diff --git a/0031-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch b/0031-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch new file mode 100644 index 0000000..1b3e71b --- /dev/null +++ b/0031-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch @@ -0,0 +1,457 @@ +From f4f100c0dddf1f11b239374a8dc452739b8e6a81 Mon Sep 17 00:00:00 2001 +From: Andrew Lukoshko +Date: Thu, 28 Mar 2024 14:24:08 +0000 +Subject: [PATCH] Improvements for AlmaLinux OS and CloudLinux OS + +Add AlmaLinux OS and CloudLinux OS support to: + +Modules: +- cc_ca_certs +- cc_ntp +- cc_resolv_conf + +Datasources: +- Rbx Cloud Datasource + +Systemd services: +- cloud-final.service +- cloud-init-local.service +- cloud-init.service +--- + cloudinit/config/cc_ca_certs.py | 8 ++++ + cloudinit/config/cc_ntp.py | 11 ++--- + cloudinit/config/cc_resolv_conf.py | 2 + + cloudinit/settings.py | 2 +- + cloudinit/sources/DataSourceRbxCloud.py | 2 +- + systemd/cloud-final.service.tmpl | 2 +- + systemd/cloud-init-local.service.tmpl | 10 ++-- + systemd/cloud-init.service.tmpl | 2 +- + templates/chrony.conf.almalinux.tmpl | 51 ++++++++++++++++++++ + templates/chrony.conf.cloudlinux.tmpl | 51 ++++++++++++++++++++ + templates/ntp.conf.almalinux.tmpl | 64 +++++++++++++++++++++++++ + templates/ntp.conf.cloudlinux.tmpl | 64 +++++++++++++++++++++++++ + 12 files changed, 252 insertions(+), 17 deletions(-) + create mode 100644 templates/chrony.conf.almalinux.tmpl + create mode 100644 templates/chrony.conf.cloudlinux.tmpl + create mode 100644 templates/ntp.conf.almalinux.tmpl + create mode 100644 templates/ntp.conf.cloudlinux.tmpl + +diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py +index 8d3fd9a..4dd5843 100644 +--- a/cloudinit/config/cc_ca_certs.py ++++ b/cloudinit/config/cc_ca_certs.py +@@ -57,6 +57,12 @@ for distro in ( + ): + DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"] + ++for distro in ( ++ "almalinux", ++ "cloudlinux", ++): ++ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["rhel"] ++ + MODULE_DESCRIPTION = """\ + This module adds CA certificates to the system's CA store and updates any + related files using the appropriate OS-specific utility. The default CA +@@ -72,6 +78,8 @@ configuration option ``remove_defaults``. + order to provide the ``update-ca-certificates`` command. + """ + distros = [ ++ "almalinux", ++ "cloudlinux", + "alpine", + "debian", + "fedora", +diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py +index 9eef24f..1015d43 100644 +--- a/cloudinit/config/cc_ntp.py ++++ b/cloudinit/config/cc_ntp.py +@@ -109,14 +109,6 @@ DISTRO_CLIENT_CONFIG = { + "service_name": "ntpd", + }, + }, +- "centos": { +- "ntp": { +- "service_name": "ntpd", +- }, +- "chrony": { +- "service_name": "chronyd", +- }, +- }, + "cos": { + "chrony": { + "service_name": "chronyd", +@@ -224,6 +216,9 @@ DISTRO_CLIENT_CONFIG = { + for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"): + DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["opensuse"] + ++for distro in ("almalinux", "centos", "cloudlinux"): ++ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"] ++ + for distro in ("sle_hpc", "sle-micro"): + DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"] + +diff --git a/cloudinit/config/cc_resolv_conf.py b/cloudinit/config/cc_resolv_conf.py +index aa88919..4eb1d76 100644 +--- a/cloudinit/config/cc_resolv_conf.py ++++ b/cloudinit/config/cc_resolv_conf.py +@@ -57,7 +57,9 @@ meta: MetaSchema = { + "title": "Configure resolv.conf", + "description": MODULE_DESCRIPTION, + "distros": [ ++ "almalinux", + "alpine", ++ "cloudlinux", + "fedora", + "mariner", + "opensuse", +diff --git a/cloudinit/settings.py b/cloudinit/settings.py +index 5ced21b..51cb115 100644 +--- a/cloudinit/settings.py ++++ b/cloudinit/settings.py +@@ -61,7 +61,7 @@ CFG_BUILTIN = { + "cloud_dir": "/var/lib/cloud", + "templates_dir": "/etc/cloud/templates/", + }, +- "distro": "rhel", ++ "distro": "almalinux", + "network": {"renderers": None}, + }, + "vendor_data": {"enabled": True, "prefix": []}, +diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py +index 9214f1b..14880ec 100644 +--- a/cloudinit/sources/DataSourceRbxCloud.py ++++ b/cloudinit/sources/DataSourceRbxCloud.py +@@ -60,7 +60,7 @@ def _sub_arp(cmd): + + def gratuitous_arp(items, distro): + source_param = "-S" +- if distro.name in ["fedora", "centos", "rhel"]: ++ if distro.name in ["almalinux", "fedora", "centos", "cloudlinux", "rhel"]: + source_param = "-s" + for item in items: + try: +diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl +index bcf8b00..6d34761 100644 +--- a/systemd/cloud-final.service.tmpl ++++ b/systemd/cloud-final.service.tmpl +@@ -18,7 +18,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final + RemainAfterExit=yes + TimeoutSec=0 + KillMode=process +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + # Restart NetworkManager if it is present and running. + ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \ + out=$(systemctl show --property=SubState $u) || exit; \ +diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl +index 3a1ca7f..853ae2c 100644 +--- a/systemd/cloud-init-local.service.tmpl ++++ b/systemd/cloud-init-local.service.tmpl +@@ -1,23 +1,23 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (pre-networking) +-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %} ++{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel" ] %} + DefaultDependencies=no + {% endif %} + Wants=network-pre.target + After=hv_kvp_daemon.service + After=systemd-remount-fs.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Requires=dbus.socket + After=dbus.socket + {% endif %} + Before=NetworkManager.service +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Before=network.service + {% endif %} + Before=network-pre.target + Before=shutdown.target +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + Before=firewalld.target + Conflicts=shutdown.target + {% endif %} +@@ -32,7 +32,7 @@ ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled + + [Service] + Type=oneshot +-{% if variant == "rhel" %} ++{% if variant in ["almalinux", "cloudlinux", "rhel"] %} + ExecStartPre=/bin/mkdir -p /run/cloud-init + ExecStartPre=/sbin/restorecon /run/cloud-init + ExecStartPre=/usr/bin/touch /run/cloud-init/enabled +diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl +index bf91164..1ae88f7 100644 +--- a/systemd/cloud-init.service.tmpl ++++ b/systemd/cloud-init.service.tmpl +@@ -1,7 +1,7 @@ + ## template:jinja + [Unit] + Description=Initial cloud-init job (metadata service crawler) +-{% if variant not in ["photon", "rhel"] %} ++{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %} + DefaultDependencies=no + {% endif %} + Wants=cloud-init-local.service +diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl +new file mode 100644 +index 0000000..43b1f5d +--- /dev/null ++++ b/templates/chrony.conf.almalinux.tmpl +@@ -0,0 +1,51 @@ ++## template:jinja ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++{% for peer in peers -%} ++peer {{peer}} ++{% endfor %} ++{% for a in allow -%} ++allow {{a}} ++{% endfor %} ++ ++# Record the rate at which the system clock gains/losses time. ++driftfile /var/lib/chrony/drift ++ ++# Allow the system clock to be stepped in the first three updates ++# if its offset is larger than 1 second. ++makestep 1.0 3 ++ ++# Enable kernel synchronization of the real-time clock (RTC). ++rtcsync ++ ++# Enable hardware timestamping on all interfaces that support it. ++#hwtimestamp * ++ ++# Increase the minimum number of selectable sources required to adjust ++# the system clock. ++#minsources 2 ++ ++# Allow NTP client access from local network. ++#allow 192.168.0.0/16 ++ ++# Serve time even if not synchronized to a time source. ++#local stratum 10 ++ ++# Specify file containing keys for NTP authentication. ++#keyfile /etc/chrony.keys ++ ++# Specify directory for log files. ++logdir /var/log/chrony ++ ++# Select which information is logged. ++#log measurements statistics tracking +diff --git a/templates/chrony.conf.cloudlinux.tmpl b/templates/chrony.conf.cloudlinux.tmpl +new file mode 100644 +index 0000000..43b1f5d +--- /dev/null ++++ b/templates/chrony.conf.cloudlinux.tmpl +@@ -0,0 +1,51 @@ ++## template:jinja ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++{% for peer in peers -%} ++peer {{peer}} ++{% endfor %} ++{% for a in allow -%} ++allow {{a}} ++{% endfor %} ++ ++# Record the rate at which the system clock gains/losses time. ++driftfile /var/lib/chrony/drift ++ ++# Allow the system clock to be stepped in the first three updates ++# if its offset is larger than 1 second. ++makestep 1.0 3 ++ ++# Enable kernel synchronization of the real-time clock (RTC). ++rtcsync ++ ++# Enable hardware timestamping on all interfaces that support it. ++#hwtimestamp * ++ ++# Increase the minimum number of selectable sources required to adjust ++# the system clock. ++#minsources 2 ++ ++# Allow NTP client access from local network. ++#allow 192.168.0.0/16 ++ ++# Serve time even if not synchronized to a time source. ++#local stratum 10 ++ ++# Specify file containing keys for NTP authentication. ++#keyfile /etc/chrony.keys ++ ++# Specify directory for log files. ++logdir /var/log/chrony ++ ++# Select which information is logged. ++#log measurements statistics tracking +diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl +new file mode 100644 +index 0000000..9884df5 +--- /dev/null ++++ b/templates/ntp.conf.almalinux.tmpl +@@ -0,0 +1,64 @@ ++## template:jinja ++ ++# For more information about this file, see the man pages ++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). ++ ++driftfile /var/lib/ntp/drift ++ ++# Permit time synchronization with our time source, but do not ++# permit the source to query or modify the service on this system. ++restrict default kod nomodify notrap nopeer noquery ++restrict -6 default kod nomodify notrap nopeer noquery ++ ++# Permit all access over the loopback interface. This could ++# be tightened as well, but to do so would effect some of ++# the administrative functions. ++restrict 127.0.0.1 ++restrict -6 ::1 ++ ++# Hosts on local network are less restricted. ++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap ++ ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++{% for peer in peers -%} ++peer {{peer}} ++{% endfor %} ++ ++#broadcast 192.168.1.255 autokey # broadcast server ++#broadcastclient # broadcast client ++#broadcast 224.0.1.1 autokey # multicast server ++#multicastclient 224.0.1.1 # multicast client ++#manycastserver 239.255.254.254 # manycast server ++#manycastclient 239.255.254.254 autokey # manycast client ++ ++# Enable public key cryptography. ++#crypto ++ ++includefile /etc/ntp/crypto/pw ++ ++# Key file containing the keys and key identifiers used when operating ++# with symmetric key cryptography. ++keys /etc/ntp/keys ++ ++# Specify the key identifiers which are trusted. ++#trustedkey 4 8 42 ++ ++# Specify the key identifier to use with the ntpdc utility. ++#requestkey 8 ++ ++# Specify the key identifier to use with the ntpq utility. ++#controlkey 8 ++ ++# Enable writing of statistics records. ++#statistics clockstats cryptostats loopstats peerstats +diff --git a/templates/ntp.conf.cloudlinux.tmpl b/templates/ntp.conf.cloudlinux.tmpl +new file mode 100644 +index 0000000..9884df5 +--- /dev/null ++++ b/templates/ntp.conf.cloudlinux.tmpl +@@ -0,0 +1,64 @@ ++## template:jinja ++ ++# For more information about this file, see the man pages ++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). ++ ++driftfile /var/lib/ntp/drift ++ ++# Permit time synchronization with our time source, but do not ++# permit the source to query or modify the service on this system. ++restrict default kod nomodify notrap nopeer noquery ++restrict -6 default kod nomodify notrap nopeer noquery ++ ++# Permit all access over the loopback interface. This could ++# be tightened as well, but to do so would effect some of ++# the administrative functions. ++restrict 127.0.0.1 ++restrict -6 ::1 ++ ++# Hosts on local network are less restricted. ++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap ++ ++# Use public servers from the pool.ntp.org project. ++# Please consider joining the pool (http://www.pool.ntp.org/join.html). ++{% if pools %}# pools ++{% endif %} ++{% for pool in pools -%} ++pool {{pool}} iburst ++{% endfor %} ++{%- if servers %}# servers ++{% endif %} ++{% for server in servers -%} ++server {{server}} iburst ++{% endfor %} ++{% for peer in peers -%} ++peer {{peer}} ++{% endfor %} ++ ++#broadcast 192.168.1.255 autokey # broadcast server ++#broadcastclient # broadcast client ++#broadcast 224.0.1.1 autokey # multicast server ++#multicastclient 224.0.1.1 # multicast client ++#manycastserver 239.255.254.254 # manycast server ++#manycastclient 239.255.254.254 autokey # manycast client ++ ++# Enable public key cryptography. ++#crypto ++ ++includefile /etc/ntp/crypto/pw ++ ++# Key file containing the keys and key identifiers used when operating ++# with symmetric key cryptography. ++keys /etc/ntp/keys ++ ++# Specify the key identifiers which are trusted. ++#trustedkey 4 8 42 ++ ++# Specify the key identifier to use with the ntpdc utility. ++#requestkey 8 ++ ++# Specify the key identifier to use with the ntpq utility. ++#controlkey 8 ++ ++# Enable writing of statistics records. ++#statistics clockstats cryptostats loopstats peerstats +-- +2.27.0 + diff --git a/cloud-init.spec b/cloud-init.spec index 341432f..cf85b4e 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -6,7 +6,7 @@ Name: cloud-init Version: 24.1.4 -Release: 17%{?dist} +Release: 17%{?dist}.alma.1 Summary: Cloud instance init scripts License: Apache-2.0 OR GPL-3.0-only URL: https://github.com/canonical/cloud-init @@ -58,6 +58,9 @@ Patch24: ci-Revert-fix-vmware-Set-IPv6-to-dhcp-when-there-is-no-.patch # For RHEL-54688 - [RHEL 10.0] cloud-init schema validation fails. Patch25: ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch +# AlmaLinux patches +Patch1000: 0031-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch + BuildArch: noarch BuildRequires: systemd-rpm-macros @@ -267,6 +270,9 @@ fi %changelog +* Wed Sep 25 2024 Eduard Abdullin - 24.1.4-17.alma.1 +- 0031-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch + * Mon Aug 26 2024 Miroslav Rezanina - 24.1.4-17 - ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch [RHEL-54688] - Resolves: RHEL-54688