diff --git a/0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch b/0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch new file mode 100644 index 0000000..eb85d1a --- /dev/null +++ b/0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch @@ -0,0 +1,509 @@ +From 908387bc0a73ae3431c0ad90f83e6a4a4e902edb Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Fri, 23 Jun 2023 15:47:09 +0530 +Subject: [PATCH] test fixes: update tests to reflect AUTOCONNECT_PRIORITY + setting + +X-downstream-only: true +fixes: 0a2c6b6118ff ("net/sysconfig: do not use the highest autoconnect priority") +fixes: c589da20eb92 ("Setting highest autoconnect priority for network-scripts") + +Signed-off-by: Ani Sinha +--- + tests/unittests/cmd/devel/test_net_convert.py | 1 + + tests/unittests/distros/test_netconfig.py | 8 +++ + tests/unittests/test_net.py | 51 +++++++++++++++++++ + 3 files changed, 60 insertions(+) + +diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py +index 71654750..43e879f7 100644 +--- a/tests/unittests/cmd/devel/test_net_convert.py ++++ b/tests/unittests/cmd/devel/test_net_convert.py +@@ -60,6 +60,7 @@ DHCP=ipv4 + SAMPLE_SYSCONFIG_CONTENT = """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth0 + NM_CONTROLLED=no +diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py +index b1c89ce3..eaf723c8 100644 +--- a/tests/unittests/distros/test_netconfig.py ++++ b/tests/unittests/distros/test_netconfig.py +@@ -717,6 +717,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + expected_cfgs = { + self.ifcfg_path("eth0"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -731,6 +732,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + ), + self.ifcfg_path("eth1"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1 + NM_CONTROLLED=no +@@ -756,6 +758,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + expected_cfgs = { + self.ifcfg_path("eth0"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -772,6 +775,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + ), + self.ifcfg_path("eth1"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1 + NM_CONTROLLED=no +@@ -816,6 +820,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + expected_cfgs = { + self.ifcfg_path("eth0"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0 + HWADDR=00:16:3e:60:7c:df +@@ -829,6 +834,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + ), + self.ifcfg_path("infra0"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=infra0 + IPADDR=10.0.1.2 +@@ -865,6 +871,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + expected_cfgs = { + self.ifcfg_path("eth0"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0 + IPADDR=192.10.1.2 +@@ -877,6 +884,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + ), + self.ifcfg_path("eth0.1001"): dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0.1001 + IPADDR=10.0.1.2 +diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py +index 7abe61b9..1261840b 100644 +--- a/tests/unittests/test_net.py ++++ b/tests/unittests/test_net.py +@@ -578,6 +578,7 @@ dns = none + """ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -740,6 +741,7 @@ dns = none + """ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -897,6 +899,7 @@ dns = none + """ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -1085,6 +1088,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-eth1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth1 + HWADDR=cf:d6:af:48:e8:80 +@@ -1094,6 +1098,7 @@ NETWORK_CONFIGS = { + ), + "ifcfg-eth99": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEFROUTE=yes + DEVICE=eth99 +@@ -1344,6 +1349,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + IPADDR=192.168.14.2 +@@ -1490,6 +1496,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + DHCPV6C=yes +@@ -1580,6 +1587,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + DHCPV6C=yes +@@ -1656,6 +1664,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + DHCPV6C=yes +@@ -1721,6 +1730,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + IPV6_AUTOCONF=yes +@@ -1774,6 +1784,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + IPV6ADDR=2001:1::1/64 +@@ -1831,6 +1842,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=iface0 + DHCPV6C=yes +@@ -1913,6 +1925,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=iface0 + DHCPV6C=yes +@@ -1959,6 +1972,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=iface0 + NM_CONTROLLED=no +@@ -2035,6 +2049,7 @@ NETWORK_CONFIGS = { + "expected_sysconfig_rhel": { + "ifcfg-iface0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=iface0 + ETHTOOL_OPTS="wol g" +@@ -2371,6 +2386,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + "expected_sysconfig_rhel": { + "ifcfg-bond0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BONDING_MASTER=yes + BONDING_OPTS="mode=active-backup """ + """xmit_hash_policy=layer3+4 """ +@@ -2388,6 +2404,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-bond0.200": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=bond0.200 + DHCLIENT_SET_DEFAULT_ROUTE=no +@@ -2399,6 +2416,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + "ifcfg-br0": textwrap.dedent( + """\ + AGEING=250 ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=br0 +@@ -2418,6 +2436,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0 + HWADDR=c0:d6:9f:2c:e8:80 +@@ -2427,6 +2446,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth0.101": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0.101 +@@ -2446,6 +2466,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth1 + HWADDR=aa:d6:9f:2c:e8:80 +@@ -2457,6 +2478,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth2": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth2 + HWADDR=c0:bb:9f:2c:e8:80 +@@ -2468,6 +2490,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth3": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + BRIDGE=br0 + DEVICE=eth3 +@@ -2478,6 +2501,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth4": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + BRIDGE=br0 + DEVICE=eth4 +@@ -2488,6 +2512,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-eth5": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth5 + DHCLIENT_SET_DEFAULT_ROUTE=no +@@ -2498,6 +2523,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + ), + "ifcfg-ib0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=ib0 + HWADDR=a0:00:02:20:fe:80:00:00:00:00:00:00:ec:0d:9a:03:00:15:e2:c1 +@@ -3203,6 +3229,7 @@ iface bond0 inet6 static + "expected_sysconfig_rhel": { + "ifcfg-bond0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BONDING_MASTER=yes + BONDING_OPTS="mode=active-backup xmit_hash_policy=layer3+4 """ + """miimon=100 num_grat_arp=5 """ +@@ -3233,6 +3260,7 @@ iface bond0 inet6 static + ), + "ifcfg-bond0s0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=bond0s0 + HWADDR=aa:bb:cc:dd:e8:00 +@@ -3260,6 +3288,7 @@ iface bond0 inet6 static + ), + "ifcfg-bond0s1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=bond0s1 + HWADDR=aa:bb:cc:dd:e8:01 +@@ -3409,6 +3438,7 @@ iface bond0 inet6 static + "expected_sysconfig_rhel": { + "ifcfg-en0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=en0 + HWADDR=aa:bb:cc:dd:e8:00 +@@ -3418,6 +3448,7 @@ iface bond0 inet6 static + ), + "ifcfg-en0.99": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=en0.99 +@@ -3555,6 +3586,7 @@ iface bond0 inet6 static + "expected_sysconfig_rhel": { + "ifcfg-br0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=br0 + IPADDR=192.168.2.2 +@@ -3568,6 +3600,7 @@ iface bond0 inet6 static + ), + "ifcfg-eth0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + BRIDGE=br0 + DEVICE=eth0 +@@ -3584,6 +3617,7 @@ iface bond0 inet6 static + ), + "ifcfg-eth1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + BRIDGE=br0 + DEVICE=eth1 +@@ -3772,6 +3806,7 @@ iface bond0 inet6 static + "expected_sysconfig_rhel": { + "ifcfg-eth0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0 + HWADDR=52:54:00:12:34:00 +@@ -3784,6 +3819,7 @@ iface bond0 inet6 static + ), + "ifcfg-eth1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth1 + HWADDR=52:54:00:12:34:aa +@@ -3795,6 +3831,7 @@ iface bond0 inet6 static + ), + "ifcfg-eth2": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth2 + HWADDR=52:54:00:12:34:ff +@@ -3879,6 +3916,7 @@ iface bond0 inet6 static + "expected_sysconfig_rhel": { + "ifcfg-eth0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eth0 + HWADDR=cf:d6:af:48:e8:80 +@@ -4474,6 +4512,7 @@ class TestRhelSysConfigRendering(CiTestCase): + expected_content = """ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1000 + HWADDR=07-1c-c6-75-a4-be +@@ -4681,6 +4720,7 @@ USERCTL=no + expected = """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=interface0 +@@ -4710,6 +4750,7 @@ USERCTL=no + expected_i1 = """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 +@@ -4727,6 +4768,7 @@ USERCTL=no + expected_i2 = """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1 + DHCLIENT_SET_DEFAULT_ROUTE=no +@@ -4755,6 +4797,7 @@ USERCTL=no + expected = """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth0 + ONBOOT=yes +@@ -4968,6 +5011,7 @@ USERCTL=no + "expected_sysconfig": { + "ifcfg-ens3": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=ens3 +@@ -5013,6 +5057,7 @@ USERCTL=no + expected = { + "ifcfg-eno1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eno1 + NM_CONTROLLED=no +@@ -5023,6 +5068,7 @@ USERCTL=no + ), + "ifcfg-eno1.1000": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eno1.1000 + IPADDR=192.6.1.9 +@@ -5056,6 +5102,7 @@ USERCTL=no + expected = { + "ifcfg-bond0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BONDING_MASTER=yes + BONDING_SLAVE0=enp0s0 + BONDING_SLAVE1=enp0s1 +@@ -5072,6 +5119,7 @@ USERCTL=no + ), + "ifcfg-enp0s0": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BONDING_MASTER=yes + BOOTPROTO=none + DEVICE=enp0s0 +@@ -5085,6 +5133,7 @@ USERCTL=no + ), + "ifcfg-enp0s1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BONDING_MASTER=yes + BOOTPROTO=none + DEVICE=enp0s1 +@@ -5116,6 +5165,7 @@ USERCTL=no + expected = { + "ifcfg-eno1": textwrap.dedent( + """\ ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eno1 + HWADDR=07-1c-c6-75-a4-be +@@ -5195,6 +5245,7 @@ USERCTL=no + """\ + # Created by cloud-init on instance boot automatically, do not edit. + # ++ AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEFROUTE=yes + DEVICE=eth0 diff --git a/0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch b/0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch new file mode 100644 index 0000000..f9d3362 --- /dev/null +++ b/0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch @@ -0,0 +1,283 @@ +From 9eb7ef217eb03131904fb6e0c692130126334f52 Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Fri, 23 Jun 2023 16:54:24 +0530 +Subject: [PATCH] test fixes: remove NM_CONTROLLED=no from tests + +X-downstream-only: true +fixes: b3b96bff187e9 ("Do not write NM_CONTROLLED=no in generated interface config files") + +Signed-off-by: Ani Sinha +--- + tests/unittests/cmd/devel/test_net_convert.py | 1 - + tests/unittests/distros/test_netconfig.py | 8 ------- + tests/unittests/test_net.py | 23 ------------------- + 3 files changed, 32 deletions(-) + +diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py +index 43e879f7..082e9656 100644 +--- a/tests/unittests/cmd/devel/test_net_convert.py ++++ b/tests/unittests/cmd/devel/test_net_convert.py +@@ -63,7 +63,6 @@ SAMPLE_SYSCONFIG_CONTENT = """\ + AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth0 +-NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py +index eaf723c8..7ac8182a 100644 +--- a/tests/unittests/distros/test_netconfig.py ++++ b/tests/unittests/distros/test_netconfig.py +@@ -724,7 +724,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + GATEWAY=192.168.1.254 + IPADDR=192.168.1.5 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -735,7 +734,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -767,7 +765,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + IPV6_AUTOCONF=no + IPV6_DEFAULTGW=2607:f0d0:1002:0011::1 + IPV6_FORCE_ACCEPT_RA=no +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -778,7 +775,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=eth1 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -826,7 +822,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + HWADDR=00:16:3e:60:7c:df + IPADDR=192.10.1.2 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -839,7 +834,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + DEVICE=infra0 + IPADDR=10.0.1.2 + NETMASK=255.255.0.0 +- NM_CONTROLLED=no + ONBOOT=yes + PHYSDEV=eth0 + USERCTL=no +@@ -876,7 +870,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + DEVICE=eth0 + IPADDR=192.10.1.2 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -889,7 +882,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + DEVICE=eth0.1001 + IPADDR=10.0.1.2 + NETMASK=255.255.0.0 +- NM_CONTROLLED=no + ONBOOT=yes + PHYSDEV=eth0 + USERCTL=no +diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py +index 1261840b..fd656a57 100644 +--- a/tests/unittests/test_net.py ++++ b/tests/unittests/test_net.py +@@ -1502,7 +1502,6 @@ NETWORK_CONFIGS = { + DHCPV6C=yes + IPV6INIT=yes + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1594,7 +1593,6 @@ NETWORK_CONFIGS = { + IPV6INIT=yes + IPV6_FORCE_ACCEPT_RA=yes + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1671,7 +1669,6 @@ NETWORK_CONFIGS = { + IPV6INIT=yes + IPV6_FORCE_ACCEPT_RA=no + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1736,7 +1733,6 @@ NETWORK_CONFIGS = { + IPV6_AUTOCONF=yes + IPV6INIT=yes + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1792,7 +1788,6 @@ NETWORK_CONFIGS = { + IPV6_AUTOCONF=no + IPV6_FORCE_ACCEPT_RA=no + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1850,7 +1845,6 @@ NETWORK_CONFIGS = { + IPV6_AUTOCONF=yes + IPV6INIT=yes + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1933,7 +1927,6 @@ NETWORK_CONFIGS = { + IPV6_AUTOCONF=no + IPV6_FORCE_ACCEPT_RA=yes + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -1975,7 +1968,6 @@ NETWORK_CONFIGS = { + AUTOCONNECT_PRIORITY=120 + BOOTPROTO=dhcp + DEVICE=iface0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -2053,7 +2045,6 @@ NETWORK_CONFIGS = { + BOOTPROTO=dhcp + DEVICE=iface0 + ETHTOOL_OPTS="wol g" +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -2530,7 +2521,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true + IPADDR=192.168.200.7 + MTU=9000 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=InfiniBand + USERCTL=no""" +@@ -3609,7 +3599,6 @@ iface bond0 inet6 static + IPV6INIT=yes + IPV6_AUTOCONF=no + IPV6_FORCE_ACCEPT_RA=no +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -3626,7 +3615,6 @@ iface bond0 inet6 static + IPV6INIT=yes + IPV6_AUTOCONF=no + IPV6_FORCE_ACCEPT_RA=no +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -3920,7 +3908,6 @@ iface bond0 inet6 static + BOOTPROTO=none + DEVICE=eth0 + HWADDR=cf:d6:af:48:e8:80 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no""" +@@ -4759,7 +4746,6 @@ HWADDR=fa:16:3e:25:b4:59 + IPADDR=51.68.89.122 + MTU=1500 + NETMASK=255.255.240.0 +-NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -4774,7 +4760,6 @@ DEVICE=eth1 + DHCLIENT_SET_DEFAULT_ROUTE=no + HWADDR=fa:16:3e:b1:ca:29 + MTU=9000 +-NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -5027,7 +5012,6 @@ USERCTL=no + IPV6_FORCE_ACCEPT_RA=no + IPV6_DEFAULTGW=2001:db8::1 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -5060,7 +5044,6 @@ USERCTL=no + AUTOCONNECT_PRIORITY=120 + BOOTPROTO=none + DEVICE=eno1 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -5074,7 +5057,6 @@ USERCTL=no + IPADDR=192.6.1.9 + MTU=1495 + NETMASK=255.255.255.0 +- NM_CONTROLLED=no + ONBOOT=yes + PHYSDEV=eno1 + USERCTL=no +@@ -5111,7 +5093,6 @@ USERCTL=no + IPADDR=10.101.8.65 + MTU=1334 + NETMASK=255.255.255.192 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Bond + USERCTL=no +@@ -5124,7 +5105,6 @@ USERCTL=no + BOOTPROTO=none + DEVICE=enp0s0 + MASTER=bond0 +- NM_CONTROLLED=no + ONBOOT=yes + SLAVE=yes + TYPE=Bond +@@ -5138,7 +5118,6 @@ USERCTL=no + BOOTPROTO=none + DEVICE=enp0s1 + MASTER=bond0 +- NM_CONTROLLED=no + ONBOOT=yes + SLAVE=yes + TYPE=Bond +@@ -5170,7 +5149,6 @@ USERCTL=no + DEVICE=eno1 + HWADDR=07-1c-c6-75-a4-be + METRIC=100 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no +@@ -5262,7 +5240,6 @@ USERCTL=no + IPV6_FORCE_ACCEPT_RA=no + MTU=1400 + NETMASK=255.255.248.0 +- NM_CONTROLLED=no + ONBOOT=yes + TYPE=Ethernet + USERCTL=no diff --git a/0024-Revert-limit-permissions-on-def_log_file.patch b/0024-Revert-limit-permissions-on-def_log_file.patch new file mode 100644 index 0000000..1b0e024 --- /dev/null +++ b/0024-Revert-limit-permissions-on-def_log_file.patch @@ -0,0 +1,58 @@ +From d39cd4de3ce41b1a1727185f2e57ec27190c23cb Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Tue, 4 Jul 2023 13:58:27 +0530 +Subject: [PATCH] Revert "limit permissions on def_log_file" + +This reverts commit dfff374f66904e84fb07ca157ba010fac6b5f1de. + +This commit seems useless and does not effectively change permission of the +log file. Remove it. +--- + cloudinit/settings.py | 1 - + cloudinit/stages.py | 1 - + doc/examples/cloud-config.txt | 4 ---- + 3 files changed, 6 deletions(-) + +diff --git a/cloudinit/settings.py b/cloudinit/settings.py +index 3d541141..edbb217d 100644 +--- a/cloudinit/settings.py ++++ b/cloudinit/settings.py +@@ -52,7 +52,6 @@ CFG_BUILTIN = { + "None", + ], + "def_log_file": "/var/log/cloud-init.log", +- "def_log_file_mode": 0o600, + "log_cfgs": [], + "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"], + "syslog_fix_perms": [], +diff --git a/cloudinit/stages.py b/cloudinit/stages.py +index 1326d205..21f30a1f 100644 +--- a/cloudinit/stages.py ++++ b/cloudinit/stages.py +@@ -202,7 +202,6 @@ class Init: + def _initialize_filesystem(self): + util.ensure_dirs(self._initial_subdirs()) + log_file = util.get_cfg_option_str(self.cfg, "def_log_file") +- log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode") + if log_file: + # At this point the log file should have already been created + # in the setupLogging function of log.py +diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt +index b6d16c9c..15d788f3 100644 +--- a/doc/examples/cloud-config.txt ++++ b/doc/examples/cloud-config.txt +@@ -383,14 +383,10 @@ timezone: US/Eastern + # if syslog_fix_perms is a list, it will iterate through and use the + # first pair that does not raise error. + # +-# 'def_log_file' will be created with mode 'def_log_file_mode', which +-# is specified as a numeric value and defaults to 0600. +-# + # the default values are '/var/log/cloud-init.log' and 'syslog:adm' + # the value of 'def_log_file' should match what is configured in logging + # if either is empty, then no change of ownership will be done + def_log_file: /var/log/my-logging-file.log +-def_log_file_mode: 0600 + syslog_fix_perms: syslog:root + + # you can set passwords for a user or multiple users diff --git a/0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch b/0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch new file mode 100644 index 0000000..aaefb26 --- /dev/null +++ b/0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch @@ -0,0 +1,43 @@ +From f1ccdbdb6c662ce67b4af74e0433a59f099d784a Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Fri, 23 Jun 2023 17:54:04 +0530 +Subject: [PATCH] test fixes: changes to apply RHEL specific config settings to + tests + +X-downstream-only: true +fixes: c4d66915520554adedff9b ("Add initial redhat changes") +fixes: dfff374f66904e84fb07ca ("limit permissions on def_log_file") + +Signed-off-by: Ani Sinha +--- + tests/unittests/cmd/test_main.py | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/tests/unittests/cmd/test_main.py b/tests/unittests/cmd/test_main.py +index e9ad0bb8..5d61aa2c 100644 +--- a/tests/unittests/cmd/test_main.py ++++ b/tests/unittests/cmd/test_main.py +@@ -119,14 +119,17 @@ class TestMain(FilesystemMockingTestCase): + { + "def_log_file": "/var/log/cloud-init.log", + "log_cfgs": [], +- "syslog_fix_perms": [ +- "syslog:adm", +- "root:adm", +- "root:wheel", +- "root:root", +- ], + "vendor_data": {"enabled": True, "prefix": []}, + "vendor_data2": {"enabled": True, "prefix": []}, ++ "syslog_fix_perms": [], ++ "mount_default_fields": [ ++ None, ++ None, ++ "auto", ++ "defaults,nofail", ++ "0", ++ "2", ++ ], + } + ) + updated_cfg.pop("system_info") diff --git a/0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch b/0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch new file mode 100644 index 0000000..2b2ca7d --- /dev/null +++ b/0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch @@ -0,0 +1,90 @@ +From 7a530e186e791858bf70accd2fab80dd9b43ee7e Mon Sep 17 00:00:00 2001 +From: Robert Schweikert +Date: Thu, 23 Feb 2023 16:43:56 -0500 +Subject: [PATCH] Enable SUSE based distros for ca handling (#2036) + +CA handling in the configuration module was previously not supported +for SUSE based distros. Enable this functionality by creating the +necessary configuration settings. + +Secondly update the test such that it does not bleed through to the +test system. + +(cherry picked from commit 46fcd03187d70f405c748f7a6cfdb02ecb8c6ee7) +Signed-off-by: Ani Sinha +--- + cloudinit/config/cc_ca_certs.py | 31 +++++++++++++++++++++- + tests/unittests/config/test_cc_ca_certs.py | 2 ++ + 2 files changed, 32 insertions(+), 1 deletion(-) + +diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py +index 169b0e18..51b8577c 100644 +--- a/cloudinit/config/cc_ca_certs.py ++++ b/cloudinit/config/cc_ca_certs.py +@@ -32,8 +32,25 @@ DISTRO_OVERRIDES = { + "ca_cert_config": None, + "ca_cert_update_cmd": ["update-ca-trust"], + }, ++ "opensuse": { ++ "ca_cert_path": "/etc/pki/trust/", ++ "ca_cert_local_path": "/usr/share/pki/trust/", ++ "ca_cert_filename": "anchors/cloud-init-ca-cert-{cert_index}.crt", ++ "ca_cert_config": None, ++ "ca_cert_update_cmd": ["update-ca-certificates"], ++ }, + } + ++for distro in ( ++ "opensuse-microos", ++ "opensuse-tumbleweed", ++ "opensuse-leap", ++ "sle_hpc", ++ "sle-micro", ++ "sles", ++): ++ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"] ++ + MODULE_DESCRIPTION = """\ + This module adds CA certificates to the system's CA store and updates any + related files using the appropriate OS-specific utility. The default CA +@@ -48,7 +65,19 @@ configuration option ``remove_defaults``. + Alpine Linux requires the ca-certificates package to be installed in + order to provide the ``update-ca-certificates`` command. + """ +-distros = ["alpine", "debian", "rhel", "ubuntu"] ++distros = [ ++ "alpine", ++ "debian", ++ "rhel", ++ "opensuse", ++ "opensuse-microos", ++ "opensuse-tumbleweed", ++ "opensuse-leap", ++ "sle_hpc", ++ "sle-micro", ++ "sles", ++ "ubuntu", ++] + + meta: MetaSchema = { + "id": "cc_ca_certs", +diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py +index 19e5d422..6db17485 100644 +--- a/tests/unittests/config/test_cc_ca_certs.py ++++ b/tests/unittests/config/test_cc_ca_certs.py +@@ -311,6 +311,7 @@ class TestRemoveDefaultCaCerts(TestCase): + "cloud_dir": tmpdir, + } + ) ++ self.add_patch("cloudinit.config.cc_ca_certs.os.stat", "m_stat") + + def test_commands(self): + ca_certs_content = "# line1\nline2\nline3\n" +@@ -318,6 +319,7 @@ class TestRemoveDefaultCaCerts(TestCase): + "# line1\n# Modified by cloud-init to deselect certs due to" + " user-data\n!line2\n!line3\n" + ) ++ self.m_stat.return_value.st_size = 1 + + for distro_name in cc_ca_certs.distros: + conf = cc_ca_certs._distro_ca_certs_configs(distro_name) diff --git a/0027-Handle-non-existent-ca-cert-config-situation-2073.patch b/0027-Handle-non-existent-ca-cert-config-situation-2073.patch new file mode 100644 index 0000000..ecdf8ca --- /dev/null +++ b/0027-Handle-non-existent-ca-cert-config-situation-2073.patch @@ -0,0 +1,85 @@ +From add770c442088c0915bdefad2a7438f9a38596c5 Mon Sep 17 00:00:00 2001 +From: Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com> +Date: Fri, 17 Mar 2023 03:01:22 +0530 +Subject: [PATCH] Handle non existent ca-cert-config situation (#2073) + +Currently if a cert file doesn't exist, cc_ca_certs module crashes +This fix makes it possible to handle it gracefully. + +Also, out_lines variable may not be available if os.stat returns 0. +This issue is also taken care of. + +Added tests for the same. + +(cherry picked from commit 3634678465e7b8f8608bcb9a1f5773ae7837cbe9) +Signed-off-by: Ani Sinha +--- + cloudinit/config/cc_ca_certs.py | 19 +++++++++++++------ + tests/unittests/config/test_cc_ca_certs.py | 12 ++++++++++++ + 2 files changed, 25 insertions(+), 6 deletions(-) + +diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py +index 51b8577c..4dc08681 100644 +--- a/cloudinit/config/cc_ca_certs.py ++++ b/cloudinit/config/cc_ca_certs.py +@@ -177,14 +177,20 @@ def disable_system_ca_certs(distro_cfg): + + @param distro_cfg: A hash providing _distro_ca_certs_configs function. + """ +- if distro_cfg["ca_cert_config"] is None: ++ ++ ca_cert_cfg_fn = distro_cfg["ca_cert_config"] ++ ++ if not ca_cert_cfg_fn or not os.path.exists(ca_cert_cfg_fn): + return ++ + header_comment = ( + "# Modified by cloud-init to deselect certs due to user-data" + ) ++ + added_header = False +- if os.stat(distro_cfg["ca_cert_config"]).st_size != 0: +- orig = util.load_file(distro_cfg["ca_cert_config"]) ++ ++ if os.stat(ca_cert_cfg_fn).st_size: ++ orig = util.load_file(ca_cert_cfg_fn) + out_lines = [] + for line in orig.splitlines(): + if line == header_comment: +@@ -197,9 +203,10 @@ def disable_system_ca_certs(distro_cfg): + out_lines.append(header_comment) + added_header = True + out_lines.append("!" + line) +- util.write_file( +- distro_cfg["ca_cert_config"], "\n".join(out_lines) + "\n", omode="wb" +- ) ++ ++ util.write_file( ++ ca_cert_cfg_fn, "\n".join(out_lines) + "\n", omode="wb" ++ ) + + + def remove_default_ca_certs(distro_cfg): +diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py +index 6db17485..5f1894e7 100644 +--- a/tests/unittests/config/test_cc_ca_certs.py ++++ b/tests/unittests/config/test_cc_ca_certs.py +@@ -365,6 +365,18 @@ class TestRemoveDefaultCaCerts(TestCase): + else: + assert mock_subp.call_count == 0 + ++ def test_non_existent_cert_cfg(self): ++ self.m_stat.return_value.st_size = 0 ++ ++ for distro_name in cc_ca_certs.distros: ++ conf = cc_ca_certs._distro_ca_certs_configs(distro_name) ++ with ExitStack() as mocks: ++ mocks.enter_context( ++ mock.patch.object(util, "delete_dir_contents") ++ ) ++ mocks.enter_context(mock.patch.object(subp, "subp")) ++ cc_ca_certs.disable_default_ca_certs(distro_name, conf) ++ + + class TestCACertsSchema: + """Directly test schema rather than through handle.""" diff --git a/0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch b/0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch new file mode 100644 index 0000000..9de8369 --- /dev/null +++ b/0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch @@ -0,0 +1,172 @@ +From 1cecfe4bc3d7e4806d1890615a119e478decd5fd Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Thu, 20 Jul 2023 23:56:01 +0530 +Subject: [PATCH] logging: keep current file mode of log file if its stricter + than the new mode (#4250) + +By default, the cloud init log file is created with mode 0o644 with +`preserve_mode` parameter of `write_file()` set to False. This means that when +an existing log file is found, its mode will be unconditionally reset to the +mode 0o644. It is possible that this might cause the change of the mode of the +log file from the current more stricter mode to a less strict mode +(when the new mode 0o644 is less strict than the existing mode of the file). + +In order to mitigate the above issue, check the current mode of the log file +and if the current mode is stricter than the default new mode 0o644, then +preserve the current mode of the file. + +Fixes GH-4243 + +Signed-off-by: Ani Sinha +(cherry picked from commit a0e4ec15a1adffabd1c539879514eae4807c834c) + + Conflicts: + tests/unittests/test_util.py +--- + cloudinit/stages.py | 15 ++++++++++++++- + cloudinit/util.py | 23 +++++++++++++++++++++++ + tests/unittests/test_stages.py | 23 ++++++++++++++++------- + tests/unittests/test_util.py | 24 ++++++++++++++++++++++++ + 4 files changed, 77 insertions(+), 8 deletions(-) + +diff --git a/cloudinit/stages.py b/cloudinit/stages.py +index 21f30a1f..979179af 100644 +--- a/cloudinit/stages.py ++++ b/cloudinit/stages.py +@@ -200,12 +200,25 @@ class Init: + self._initialize_filesystem() + + def _initialize_filesystem(self): ++ mode = 0o640 ++ fmode = None ++ + util.ensure_dirs(self._initial_subdirs()) + log_file = util.get_cfg_option_str(self.cfg, "def_log_file") + if log_file: + # At this point the log file should have already been created + # in the setupLogging function of log.py +- util.ensure_file(log_file, mode=0o640, preserve_mode=False) ++ ++ try: ++ fmode = util.get_permissions(log_file) ++ except OSError: ++ pass ++ ++ # if existing file mode fmode is stricter, do not change it. ++ if fmode and util.compare_permission(fmode, mode) < 0: ++ mode = fmode ++ ++ util.ensure_file(log_file, mode, preserve_mode=False) + perms = self.cfg.get("syslog_fix_perms") + if not perms: + perms = {} +diff --git a/cloudinit/util.py b/cloudinit/util.py +index 4a8e3d3b..af617e73 100644 +--- a/cloudinit/util.py ++++ b/cloudinit/util.py +@@ -2099,6 +2099,29 @@ def safe_int(possible_int): + return None + + ++def compare_permission(mode1, mode2): ++ """Compare two file modes in octal. ++ ++ If mode1 is less restrictive than mode2 return 1 ++ If mode1 is more restrictive than mode2 return -1 ++ If mode1 is same as mode2, return 0 ++ ++ The comparison starts from the permission of the ++ set of users in "others" and then works up to the ++ permission of "user" set. ++ """ ++ # Convert modes to octal and reverse the last 3 digits ++ # so 0o640 would be become 0o046 ++ mode1_oct = oct(mode1)[2:].rjust(3, "0") ++ mode2_oct = oct(mode2)[2:].rjust(3, "0") ++ m1 = int(mode1_oct[:-3] + mode1_oct[-3:][::-1], 8) ++ m2 = int(mode2_oct[:-3] + mode2_oct[-3:][::-1], 8) ++ ++ # Then do a traditional cmp() ++ # https://docs.python.org/3.0/whatsnew/3.0.html#ordering-comparisons ++ return (m1 > m2) - (m1 < m2) ++ ++ + def chmod(path, mode): + real_mode = safe_int(mode) + if path and real_mode: +diff --git a/tests/unittests/test_stages.py b/tests/unittests/test_stages.py +index a61f9df9..831ea9f2 100644 +--- a/tests/unittests/test_stages.py ++++ b/tests/unittests/test_stages.py +@@ -606,13 +606,22 @@ class TestInit_InitializeFilesystem: + # Assert we create it 0o640 by default if it doesn't already exist + assert 0o640 == stat.S_IMODE(log_file.stat().mode) + +- def test_existing_file_permissions(self, init, tmpdir): ++ @pytest.mark.parametrize( ++ "set_perms,expected_perms", ++ [ ++ (0o640, 0o640), ++ (0o606, 0o640), ++ (0o600, 0o600), ++ ], ++ ) ++ def test_existing_file_permissions( ++ self, init, tmpdir, set_perms, expected_perms ++ ): + """Test file permissions are set as expected. + +- CIS Hardening requires 640 permissions. These permissions are +- currently hardcoded on every boot, but if there's ever a reason +- to change this, we need to then ensure that they +- are *not* set every boot. ++ CIS Hardening requires 640 permissions. If the file has looser ++ permissions, then hard code 640. If the file has tighter ++ permissions, then leave them as they are + + See https://bugs.launchpad.net/cloud-init/+bug/1900837. + """ +@@ -620,9 +629,9 @@ class TestInit_InitializeFilesystem: + log_file.ensure() + # Use a mode that will never be made the default so this test will + # always be valid +- log_file.chmod(0o606) ++ log_file.chmod(set_perms) + init._cfg = {"def_log_file": str(log_file)} + + init._initialize_filesystem() + +- assert 0o640 == stat.S_IMODE(log_file.stat().mode) ++ assert expected_perms == stat.S_IMODE(log_file.stat().mode) +diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py +index 17182d06..289a4234 100644 +--- a/tests/unittests/test_util.py ++++ b/tests/unittests/test_util.py +@@ -3051,3 +3051,27 @@ class TestVersion: + ) + def test_from_str(self, str_ver, cls_ver): + assert util.Version.from_str(str_ver) == cls_ver ++ ++ ++class TestComparePermissions: ++ @pytest.mark.parametrize( ++ "perm1,perm2,expected", ++ [ ++ (0o777, 0o777, 0), ++ (0o000, 0o000, 0), ++ (0o421, 0o421, 0), ++ (0o1640, 0o1640, 0), ++ (0o1407, 0o1600, 1), ++ (0o1600, 0o1407, -1), ++ (0o407, 0o600, 1), ++ (0o600, 0o407, -1), ++ (0o007, 0o700, 1), ++ (0o700, 0o007, -1), ++ (0o077, 0o100, 1), ++ (0o644, 0o640, 1), ++ (0o640, 0o600, 1), ++ (0o600, 0o400, 1), ++ ], ++ ) ++ def test_compare_permissions(self, perm1, perm2, expected): ++ assert util.compare_permission(perm1, perm2) == expected diff --git a/0029-DS-VMware-modify-a-few-log-level-4284.patch b/0029-DS-VMware-modify-a-few-log-level-4284.patch new file mode 100644 index 0000000..f8d2e74 --- /dev/null +++ b/0029-DS-VMware-modify-a-few-log-level-4284.patch @@ -0,0 +1,62 @@ +From 25ac8bb44af554a040f0dfa9b52e9241a33a4845 Mon Sep 17 00:00:00 2001 +From: PengpengSun <40026211+PengpengSun@users.noreply.github.com> +Date: Tue, 25 Jul 2023 05:21:46 +0800 +Subject: [PATCH] DS VMware: modify a few log level (#4284) + +Multiple ip addresses are common scenario for modern Linux, so set +debug log level for such cases. + +(cherry picked from commit 4a6a9d3f6c8fe213c51f6c1336f1dd378bf4bdca) +Signed-off-by: Ani Sinha +--- + cloudinit/sources/DataSourceVMware.py | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/cloudinit/sources/DataSourceVMware.py b/cloudinit/sources/DataSourceVMware.py +index 07a80222..bc3b5a5f 100644 +--- a/cloudinit/sources/DataSourceVMware.py ++++ b/cloudinit/sources/DataSourceVMware.py +@@ -1,6 +1,6 @@ + # Cloud-Init DataSource for VMware + # +-# Copyright (c) 2018-2022 VMware, Inc. All Rights Reserved. ++# Copyright (c) 2018-2023 VMware, Inc. All Rights Reserved. + # + # Authors: Anish Swaminathan + # Andrew Kutz +@@ -719,7 +719,7 @@ def get_default_ip_addrs(): + af_inet4 = addr4_fams.get(netifaces.AF_INET) + if af_inet4: + if len(af_inet4) > 1: +- LOG.warning( ++ LOG.debug( + "device %s has more than one ipv4 address: %s", + dev4, + af_inet4, +@@ -737,7 +737,7 @@ def get_default_ip_addrs(): + af_inet6 = addr6_fams.get(netifaces.AF_INET6) + if af_inet6: + if len(af_inet6) > 1: +- LOG.warning( ++ LOG.debug( + "device %s has more than one ipv6 address: %s", + dev6, + af_inet6, +@@ -752,7 +752,7 @@ def get_default_ip_addrs(): + af_inet6 = addr4_fams.get(netifaces.AF_INET6) + if af_inet6: + if len(af_inet6) > 1: +- LOG.warning( ++ LOG.debug( + "device %s has more than one ipv6 address: %s", + dev4, + af_inet6, +@@ -767,7 +767,7 @@ def get_default_ip_addrs(): + af_inet4 = addr6_fams.get(netifaces.AF_INET) + if af_inet4: + if len(af_inet4) > 1: +- LOG.warning( ++ LOG.debug( + "device %s has more than one ipv4 address: %s", + dev6, + af_inet4, diff --git a/cloud-init.spec b/cloud-init.spec index 02f75ba..de18b37 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -1,6 +1,6 @@ Name: cloud-init Version: 23.1.1 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Cloud instance init scripts License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init @@ -29,6 +29,14 @@ Patch18: 0018-network-manager-Set-higher-autoconnect-priority-for-.patch Patch19: 0019-Set-default-renderer-as-sysconfig-for-c9s-RHEL-9.patch Patch20: 0020-Revert-Set-default-renderer-as-sysconfig-for-c9s-RHE.patch Patch21: 0021-Set-default-renderer-as-sysconfig-for-centos-rhel-41.patch +Patch22: 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch +Patch23: 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch +Patch24: 0024-Revert-limit-permissions-on-def_log_file.patch +Patch25: 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch +Patch26: 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch +Patch27: 0027-Handle-non-existent-ca-cert-config-situation-2073.patch +Patch28: 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch +Patch29: 0029-DS-VMware-modify-a-few-log-level-4284.patch BuildArch: noarch @@ -238,6 +246,17 @@ fi %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog +* Wed Jul 26 2023 Camilla Conte - 23.1.1-8 +- 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch [bz#2217865] +- 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch [bz#2217865] +- 0024-Revert-limit-permissions-on-def_log_file.patch [bz#2217865] +- 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch [bz#2217865] +- 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch [bz#2217865] +- 0027-Handle-non-existent-ca-cert-config-situation-2073.patch [bz#2217865] +- 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch [bz#2222498] +- 0029-DS-VMware-modify-a-few-log-level-4284.patch [bz#2225374] +- Resolves: bz#2217865 bz#2222498 bz#2225374 + * Mon Jun 19 2023 Miroslav Rezanina - 23.1.1-7 - 0020-Revert-Set-default-renderer-as-sysconfig-for-c9s-RHE.patch - 0021-Set-default-renderer-as-sysconfig-for-centos-rhel-41.patch [bz#2209349]