S_IRWXO):
|
|
||||||
+ swapfile_mode = swapfile_mode & ~(stat.S_IRWXG | stat.S_IRWXO)
|
|
||||||
+ logger.info(
|
|
||||||
+ "Changing mode of {0} to {1:o}".format(
|
|
||||||
+ swapfile, swapfile_mode))
|
|
||||||
+ os.chmod(swapfile, swapfile_mode)
|
|
||||||
+ return True
|
|
||||||
+
|
|
||||||
+ return False
|
|
||||||
+
|
|
||||||
def create_swap_space(self, mount_point, size_mb):
|
|
||||||
size_kb = size_mb * 1024
|
|
||||||
size = size_kb * 1024
|
|
||||||
swapfile = os.path.join(mount_point, 'swapfile')
|
|
||||||
swaplist = shellutil.run_get_output("swapon -s")[1]
|
|
||||||
|
|
||||||
- if swapfile in swaplist \
|
|
||||||
- and os.path.isfile(swapfile) \
|
|
||||||
- and os.path.getsize(swapfile) == size:
|
|
||||||
- logger.info("Swap already enabled")
|
|
||||||
+ if self.check_existing_swap_file(swapfile, swaplist, size):
|
|
||||||
return
|
|
||||||
|
|
||||||
if os.path.isfile(swapfile) and os.path.getsize(swapfile) != size:
|
|
||||||
@@ -296,7 +323,8 @@ class ResourceDiskHandler(object):
|
|
||||||
os.remove(filename)
|
|
||||||
|
|
||||||
# If file system is xfs, use dd right away as we have been reported that
|
|
||||||
- # swap enabling fails in xfs fs when disk space is allocated with fallocate
|
|
||||||
+ # swap enabling fails in xfs fs when disk space is allocated with
|
|
||||||
+ # fallocate
|
|
||||||
ret = 0
|
|
||||||
fn_sh = shellutil.quote((filename,))
|
|
||||||
if self.fs != 'xfs':
|
|
||||||
@@ -305,13 +333,21 @@ class ResourceDiskHandler(object):
|
|
||||||
# Probable errors:
|
|
||||||
# - OSError: Seen on Cygwin, libc notimpl?
|
|
||||||
# - AttributeError: What if someone runs this under...
|
|
||||||
+ fd = None
|
|
||||||
+
|
|
||||||
try:
|
|
||||||
- with open(filename, 'w') as f:
|
|
||||||
- os.posix_fallocate(f.fileno(), 0, nbytes)
|
|
||||||
- return 0
|
|
||||||
- except:
|
|
||||||
+ fd = os.open(
|
|
||||||
+ filename,
|
|
||||||
+ os.O_CREAT | os.O_WRONLY | os.O_EXCL,
|
|
||||||
+ stat.S_IRUSR | stat.S_IWUSR)
|
|
||||||
+ os.posix_fallocate(fd, 0, nbytes)
|
|
||||||
+ return 0
|
|
||||||
+ except BaseException:
|
|
||||||
# Not confident with this thing, just keep trying...
|
|
||||||
pass
|
|
||||||
+ finally:
|
|
||||||
+ if fd is not None:
|
|
||||||
+ os.close(fd)
|
|
||||||
|
|
||||||
# fallocate command
|
|
||||||
ret = shellutil.run(
|
|
||||||
diff --git a/azurelinuxagent/daemon/resourcedisk/freebsd.py b/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
|
||||||
index a65d7f8..a29df3a 100644
|
|
||||||
--- a/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
|
||||||
+++ b/azurelinuxagent/daemon/resourcedisk/freebsd.py
|
|
||||||
@@ -22,6 +22,7 @@ import azurelinuxagent.common.utils.shellutil as shellutil
|
|
||||||
from azurelinuxagent.common.exception import ResourceDiskError
|
|
||||||
from azurelinuxagent.daemon.resourcedisk.default import ResourceDiskHandler
|
|
||||||
|
|
||||||
+
|
|
||||||
class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
|
||||||
"""
|
|
||||||
This class handles resource disk mounting for FreeBSD.
|
|
||||||
@@ -34,6 +35,7 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
|
||||||
1. MBR: The resource disk partition is /dev/da1s1
|
|
||||||
2. GPT: The resource disk partition is /dev/da1p2, /dev/da1p1 is for reserved usage.
|
|
||||||
"""
|
|
||||||
+
|
|
||||||
def __init__(self):
|
|
||||||
super(FreeBSDResourceDiskHandler, self).__init__()
|
|
||||||
|
|
||||||
@@ -50,25 +52,30 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
|
||||||
def mount_resource_disk(self, mount_point):
|
|
||||||
fs = self.fs
|
|
||||||
if fs != 'ufs':
|
|
||||||
- raise ResourceDiskError("Unsupported filesystem type:{0}, only ufs is supported.".format(fs))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Unsupported filesystem type:{0}, only ufs is supported.".format(fs))
|
|
||||||
|
|
||||||
# 1. Detect device
|
|
||||||
err, output = shellutil.run_get_output('gpart list')
|
|
||||||
if err:
|
|
||||||
- raise ResourceDiskError("Unable to detect resource disk device:{0}".format(output))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Unable to detect resource disk device:{0}".format(output))
|
|
||||||
disks = self.parse_gpart_list(output)
|
|
||||||
|
|
||||||
device = self.osutil.device_for_ide_port(1)
|
|
||||||
- if device is None or not device in disks:
|
|
||||||
- # fallback logic to find device
|
|
||||||
- err, output = shellutil.run_get_output('camcontrol periphlist 2:1:0')
|
|
||||||
+ if device is None or device not in disks:
|
|
||||||
+ # fallback logic to find device
|
|
||||||
+ err, output = shellutil.run_get_output(
|
|
||||||
+ 'camcontrol periphlist 2:1:0')
|
|
||||||
if err:
|
|
||||||
# try again on "3:1:0"
|
|
||||||
- err, output = shellutil.run_get_output('camcontrol periphlist 3:1:0')
|
|
||||||
+ err, output = shellutil.run_get_output(
|
|
||||||
+ 'camcontrol periphlist 3:1:0')
|
|
||||||
if err:
|
|
||||||
- raise ResourceDiskError("Unable to detect resource disk device:{0}".format(output))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Unable to detect resource disk device:{0}".format(output))
|
|
||||||
|
|
||||||
- # 'da1: generation: 4 index: 1 status: MORE\npass2: generation: 4 index: 2 status: LAST\n'
|
|
||||||
+ # 'da1: generation: 4 index: 1 status: MORE\npass2: generation: 4 index: 2 status: LAST\n'
|
|
||||||
for line in output.split('\n'):
|
|
||||||
index = line.find(':')
|
|
||||||
if index > 0:
|
|
||||||
@@ -89,9 +96,11 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
|
||||||
elif partition_table_type == 'GPT':
|
|
||||||
provider_name = device + 'p2'
|
|
||||||
else:
|
|
||||||
- raise ResourceDiskError("Unsupported partition table type:{0}".format(output))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Unsupported partition table type:{0}".format(output))
|
|
||||||
|
|
||||||
- err, output = shellutil.run_get_output('gpart show -p {0}'.format(device))
|
|
||||||
+ err, output = shellutil.run_get_output(
|
|
||||||
+ 'gpart show -p {0}'.format(device))
|
|
||||||
if err or output.find(provider_name) == -1:
|
|
||||||
raise ResourceDiskError("Resource disk partition not found.")
|
|
||||||
|
|
||||||
@@ -110,14 +119,24 @@ class FreeBSDResourceDiskHandler(ResourceDiskHandler):
|
|
||||||
mount_cmd = 'mount -t {0} {1} {2}'.format(fs, partition, mount_point)
|
|
||||||
err = shellutil.run(mount_cmd, chk_err=False)
|
|
||||||
if err:
|
|
||||||
- logger.info('Creating {0} filesystem on partition {1}'.format(fs, partition))
|
|
||||||
- err, output = shellutil.run_get_output('newfs -U {0}'.format(partition))
|
|
||||||
+ logger.info(
|
|
||||||
+ 'Creating {0} filesystem on partition {1}'.format(
|
|
||||||
+ fs, partition))
|
|
||||||
+ err, output = shellutil.run_get_output(
|
|
||||||
+ 'newfs -U {0}'.format(partition))
|
|
||||||
if err:
|
|
||||||
- raise ResourceDiskError("Failed to create new filesystem on partition {0}, error:{1}"
|
|
||||||
- .format(partition, output))
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Failed to create new filesystem on partition {0}, error:{1}" .format(
|
|
||||||
+ partition, output))
|
|
||||||
err, output = shellutil.run_get_output(mount_cmd, chk_err=False)
|
|
||||||
if err:
|
|
||||||
- raise ResourceDiskError("Failed to mount partition {0}, error {1}".format(partition, output))
|
|
||||||
-
|
|
||||||
- logger.info("Resource disk partition {0} is mounted at {1} with fstype {2}", partition, mount_point, fs)
|
|
||||||
+ raise ResourceDiskError(
|
|
||||||
+ "Failed to mount partition {0}, error {1}".format(
|
|
||||||
+ partition, output))
|
|
||||||
+
|
|
||||||
+ logger.info(
|
|
||||||
+ "Resource disk partition {0} is mounted at {1} with fstype {2}",
|
|
||||||
+ partition,
|
|
||||||
+ mount_point,
|
|
||||||
+ fs)
|
|
||||||
return mount_point
|
|
||||||
diff --git a/tests/distro/test_resourceDisk.py b/tests/distro/test_resourceDisk.py
|
|
||||||
index d2ce6e1..5f9db0a 100644
|
|
||||||
--- a/tests/distro/test_resourceDisk.py
|
|
||||||
+++ b/tests/distro/test_resourceDisk.py
|
|
||||||
@@ -18,6 +18,8 @@
|
|
||||||
# http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
|
|
||||||
# http://msdn.microsoft.com/en-us/library/cc227259%28PROT.13%29.aspx
|
|
||||||
|
|
||||||
+import os
|
|
||||||
+import stat
|
|
||||||
import sys
|
|
||||||
from azurelinuxagent.common.utils import shellutil
|
|
||||||
from azurelinuxagent.daemon.resourcedisk import get_resourcedisk_handler
|
|
||||||
@@ -38,6 +40,11 @@ class TestResourceDisk(AgentTestCase):
|
|
||||||
# assert
|
|
||||||
assert os.path.exists(test_file)
|
|
||||||
|
|
||||||
+ # only the owner should have access
|
|
||||||
+ mode = os.stat(test_file).st_mode & (
|
|
||||||
+ stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO)
|
|
||||||
+ assert mode == stat.S_IRUSR | stat.S_IWUSR
|
|
||||||
+
|
|
||||||
# cleanup
|
|
||||||
os.remove(test_file)
|
|
||||||
|
|
||||||
@@ -49,7 +56,7 @@ class TestResourceDisk(AgentTestCase):
|
|
||||||
file_size = 1024 * 128
|
|
||||||
|
|
||||||
# execute
|
|
||||||
- if sys.version_info >= (3,3):
|
|
||||||
+ if sys.version_info >= (3, 3):
|
|
||||||
with patch("os.posix_fallocate",
|
|
||||||
side_effect=Exception('failure')):
|
|
||||||
get_resourcedisk_handler().mkfile(test_file, file_size)
|
|
||||||
@@ -76,20 +83,20 @@ class TestResourceDisk(AgentTestCase):
|
|
||||||
resource_disk_handler.mkfile(test_file, file_size)
|
|
||||||
|
|
||||||
# assert
|
|
||||||
- if sys.version_info >= (3,3):
|
|
||||||
+ if sys.version_info >= (3, 3):
|
|
||||||
with patch("os.posix_fallocate") as posix_fallocate:
|
|
||||||
self.assertEqual(0, posix_fallocate.call_count)
|
|
||||||
|
|
||||||
assert run_patch.call_count == 1
|
|
||||||
assert "dd if" in run_patch.call_args_list[0][0][0]
|
|
||||||
|
|
||||||
-
|
|
||||||
def test_change_partition_type(self):
|
|
||||||
resource_handler = get_resourcedisk_handler()
|
|
||||||
# test when sfdisk --part-type does not exist
|
|
||||||
with patch.object(shellutil, "run_get_output",
|
|
||||||
side_effect=[[1, ''], [0, '']]) as run_patch:
|
|
||||||
- resource_handler.change_partition_type(suppress_message=True, option_str='')
|
|
||||||
+ resource_handler.change_partition_type(
|
|
||||||
+ suppress_message=True, option_str='')
|
|
||||||
|
|
||||||
# assert
|
|
||||||
assert run_patch.call_count == 2
|
|
||||||
@@ -99,12 +106,42 @@ class TestResourceDisk(AgentTestCase):
|
|
||||||
# test when sfdisk --part-type exists
|
|
||||||
with patch.object(shellutil, "run_get_output",
|
|
||||||
side_effect=[[0, '']]) as run_patch:
|
|
||||||
- resource_handler.change_partition_type(suppress_message=True, option_str='')
|
|
||||||
+ resource_handler.change_partition_type(
|
|
||||||
+ suppress_message=True, option_str='')
|
|
||||||
|
|
||||||
# assert
|
|
||||||
assert run_patch.call_count == 1
|
|
||||||
assert "sfdisk --part-type" in run_patch.call_args_list[0][0][0]
|
|
||||||
|
|
||||||
+ def test_check_existing_swap_file(self):
|
|
||||||
+ test_file = os.path.join(self.tmp_dir, 'test_swap_file')
|
|
||||||
+ file_size = 1024 * 128
|
|
||||||
+ if os.path.exists(test_file):
|
|
||||||
+ os.remove(test_file)
|
|
||||||
+
|
|
||||||
+ with open(test_file, "wb") as file:
|
|
||||||
+ file.write(bytearray(file_size))
|
|
||||||
+
|
|
||||||
+ os.chmod(test_file, stat.S_ISUID | stat.S_ISGID | stat.S_IRUSR |
|
|
||||||
+ stat.S_IWUSR | stat.S_IRWXG | stat.S_IRWXO) # 0o6677
|
|
||||||
+
|
|
||||||
+ def swap_on(_): # mimic the output of "swapon -s"
|
|
||||||
+ return [
|
|
||||||
+ "Filename Type Size Used Priority",
|
|
||||||
+ "{0} partition 16498684 0 -2".format(test_file)
|
|
||||||
+ ]
|
|
||||||
+
|
|
||||||
+ with patch.object(shellutil, "run_get_output", side_effect=swap_on):
|
|
||||||
+ get_resourcedisk_handler().check_existing_swap_file(
|
|
||||||
+ test_file, test_file, file_size)
|
|
||||||
+
|
|
||||||
+ # it should remove access from group, others
|
|
||||||
+ mode = os.stat(test_file).st_mode & (stat.S_ISUID | stat.S_ISGID |
|
|
||||||
+ stat.S_IRWXU | stat.S_IWUSR | stat.S_IRWXG | stat.S_IRWXO) # 0o6777
|
|
||||||
+ assert mode == stat.S_ISUID | stat.S_ISGID | stat.S_IRUSR | stat.S_IWUSR # 0o6600
|
|
||||||
+
|
|
||||||
+ os.remove(test_file)
|
|
||||||
+
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
unittest.main()
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -1,18 +1,15 @@
|
|||||||
Summary: Microsoft Azure Linux Agent
|
Summary: Microsoft Azure Linux Agent
|
||||||
Name: WALinuxAgent
|
Name: WALinuxAgent
|
||||||
Version: 2.2.32
|
Version: 2.2.38
|
||||||
Release: 1%{?dist}.1
|
Release: 1%{?dist}
|
||||||
|
|
||||||
License: Apache License Version 2.0
|
License: ASL 2.0
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
Url: https://github.com/Azure/WALinuxAgent
|
Url: https://github.com/Azure/WALinuxAgent
|
||||||
Source0: WALinuxAgent-2.2.32.tar.gz
|
Source0: WALinuxAgent-2.2.38.tar.gz
|
||||||
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
Patch0001: 0001-Add-inital-redhat-build-support.patch
|
Patch0001: 0001-Add-inital-redhat-build-support.patch
|
||||||
# For bz#1684181 - CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions
|
|
||||||
# For bz#1688276 - CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions [rhel-8]
|
|
||||||
Patch2: wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch
|
|
||||||
|
|
||||||
# rhel requirements
|
# rhel requirements
|
||||||
BuildRequires: python3-devel
|
BuildRequires: python3-devel
|
||||||
@ -22,6 +19,7 @@ Requires: openssh-server
|
|||||||
Requires: openssl
|
Requires: openssl
|
||||||
Requires: parted
|
Requires: parted
|
||||||
Requires: python3-pyasn1
|
Requires: python3-pyasn1
|
||||||
|
Requires: python36
|
||||||
|
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
@ -38,16 +36,13 @@ images that are built to run in the Azure environment.
|
|||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
%patch0001 -p1
|
%patch0001 -p1
|
||||||
%patch2 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%py3_build
|
%py3_build
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%{__python3} setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
|
%{__python3} setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
|
||||||
|
rm -f %{buildroot}%{_sbindir}/waagent2.0
|
||||||
# Change the shebang to the __python3 macro instead of leaving it hardcoded
|
|
||||||
pathfix.py -pni "%{__python3}" %{buildroot}%{_sbindir}/waagent
|
|
||||||
|
|
||||||
%clean
|
%clean
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
@ -67,15 +62,27 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%config(noreplace) %{_sysconfdir}/waagent.conf
|
%config(noreplace) %{_sysconfdir}/waagent.conf
|
||||||
%{_sysconfdir}/logrotate.d/waagent.logrotate
|
%{_sysconfdir}/logrotate.d/waagent.logrotate
|
||||||
%{_sbindir}/waagent
|
%{_sbindir}/waagent
|
||||||
%{_sbindir}/waagent2.0
|
|
||||||
%{_unitdir}/waagent.service
|
%{_unitdir}/waagent.service
|
||||||
/etc/udev/rules.d/66-azure-storage.rules
|
/etc/udev/rules.d/66-azure-storage.rules
|
||||||
/etc/udev/rules.d/99-azure-product-uuid.rules
|
/etc/udev/rules.d/99-azure-product-uuid.rules
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon May 20 2019 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.32-1.el8_0.1
|
* Wed Jul 24 2019 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.38-1
|
||||||
- wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch [bz#1711338]
|
- Rebase to 2.2.38 [bz#1722848]
|
||||||
- Resolves: bz#1711338
|
- Resolves: bz#1722848
|
||||||
|
([Azure]walinuxagent 2.2.38 rebase [8.1.0])
|
||||||
|
|
||||||
|
* Wed Jun 26 2019 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.32-3.el8
|
||||||
|
- wla-Switch-from-platform-python-to-python36.patch [bz#1720373]
|
||||||
|
- wla-Stop-packaging-legacy-waagent2.0.patch [bz#1720373]
|
||||||
|
- Resolves: bz#1720373
|
||||||
|
([RHEL 8.1] [Azure] Change WALinuxAgent spec to depend on Python3.6 package)
|
||||||
|
|
||||||
|
* Tue Apr 30 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 2.2.32-2.el8
|
||||||
|
- wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch [bz#1684181 bz#1688276]
|
||||||
|
- Resolves: bz#1684181
|
||||||
|
(CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions)
|
||||||
|
- Resolves: bz#1688276
|
||||||
(CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions [rhel-8])
|
(CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions [rhel-8])
|
||||||
|
|
||||||
* Fri Dec 14 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.32-1.el8
|
* Fri Dec 14 2018 Miroslav Rezanina <mrezanin@redhat.com> - 2.2.32-1.el8
|
||||||
|
Loading…
Reference in New Issue
Block a user