rpms/cloud-init
8
1
Fork 1
Code Issues Pull Requests Releases Activity

* Wed Jul 26 2023 Camilla Conte <cconte@redhat.com> - 23.1.1-8

Browse Source 
- 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch [bz#2217865]
- 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch [bz#2217865]
- 0024-Revert-limit-permissions-on-def_log_file.patch [bz#2217865]
- 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch [bz#2217865]
- 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch [bz#2217865]
- 0027-Handle-non-existent-ca-cert-config-situation-2073.patch [bz#2217865]
- 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch [bz#2222498]
- 0029-DS-VMware-modify-a-few-log-level-4284.patch [bz#2225374]
- Resolves: bz#2217865 bz#2222498 bz#2225374
This commit is contained in:
RH Virt Maint Bot 2023-07-26 13:36:19 +00:00
parent 904e611fc2
commit 24115f699b
9 changed files with 1322 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

509
0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch Normal file
View File

@ -0,0 +1,509 @@
From 908387bc0a73ae3431c0ad90f83e6a4a4e902edb Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 15:47:09 +0530
Subject: [PATCH] test fixes: update tests to reflect AUTOCONNECT_PRIORITY
setting
X-downstream-only: true
fixes: 0a2c6b6118ff ("net/sysconfig: do not use the highest autoconnect priority")
fixes: c589da20eb92 ("Setting highest autoconnect priority for network-scripts")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/cmd/devel/test_net_convert.py | 1 +
tests/unittests/distros/test_netconfig.py | 8 +++
tests/unittests/test_net.py | 51 +++++++++++++++++++
3 files changed, 60 insertions(+)
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index 71654750..43e879f7 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -60,6 +60,7 @@ DHCP=ipv4
SAMPLE_SYSCONFIG_CONTENT = """\
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth0
NM_CONTROLLED=no
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index b1c89ce3..eaf723c8 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -717,6 +717,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = {
self.ifcfg_path("eth0"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -731,6 +732,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
),
self.ifcfg_path("eth1"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
NM_CONTROLLED=no
@@ -756,6 +758,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = {
self.ifcfg_path("eth0"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -772,6 +775,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
),
self.ifcfg_path("eth1"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
NM_CONTROLLED=no
@@ -816,6 +820,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = {
self.ifcfg_path("eth0"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0
HWADDR=00:16:3e:60:7c:df
@@ -829,6 +834,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
),
self.ifcfg_path("infra0"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=infra0
IPADDR=10.0.1.2
@@ -865,6 +871,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = {
self.ifcfg_path("eth0"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0
IPADDR=192.10.1.2
@@ -877,6 +884,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
),
self.ifcfg_path("eth0.1001"): dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0.1001
IPADDR=10.0.1.2
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 7abe61b9..1261840b 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -578,6 +578,7 @@ dns = none
"""
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -740,6 +741,7 @@ dns = none
"""
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -897,6 +899,7 @@ dns = none
"""
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -1085,6 +1088,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-eth1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth1
HWADDR=cf:d6:af:48:e8:80
@@ -1094,6 +1098,7 @@ NETWORK_CONFIGS = {
),
"ifcfg-eth99": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEFROUTE=yes
DEVICE=eth99
@@ -1344,6 +1349,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
IPADDR=192.168.14.2
@@ -1490,6 +1496,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
DHCPV6C=yes
@@ -1580,6 +1587,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
DHCPV6C=yes
@@ -1656,6 +1664,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
DHCPV6C=yes
@@ -1721,6 +1730,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
IPV6_AUTOCONF=yes
@@ -1774,6 +1784,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
IPV6ADDR=2001:1::1/64
@@ -1831,6 +1842,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=iface0
DHCPV6C=yes
@@ -1913,6 +1925,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=iface0
DHCPV6C=yes
@@ -1959,6 +1972,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=iface0
NM_CONTROLLED=no
@@ -2035,6 +2049,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=iface0
ETHTOOL_OPTS="wol g"
@@ -2371,6 +2386,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
"expected_sysconfig_rhel": {
"ifcfg-bond0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BONDING_MASTER=yes
BONDING_OPTS="mode=active-backup """
"""xmit_hash_policy=layer3+4 """
@@ -2388,6 +2404,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-bond0.200": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=bond0.200
DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -2399,6 +2416,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
"ifcfg-br0": textwrap.dedent(
"""\
AGEING=250
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=br0
@@ -2418,6 +2436,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0
HWADDR=c0:d6:9f:2c:e8:80
@@ -2427,6 +2446,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth0.101": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0.101
@@ -2446,6 +2466,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth1
HWADDR=aa:d6:9f:2c:e8:80
@@ -2457,6 +2478,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth2": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth2
HWADDR=c0:bb:9f:2c:e8:80
@@ -2468,6 +2490,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth3": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
BRIDGE=br0
DEVICE=eth3
@@ -2478,6 +2501,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth4": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
BRIDGE=br0
DEVICE=eth4
@@ -2488,6 +2512,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-eth5": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth5
DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -2498,6 +2523,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
),
"ifcfg-ib0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=ib0
HWADDR=a0:00:02:20:fe:80:00:00:00:00:00:00:ec:0d:9a:03:00:15:e2:c1
@@ -3203,6 +3229,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": {
"ifcfg-bond0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BONDING_MASTER=yes
BONDING_OPTS="mode=active-backup xmit_hash_policy=layer3+4 """
"""miimon=100 num_grat_arp=5 """
@@ -3233,6 +3260,7 @@ iface bond0 inet6 static
),
"ifcfg-bond0s0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=bond0s0
HWADDR=aa:bb:cc:dd:e8:00
@@ -3260,6 +3288,7 @@ iface bond0 inet6 static
),
"ifcfg-bond0s1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=bond0s1
HWADDR=aa:bb:cc:dd:e8:01
@@ -3409,6 +3438,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": {
"ifcfg-en0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=en0
HWADDR=aa:bb:cc:dd:e8:00
@@ -3418,6 +3448,7 @@ iface bond0 inet6 static
),
"ifcfg-en0.99": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=en0.99
@@ -3555,6 +3586,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": {
"ifcfg-br0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=br0
IPADDR=192.168.2.2
@@ -3568,6 +3600,7 @@ iface bond0 inet6 static
),
"ifcfg-eth0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
BRIDGE=br0
DEVICE=eth0
@@ -3584,6 +3617,7 @@ iface bond0 inet6 static
),
"ifcfg-eth1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
BRIDGE=br0
DEVICE=eth1
@@ -3772,6 +3806,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": {
"ifcfg-eth0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0
HWADDR=52:54:00:12:34:00
@@ -3784,6 +3819,7 @@ iface bond0 inet6 static
),
"ifcfg-eth1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth1
HWADDR=52:54:00:12:34:aa
@@ -3795,6 +3831,7 @@ iface bond0 inet6 static
),
"ifcfg-eth2": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth2
HWADDR=52:54:00:12:34:ff
@@ -3879,6 +3916,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": {
"ifcfg-eth0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth0
HWADDR=cf:d6:af:48:e8:80
@@ -4474,6 +4512,7 @@ class TestRhelSysConfigRendering(CiTestCase):
expected_content = """
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1000
HWADDR=07-1c-c6-75-a4-be
@@ -4681,6 +4720,7 @@ USERCTL=no
expected = """\
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=interface0
@@ -4710,6 +4750,7 @@ USERCTL=no
expected_i1 = """\
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
@@ -4727,6 +4768,7 @@ USERCTL=no
expected_i2 = """\
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -4755,6 +4797,7 @@ USERCTL=no
expected = """\
# Created by cloud-init on instance boot automatically, do not edit.
#
+AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth0
ONBOOT=yes
@@ -4968,6 +5011,7 @@ USERCTL=no
"expected_sysconfig": {
"ifcfg-ens3": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=ens3
@@ -5013,6 +5057,7 @@ USERCTL=no
expected = {
"ifcfg-eno1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eno1
NM_CONTROLLED=no
@@ -5023,6 +5068,7 @@ USERCTL=no
),
"ifcfg-eno1.1000": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eno1.1000
IPADDR=192.6.1.9
@@ -5056,6 +5102,7 @@ USERCTL=no
expected = {
"ifcfg-bond0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BONDING_MASTER=yes
BONDING_SLAVE0=enp0s0
BONDING_SLAVE1=enp0s1
@@ -5072,6 +5119,7 @@ USERCTL=no
),
"ifcfg-enp0s0": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BONDING_MASTER=yes
BOOTPROTO=none
DEVICE=enp0s0
@@ -5085,6 +5133,7 @@ USERCTL=no
),
"ifcfg-enp0s1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BONDING_MASTER=yes
BOOTPROTO=none
DEVICE=enp0s1
@@ -5116,6 +5165,7 @@ USERCTL=no
expected = {
"ifcfg-eno1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eno1
HWADDR=07-1c-c6-75-a4-be
@@ -5195,6 +5245,7 @@ USERCTL=no
"""\
# Created by cloud-init on instance boot automatically, do not edit.
#
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0

283
0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch Normal file
View File

@ -0,0 +1,283 @@
From 9eb7ef217eb03131904fb6e0c692130126334f52 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 16:54:24 +0530
Subject: [PATCH] test fixes: remove NM_CONTROLLED=no from tests
X-downstream-only: true
fixes: b3b96bff187e9 ("Do not write NM_CONTROLLED=no in generated interface config files")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/cmd/devel/test_net_convert.py | 1 -
tests/unittests/distros/test_netconfig.py | 8 -------
tests/unittests/test_net.py | 23 -------------------
3 files changed, 32 deletions(-)
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index 43e879f7..082e9656 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -63,7 +63,6 @@ SAMPLE_SYSCONFIG_CONTENT = """\
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index eaf723c8..7ac8182a 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -724,7 +724,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
GATEWAY=192.168.1.254
IPADDR=192.168.1.5
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -735,7 +734,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -767,7 +765,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -778,7 +775,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -826,7 +822,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
HWADDR=00:16:3e:60:7c:df
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -839,7 +834,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=infra0
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
@@ -876,7 +870,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -889,7 +882,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0.1001
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 1261840b..fd656a57 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -1502,7 +1502,6 @@ NETWORK_CONFIGS = {
DHCPV6C=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1594,7 +1593,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1671,7 +1669,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1736,7 +1733,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1792,7 +1788,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1850,7 +1845,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1933,7 +1927,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1975,7 +1968,6 @@ NETWORK_CONFIGS = {
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2053,7 +2045,6 @@ NETWORK_CONFIGS = {
BOOTPROTO=dhcp
DEVICE=iface0
ETHTOOL_OPTS="wol g"
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2530,7 +2521,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
IPADDR=192.168.200.7
MTU=9000
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=InfiniBand
USERCTL=no"""
@@ -3609,7 +3599,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -3626,7 +3615,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -3920,7 +3908,6 @@ iface bond0 inet6 static
BOOTPROTO=none
DEVICE=eth0
HWADDR=cf:d6:af:48:e8:80
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no"""
@@ -4759,7 +4746,6 @@ HWADDR=fa:16:3e:25:b4:59
IPADDR=51.68.89.122
MTU=1500
NETMASK=255.255.240.0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -4774,7 +4760,6 @@ DEVICE=eth1
DHCLIENT_SET_DEFAULT_ROUTE=no
HWADDR=fa:16:3e:b1:ca:29
MTU=9000
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5027,7 +5012,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
IPV6_DEFAULTGW=2001:db8::1
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5060,7 +5044,6 @@ USERCTL=no
AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eno1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5074,7 +5057,6 @@ USERCTL=no
IPADDR=192.6.1.9
MTU=1495
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eno1
USERCTL=no
@@ -5111,7 +5093,6 @@ USERCTL=no
IPADDR=10.101.8.65
MTU=1334
NETMASK=255.255.255.192
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Bond
USERCTL=no
@@ -5124,7 +5105,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s0
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5138,7 +5118,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s1
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5170,7 +5149,6 @@ USERCTL=no
DEVICE=eno1
HWADDR=07-1c-c6-75-a4-be
METRIC=100
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5262,7 +5240,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
MTU=1400
NETMASK=255.255.248.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no

58
0024-Revert-limit-permissions-on-def_log_file.patch Normal file
View File

@ -0,0 +1,58 @@
From d39cd4de3ce41b1a1727185f2e57ec27190c23cb Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 4 Jul 2023 13:58:27 +0530
Subject: [PATCH] Revert "limit permissions on def_log_file"
This reverts commit dfff374f66904e84fb07ca157ba010fac6b5f1de.
This commit seems useless and does not effectively change permission of the
log file. Remove it.
---
cloudinit/settings.py | 1 -
cloudinit/stages.py | 1 -
doc/examples/cloud-config.txt | 4 ----
3 files changed, 6 deletions(-)
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index 3d541141..edbb217d 100644
--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
@@ -52,7 +52,6 @@ CFG_BUILTIN = {
"None",
],
"def_log_file": "/var/log/cloud-init.log",
- "def_log_file_mode": 0o600,
"log_cfgs": [],
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
"syslog_fix_perms": [],
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index 1326d205..21f30a1f 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -202,7 +202,6 @@ class Init:
def _initialize_filesystem(self):
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
- log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode")
if log_file:
# At this point the log file should have already been created
# in the setupLogging function of log.py
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index b6d16c9c..15d788f3 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -383,14 +383,10 @@ timezone: US/Eastern
# if syslog_fix_perms is a list, it will iterate through and use the
# first pair that does not raise error.
#
-# 'def_log_file' will be created with mode 'def_log_file_mode', which
-# is specified as a numeric value and defaults to 0600.
-#
# the default values are '/var/log/cloud-init.log' and 'syslog:adm'
# the value of 'def_log_file' should match what is configured in logging
# if either is empty, then no change of ownership will be done
def_log_file: /var/log/my-logging-file.log
-def_log_file_mode: 0600
syslog_fix_perms: syslog:root
# you can set passwords for a user or multiple users

43
0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch Normal file
View File

@ -0,0 +1,43 @@
From f1ccdbdb6c662ce67b4af74e0433a59f099d784a Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 17:54:04 +0530
Subject: [PATCH] test fixes: changes to apply RHEL specific config settings to
tests
X-downstream-only: true
fixes: c4d66915520554adedff9b ("Add initial redhat changes")
fixes: dfff374f66904e84fb07ca ("limit permissions on def_log_file")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/cmd/test_main.py | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/tests/unittests/cmd/test_main.py b/tests/unittests/cmd/test_main.py
index e9ad0bb8..5d61aa2c 100644
--- a/tests/unittests/cmd/test_main.py
+++ b/tests/unittests/cmd/test_main.py
@@ -119,14 +119,17 @@ class TestMain(FilesystemMockingTestCase):
{
"def_log_file": "/var/log/cloud-init.log",
"log_cfgs": [],
- "syslog_fix_perms": [
- "syslog:adm",
- "root:adm",
- "root:wheel",
- "root:root",
- ],
"vendor_data": {"enabled": True, "prefix": []},
"vendor_data2": {"enabled": True, "prefix": []},
+ "syslog_fix_perms": [],
+ "mount_default_fields": [
+ None,
+ None,
+ "auto",
+ "defaults,nofail",
+ "0",
+ "2",
+ ],
}
)
updated_cfg.pop("system_info")

90
0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch Normal file
View File

@ -0,0 +1,90 @@
From 7a530e186e791858bf70accd2fab80dd9b43ee7e Mon Sep 17 00:00:00 2001
From: Robert Schweikert <rjschwei@suse.com>
Date: Thu, 23 Feb 2023 16:43:56 -0500
Subject: [PATCH] Enable SUSE based distros for ca handling (#2036)
CA handling in the configuration module was previously not supported
for SUSE based distros. Enable this functionality by creating the
necessary configuration settings.
Secondly update the test such that it does not bleed through to the
test system.
(cherry picked from commit 46fcd03187d70f405c748f7a6cfdb02ecb8c6ee7)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/config/cc_ca_certs.py | 31 +++++++++++++++++++++-
tests/unittests/config/test_cc_ca_certs.py | 2 ++
2 files changed, 32 insertions(+), 1 deletion(-)
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
index 169b0e18..51b8577c 100644
--- a/cloudinit/config/cc_ca_certs.py
+++ b/cloudinit/config/cc_ca_certs.py
@@ -32,8 +32,25 @@ DISTRO_OVERRIDES = {
"ca_cert_config": None,
"ca_cert_update_cmd": ["update-ca-trust"],
},
+ "opensuse": {
+ "ca_cert_path": "/etc/pki/trust/",
+ "ca_cert_local_path": "/usr/share/pki/trust/",
+ "ca_cert_filename": "anchors/cloud-init-ca-cert-{cert_index}.crt",
+ "ca_cert_config": None,
+ "ca_cert_update_cmd": ["update-ca-certificates"],
+ },
}
+for distro in (
+ "opensuse-microos",
+ "opensuse-tumbleweed",
+ "opensuse-leap",
+ "sle_hpc",
+ "sle-micro",
+ "sles",
+):
+ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"]
+
MODULE_DESCRIPTION = """\
This module adds CA certificates to the system's CA store and updates any
related files using the appropriate OS-specific utility. The default CA
@@ -48,7 +65,19 @@ configuration option ``remove_defaults``.
Alpine Linux requires the ca-certificates package to be installed in
order to provide the ``update-ca-certificates`` command.
"""
-distros = ["alpine", "debian", "rhel", "ubuntu"]
+distros = [
+ "alpine",
+ "debian",
+ "rhel",
+ "opensuse",
+ "opensuse-microos",
+ "opensuse-tumbleweed",
+ "opensuse-leap",
+ "sle_hpc",
+ "sle-micro",
+ "sles",
+ "ubuntu",
+]
meta: MetaSchema = {
"id": "cc_ca_certs",
diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py
index 19e5d422..6db17485 100644
--- a/tests/unittests/config/test_cc_ca_certs.py
+++ b/tests/unittests/config/test_cc_ca_certs.py
@@ -311,6 +311,7 @@ class TestRemoveDefaultCaCerts(TestCase):
"cloud_dir": tmpdir,
}
)
+ self.add_patch("cloudinit.config.cc_ca_certs.os.stat", "m_stat")
def test_commands(self):
ca_certs_content = "# line1\nline2\nline3\n"
@@ -318,6 +319,7 @@ class TestRemoveDefaultCaCerts(TestCase):
"# line1\n# Modified by cloud-init to deselect certs due to"
" user-data\n!line2\n!line3\n"
)
+ self.m_stat.return_value.st_size = 1
for distro_name in cc_ca_certs.distros:
conf = cc_ca_certs._distro_ca_certs_configs(distro_name)

85
0027-Handle-non-existent-ca-cert-config-situation-2073.patch Normal file
View File

@ -0,0 +1,85 @@
From add770c442088c0915bdefad2a7438f9a38596c5 Mon Sep 17 00:00:00 2001
From: Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com>
Date: Fri, 17 Mar 2023 03:01:22 +0530
Subject: [PATCH] Handle non existent ca-cert-config situation (#2073)
Currently if a cert file doesn't exist, cc_ca_certs module crashes
This fix makes it possible to handle it gracefully.
Also, out_lines variable may not be available if os.stat returns 0.
This issue is also taken care of.
Added tests for the same.
(cherry picked from commit 3634678465e7b8f8608bcb9a1f5773ae7837cbe9)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/config/cc_ca_certs.py | 19 +++++++++++++------
tests/unittests/config/test_cc_ca_certs.py | 12 ++++++++++++
2 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
index 51b8577c..4dc08681 100644
--- a/cloudinit/config/cc_ca_certs.py
+++ b/cloudinit/config/cc_ca_certs.py
@@ -177,14 +177,20 @@ def disable_system_ca_certs(distro_cfg):
@param distro_cfg: A hash providing _distro_ca_certs_configs function.
"""
- if distro_cfg["ca_cert_config"] is None:
+
+ ca_cert_cfg_fn = distro_cfg["ca_cert_config"]
+
+ if not ca_cert_cfg_fn or not os.path.exists(ca_cert_cfg_fn):
return
+
header_comment = (
"# Modified by cloud-init to deselect certs due to user-data"
)
+
added_header = False
- if os.stat(distro_cfg["ca_cert_config"]).st_size != 0:
- orig = util.load_file(distro_cfg["ca_cert_config"])
+
+ if os.stat(ca_cert_cfg_fn).st_size:
+ orig = util.load_file(ca_cert_cfg_fn)
out_lines = []
for line in orig.splitlines():
if line == header_comment:
@@ -197,9 +203,10 @@ def disable_system_ca_certs(distro_cfg):
out_lines.append(header_comment)
added_header = True
out_lines.append("!" + line)
- util.write_file(
- distro_cfg["ca_cert_config"], "\n".join(out_lines) + "\n", omode="wb"
- )
+
+ util.write_file(
+ ca_cert_cfg_fn, "\n".join(out_lines) + "\n", omode="wb"
+ )
def remove_default_ca_certs(distro_cfg):
diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py
index 6db17485..5f1894e7 100644
--- a/tests/unittests/config/test_cc_ca_certs.py
+++ b/tests/unittests/config/test_cc_ca_certs.py
@@ -365,6 +365,18 @@ class TestRemoveDefaultCaCerts(TestCase):
else:
assert mock_subp.call_count == 0
+ def test_non_existent_cert_cfg(self):
+ self.m_stat.return_value.st_size = 0
+
+ for distro_name in cc_ca_certs.distros:
+ conf = cc_ca_certs._distro_ca_certs_configs(distro_name)
+ with ExitStack() as mocks:
+ mocks.enter_context(
+ mock.patch.object(util, "delete_dir_contents")
+ )
+ mocks.enter_context(mock.patch.object(subp, "subp"))
+ cc_ca_certs.disable_default_ca_certs(distro_name, conf)
+
class TestCACertsSchema:
"""Directly test schema rather than through handle."""

172
0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch Normal file
View File

@ -0,0 +1,172 @@
From 1cecfe4bc3d7e4806d1890615a119e478decd5fd Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 20 Jul 2023 23:56:01 +0530
Subject: [PATCH] logging: keep current file mode of log file if its stricter
than the new mode (#4250)
By default, the cloud init log file is created with mode 0o644 with
`preserve_mode` parameter of `write_file()` set to False. This means that when
an existing log file is found, its mode will be unconditionally reset to the
mode 0o644. It is possible that this might cause the change of the mode of the
log file from the current more stricter mode to a less strict mode
(when the new mode 0o644 is less strict than the existing mode of the file).
In order to mitigate the above issue, check the current mode of the log file
and if the current mode is stricter than the default new mode 0o644, then
preserve the current mode of the file.
Fixes GH-4243
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit a0e4ec15a1adffabd1c539879514eae4807c834c)
Conflicts:
tests/unittests/test_util.py
---
cloudinit/stages.py | 15 ++++++++++++++-
cloudinit/util.py | 23 +++++++++++++++++++++++
tests/unittests/test_stages.py | 23 ++++++++++++++++-------
tests/unittests/test_util.py | 24 ++++++++++++++++++++++++
4 files changed, 77 insertions(+), 8 deletions(-)
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index 21f30a1f..979179af 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -200,12 +200,25 @@ class Init:
self._initialize_filesystem()
def _initialize_filesystem(self):
+ mode = 0o640
+ fmode = None
+
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
if log_file:
# At this point the log file should have already been created
# in the setupLogging function of log.py
- util.ensure_file(log_file, mode=0o640, preserve_mode=False)
+
+ try:
+ fmode = util.get_permissions(log_file)
+ except OSError:
+ pass
+
+ # if existing file mode fmode is stricter, do not change it.
+ if fmode and util.compare_permission(fmode, mode) < 0:
+ mode = fmode
+
+ util.ensure_file(log_file, mode, preserve_mode=False)
perms = self.cfg.get("syslog_fix_perms")
if not perms:
perms = {}
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 4a8e3d3b..af617e73 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -2099,6 +2099,29 @@ def safe_int(possible_int):
return None
+def compare_permission(mode1, mode2):
+ """Compare two file modes in octal.
+
+ If mode1 is less restrictive than mode2 return 1
+ If mode1 is more restrictive than mode2 return -1
+ If mode1 is same as mode2, return 0
+
+ The comparison starts from the permission of the
+ set of users in "others" and then works up to the
+ permission of "user" set.
+ """
+ # Convert modes to octal and reverse the last 3 digits
+ # so 0o640 would be become 0o046
+ mode1_oct = oct(mode1)[2:].rjust(3, "0")
+ mode2_oct = oct(mode2)[2:].rjust(3, "0")
+ m1 = int(mode1_oct[:-3] + mode1_oct[-3:][::-1], 8)
+ m2 = int(mode2_oct[:-3] + mode2_oct[-3:][::-1], 8)
+
+ # Then do a traditional cmp()
+ # https://docs.python.org/3.0/whatsnew/3.0.html#ordering-comparisons
+ return (m1 > m2) - (m1 < m2)
+
+
def chmod(path, mode):
real_mode = safe_int(mode)
if path and real_mode:
diff --git a/tests/unittests/test_stages.py b/tests/unittests/test_stages.py
index a61f9df9..831ea9f2 100644
--- a/tests/unittests/test_stages.py
+++ b/tests/unittests/test_stages.py
@@ -606,13 +606,22 @@ class TestInit_InitializeFilesystem:
# Assert we create it 0o640 by default if it doesn't already exist
assert 0o640 == stat.S_IMODE(log_file.stat().mode)
- def test_existing_file_permissions(self, init, tmpdir):
+ @pytest.mark.parametrize(
+ "set_perms,expected_perms",
+ [
+ (0o640, 0o640),
+ (0o606, 0o640),
+ (0o600, 0o600),
+ ],
+ )
+ def test_existing_file_permissions(
+ self, init, tmpdir, set_perms, expected_perms
+ ):
"""Test file permissions are set as expected.
- CIS Hardening requires 640 permissions. These permissions are
- currently hardcoded on every boot, but if there's ever a reason
- to change this, we need to then ensure that they
- are *not* set every boot.
+ CIS Hardening requires 640 permissions. If the file has looser
+ permissions, then hard code 640. If the file has tighter
+ permissions, then leave them as they are
See https://bugs.launchpad.net/cloud-init/+bug/1900837.
"""
@@ -620,9 +629,9 @@ class TestInit_InitializeFilesystem:
log_file.ensure()
# Use a mode that will never be made the default so this test will
# always be valid
- log_file.chmod(0o606)
+ log_file.chmod(set_perms)
init._cfg = {"def_log_file": str(log_file)}
init._initialize_filesystem()
- assert 0o640 == stat.S_IMODE(log_file.stat().mode)
+ assert expected_perms == stat.S_IMODE(log_file.stat().mode)
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
index 17182d06..289a4234 100644
--- a/tests/unittests/test_util.py
+++ b/tests/unittests/test_util.py
@@ -3051,3 +3051,27 @@ class TestVersion:
)
def test_from_str(self, str_ver, cls_ver):
assert util.Version.from_str(str_ver) == cls_ver
+
+
+class TestComparePermissions:
+ @pytest.mark.parametrize(
+ "perm1,perm2,expected",
+ [
+ (0o777, 0o777, 0),
+ (0o000, 0o000, 0),
+ (0o421, 0o421, 0),
+ (0o1640, 0o1640, 0),
+ (0o1407, 0o1600, 1),
+ (0o1600, 0o1407, -1),
+ (0o407, 0o600, 1),
+ (0o600, 0o407, -1),
+ (0o007, 0o700, 1),
+ (0o700, 0o007, -1),
+ (0o077, 0o100, 1),
+ (0o644, 0o640, 1),
+ (0o640, 0o600, 1),
+ (0o600, 0o400, 1),
+ ],
+ )
+ def test_compare_permissions(self, perm1, perm2, expected):
+ assert util.compare_permission(perm1, perm2) == expected

62
0029-DS-VMware-modify-a-few-log-level-4284.patch Normal file
View File

@ -0,0 +1,62 @@
From 25ac8bb44af554a040f0dfa9b52e9241a33a4845 Mon Sep 17 00:00:00 2001
From: PengpengSun <40026211+PengpengSun@users.noreply.github.com>
Date: Tue, 25 Jul 2023 05:21:46 +0800
Subject: [PATCH] DS VMware: modify a few log level (#4284)
Multiple ip addresses are common scenario for modern Linux, so set
debug log level for such cases.
(cherry picked from commit 4a6a9d3f6c8fe213c51f6c1336f1dd378bf4bdca)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/sources/DataSourceVMware.py | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/cloudinit/sources/DataSourceVMware.py b/cloudinit/sources/DataSourceVMware.py
index 07a80222..bc3b5a5f 100644
--- a/cloudinit/sources/DataSourceVMware.py
+++ b/cloudinit/sources/DataSourceVMware.py
@@ -1,6 +1,6 @@
# Cloud-Init DataSource for VMware
#
-# Copyright (c) 2018-2022 VMware, Inc. All Rights Reserved.
+# Copyright (c) 2018-2023 VMware, Inc. All Rights Reserved.
#
# Authors: Anish Swaminathan <anishs@vmware.com>
# Andrew Kutz <akutz@vmware.com>
@@ -719,7 +719,7 @@ def get_default_ip_addrs():
af_inet4 = addr4_fams.get(netifaces.AF_INET)
if af_inet4:
if len(af_inet4) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv4 address: %s",
dev4,
af_inet4,
@@ -737,7 +737,7 @@ def get_default_ip_addrs():
af_inet6 = addr6_fams.get(netifaces.AF_INET6)
if af_inet6:
if len(af_inet6) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv6 address: %s",
dev6,
af_inet6,
@@ -752,7 +752,7 @@ def get_default_ip_addrs():
af_inet6 = addr4_fams.get(netifaces.AF_INET6)
if af_inet6:
if len(af_inet6) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv6 address: %s",
dev4,
af_inet6,
@@ -767,7 +767,7 @@ def get_default_ip_addrs():
af_inet4 = addr6_fams.get(netifaces.AF_INET)
if af_inet4:
if len(af_inet4) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv4 address: %s",
dev6,
af_inet4,

21
cloud-init.spec
View File

@ -1,6 +1,6 @@
Name: cloud-init
Version: 23.1.1
Release: 7%{?dist}
Release: 8%{?dist}
Summary: Cloud instance init scripts
License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init
@ -29,6 +29,14 @@ Patch18: 0018-network-manager-Set-higher-autoconnect-priority-for-.patch
Patch19: 0019-Set-default-renderer-as-sysconfig-for-c9s-RHEL-9.patch
Patch20: 0020-Revert-Set-default-renderer-as-sysconfig-for-c9s-RHE.patch
Patch21: 0021-Set-default-renderer-as-sysconfig-for-centos-rhel-41.patch
Patch22: 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch
Patch23: 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch
Patch24: 0024-Revert-limit-permissions-on-def_log_file.patch
Patch25: 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch
Patch26: 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch
Patch27: 0027-Handle-non-existent-ca-cert-config-situation-2073.patch
Patch28: 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch
Patch29: 0029-DS-VMware-modify-a-few-log-level-4284.patch
BuildArch: noarch
@ -238,6 +246,17 @@ fi
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
%changelog
* Wed Jul 26 2023 Camilla Conte <cconte@redhat.com> - 23.1.1-8
- 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch [bz#2217865]
- 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch [bz#2217865]
- 0024-Revert-limit-permissions-on-def_log_file.patch [bz#2217865]
- 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch [bz#2217865]
- 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch [bz#2217865]
- 0027-Handle-non-existent-ca-cert-config-situation-2073.patch [bz#2217865]
- 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch [bz#2222498]
- 0029-DS-VMware-modify-a-few-log-level-4284.patch [bz#2225374]
- Resolves: bz#2217865 bz#2222498 bz#2225374
* Mon Jun 19 2023 Miroslav Rezanina <mrezanin@redhat.com> - 23.1.1-7
- 0020-Revert-Set-default-renderer-as-sysconfig-for-c9s-RHE.patch
- 0021-Set-default-renderer-as-sysconfig-for-centos-rhel-41.patch [bz#2209349]