From fc3275b8859dc20ffa3d8324476ad02021103bcf Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 22 Jul 2025 10:16:41 +0000 Subject: [PATCH 1/2] import OL cloud-init-24.4-4.0.1.el9_6.3 --- ...n-exit-code-in-cloud-init-status-for.patch | 68 +++++ ...to-stop-retrying-to-get-ec2-metadata.patch | 50 +++ ...add-a-new-unit-test-for-network-mana.patch | 136 +++++++++ ...t-to-identify-non-x86-OpenStack-inst.patch | 176 +++++++++++ ...le-in-ds-identify-on-no-datasources-.patch | 89 ++++++ SOURCES/ignore-enslaved-interface.patch | 44 +++ ...racle-Linux-variant-to-known-distros.patch | 26 ++ ...30435672-003-cloud-init-collect-logs.patch | 77 +++++ .../orabug30435672-004-ol-cloud-config.patch | 112 +++++++ .../orabug30435672-006-cc_spacewalk.py.patch | 55 ++++ ...ug32183938-009-missing-sshd-services.patch | 31 ++ ...issing-sshd-services-in-rhel-systemd.patch | 22 ++ ...stro-detection-logic-in-cloud.cfg.tm.patch | 287 ++++++++++++++++++ ...SourceOracle-network-getdata-updates.patch | 115 +++++++ SPECS/cloud-init.spec | 163 ++++++---- 15 files changed, 1393 insertions(+), 58 deletions(-) create mode 100644 SOURCES/0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch create mode 100644 SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch create mode 100644 SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch create mode 100644 SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch create mode 100644 SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch create mode 100644 SOURCES/ignore-enslaved-interface.patch create mode 100644 SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch create mode 100644 SOURCES/orabug30435672-003-cloud-init-collect-logs.patch create mode 100644 SOURCES/orabug30435672-004-ol-cloud-config.patch create mode 100644 SOURCES/orabug30435672-006-cc_spacewalk.py.patch create mode 100644 SOURCES/orabug32183938-009-missing-sshd-services.patch create mode 100644 SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch create mode 100644 SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch create mode 100644 SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch diff --git a/SOURCES/0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch b/SOURCES/0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch new file mode 100644 index 0000000..264715a --- /dev/null +++ b/SOURCES/0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch @@ -0,0 +1,68 @@ +From d211a3a03b548a759c4a64e63044b2ea034f2999 Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Tue, 12 Mar 2024 12:52:10 +0530 +Subject: [PATCH] downstream: Retain exit code in cloud-init status for + recoverable errors + +RH-Author: Ani Sinha +RH-MergeRequest: 71: Retain exit code in cloud-init status for recoverable errors +RH-Jira: RHEL-28549 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Cathy Avery +RH-Commit: [1/1] 00934ade88c481c012bc1947fa44e5ed59f82858 (anisinha/cloud-init) + +Version 23.4 of cloud-init changed the status code reported by cloud-init for +recoverable errors from 0 to 2. Please see the commit +70acb7f2a30d58 ("Add support for cloud-init "degraded" state (#4500)") + +This change has the potential to break customers who are expecting a 0 status +and where warnings can be expected. Hence, revert the status code from 2 to 0 +even in case of recoverable errors. This retains the old behavior and hence +avoids breaking scripts and software stack that expects 0 on the end user side. + +Cannonical has made a similar change downstream for similar reasons. Please see +https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/2048522 +and the corresponding downstream patch: +https://github.com/canonical/cloud-init/pull/4747/commits/adce34bfd214e4eecdf87329486f30f0898dd303 + +This patch has limited risk as it narrowly only restores the old status +code for recoverable errors and does not modify anything else. + +X-downstream-only: true +Signed-off-by: Ani Sinha + +Patch-name: ci-Retain-exit-code-in-cloud-init-status-for-recoverabl.patch +Patch-id: 12 +Patch-present-in-specfile: True +(cherry picked from commit 424eb97cff0bd97967c82214308693481f17a50a) +--- + cloudinit/cmd/status.py | 2 +- + tests/unittests/cmd/test_status.py | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/cloudinit/cmd/status.py b/cloudinit/cmd/status.py +index 98084a492..0dfb9b2f7 100644 +--- a/cloudinit/cmd/status.py ++++ b/cloudinit/cmd/status.py +@@ -251,7 +251,7 @@ def handle_status_args(name, args) -> int: + return 1 + # Recoverable error + elif details.condition_status == ConditionStatus.DEGRADED: +- return 2 ++ return 0 + return 0 + + +diff --git a/tests/unittests/cmd/test_status.py b/tests/unittests/cmd/test_status.py +index 022e4034c..da41fa98f 100644 +--- a/tests/unittests/cmd/test_status.py ++++ b/tests/unittests/cmd/test_status.py +@@ -664,7 +664,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin + }, + None, + MyArgs(long=False, wait=False, format="json"), +- 2, ++ 0, + { + "boot_status_code": "enabled-by-kernel-command-line", + "datasource": "nocloud", diff --git a/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch b/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch new file mode 100644 index 0000000..d691b94 --- /dev/null +++ b/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch @@ -0,0 +1,50 @@ +Enable ec2_utils to stop retrying to get ec2 metadata + +Signed-off-by: David Sloboda +Reviewed-by: Laurence Rochfort + +diff -ruN a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py +--- a/cloudinit/sources/helpers/openstack.py 2018-04-02 12:51:20.053828637 -0700 ++++ b/cloudinit/sources/helpers/openstack.py 2018-04-02 12:33:20.000000000 -0700 +@@ -464,6 +464,16 @@ + + return results + ++def should_retry_cb(_request_args, cause): ++ try: ++ code = int(cause.code) ++ if code >= 400: ++ return False ++ except (TypeError, ValueError): ++ # Older versions of requests didn't have a code. ++ pass ++ return True ++ + + class MetadataReader(BaseReader): + def __init__(self, base_url, ssl_details=None, timeout=5, retries=5): +@@ -489,16 +499,6 @@ + return self._versions + + def _path_read(self, path, decode=False): +- def should_retry_cb(_request_args, cause): +- try: +- code = int(cause.code) +- if code >= 400: +- return False +- except (TypeError, ValueError): +- # Older versions of requests didn't have a code. +- pass +- return True +- + response = url_helper.readurl( + path, + retries=self.retries, +@@ -519,6 +519,7 @@ + ssl_details=self.ssl_details, + timeout=self.timeout, + retries=self.retries, ++ exception_cb=should_retry_cb, + ) + + diff --git a/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch b/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch new file mode 100644 index 0000000..2248cbf --- /dev/null +++ b/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch @@ -0,0 +1,136 @@ +From 37a6837813e418486af8cbef436ab82a8be3e3fa Mon Sep 17 00:00:00 2001 +From: Darren Archibald +Date: Fri, 23 Feb 2024 06:06:30 -0800 +Subject: [PATCH] tests/unittests: add a new unit test for network manager net + activator (#4672) + +Some changes in behavior in network manager net activator was brought in with +the commit +d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent") + +This change adds some unit tests that exercizes network manager activator's +bring_up_interface() method that tests failure scenarios as well as cases +where an ifcfg file is used to bring the interface up. + +Signed-off-by: Ani Sinha +(cherry picked from commit bb474df78bfe45ea5f05907eb710e8d5de764fc8) +Signed-off-by: Darren Archibald +--- + tests/unittests/test_net_activators.py | 101 +++++++++++++++++++++++++ + 1 file changed, 101 insertions(+) + +diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py +index 2a363ec..f95c8a7 100644 +--- a/tests/unittests/test_net_activators.py ++++ b/tests/unittests/test_net_activators.py +@@ -288,6 +288,107 @@ class TestActivatorsBringUp: + for call in m_subp.call_args_list: + assert call in expected_call_list + ++class TestNetworkManagerActivatorBringUp: ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=True, ++ ) ++ @patch("os.path.isfile") ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_nm_conn( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ There is no network manager connection file but ifcfg-rh plugin is ++ present and ifcfg interface config files are also present. In this ++ case, we should use ifcfg files. ++ """ ++ ++ def fake_isfile_no_nmconn(filename): ++ return False if filename.endswith(".nmconnection") else True ++ ++ m_isfile.side_effect = fake_isfile_no_nmconn ++ ++ expected_call_list = [ ++ ( ++ ( ++ [ ++ "nmcli", ++ "connection", ++ "load", ++ "".join( ++ [ ++ "/etc/sysconfig/network-scripts/ifcfg-eth0", ++ ] ++ ), ++ ], ++ ), ++ {}, ++ ), ++ ( ++ ( ++ [ ++ "nmcli", ++ "connection", ++ "up", ++ "filename", ++ "".join( ++ [ ++ "/etc/sysconfig/network-scripts/ifcfg-eth0", ++ ] ++ ), ++ ], ++ ), ++ {}, ++ ), ++ ] ++ ++ index = 0 ++ assert NetworkManagerActivator.bring_up_interface("eth0") ++ for call in m_subp.call_args_list: ++ assert call == expected_call_list[index] ++ index += 1 ++ ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=False, ++ ) ++ @patch("os.path.isfile") ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_plugin_no_nm_conn( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ The ifcfg-rh plugin is absent and nmconnection file is also ++ not present. In this case, we can't use ifcfg file and the ++ interface bring up should fail. ++ """ ++ ++ def fake_isfile_no_nmconn(filename): ++ return False if filename.endswith(".nmconnection") else True ++ ++ m_isfile.side_effect = fake_isfile_no_nmconn ++ assert not NetworkManagerActivator.bring_up_interface("eth0") ++ ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=True, ++ ) ++ @patch("os.path.isfile", return_value=False) ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_conn_file( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ Neither network manager connection files are present nor ++ ifcfg files are present. Even if ifcfg-rh plugin is present, ++ we can not bring up the interface. So bring_up_interface() ++ should fail. ++ """ ++ assert not NetworkManagerActivator.bring_up_interface("eth0") + + IF_UP_DOWN_BRING_DOWN_CALL_LIST: list = [ + ((["ifdown", "eth0"],), {}), +-- +2.31.1 + diff --git a/SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch b/SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch new file mode 100644 index 0000000..3d21d20 --- /dev/null +++ b/SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch @@ -0,0 +1,176 @@ +From b4d74e6043fa991a52e2cb98178a17914afe75b9 Mon Sep 17 00:00:00 2001 +From: Brett Holman +Date: Thu, 22 Aug 2024 16:54:53 -0600 +Subject: [PATCH 1/2] fix: Don't attempt to identify non-x86 OpenStack + instances + +RH-Author: Ani Sinha +RH-MergeRequest: 161: CVE-2024-6174: fix: Don't attempt to identify non-x86 OpenStack instances +RH-Jira: RHEL-100611 +RH-Acked-by: xiachen +RH-Commit: [1/2] 9a7d7ee54fc4361e3c2b92e399ea2a6e45290300 + +This causes cloud-init to attempt to reach out to the OpenStack Nova +datasource in non-Nova deployments on non-x86 architectures. + +Change default policy of ds-identify to disallow discovery of datasources +without strict identifiable artifacts in either kernel cmdline, DMI +platform information or system configuration files. This prevents +cloud-init from attempting to reach out to well-known hard-codded link-local +IP addresses for configuration information unless the platform strictly +identifies as a specific datasource. + +CVE-2024-6174 +LP: #2069607 +BREAKING_CHANGE: This may break non-x86 OpenStack Nova users. Affected users + may wish to use ConfigDrive as a workaround. + +(cherry picked from commit 8c3ae1bb9f1d80fbf217b41a222ee434e7f58900) +Signed-off-by: Ani Sinha +--- + doc/rtd/reference/breaking_changes.rst | 49 ++++++++++++++++++++++++++ + tests/unittests/test_ds_identify.py | 13 ++++--- + tools/ds-identify | 8 ++--- + 3 files changed, 59 insertions(+), 11 deletions(-) + +diff --git a/doc/rtd/reference/breaking_changes.rst b/doc/rtd/reference/breaking_changes.rst +index ce54e1c95..cd425a304 100644 +--- a/doc/rtd/reference/breaking_changes.rst ++++ b/doc/rtd/reference/breaking_changes.rst +@@ -11,6 +11,54 @@ releases. + many operating system vendors patch out breaking changes in + cloud-init to ensure consistent behavior on their platform. + ++25.1.3 ++====== ++ ++Strict datasource identity before network ++----------------------------------------- ++Affects detection of Ec2, OpenStack or AltCloud datasources for non-x86 ++architectures where DMI may not be accessible. ++ ++Datasource detection provided by ds-identify in cloud-init now requires strict ++identification based on DMI platform information, kernel command line or ++`datasource_list:` system configuration in /etc/cloud/cloud.cfg.d. ++ ++Prior to this change, ds-identify would allow non-x86 architectures without ++strict identifying platform information to run in a discovery mode which would ++attempt to reach out to well known static link-local IPs to attempt to ++retrieve configuration once system networking is up. ++ ++To mitigate the potential of a bad-actor in a local network responding ++to such provisioning requests from cloud-init clients, ds-identify will no ++longer allow this late discovery mode for platforms unable to expose clear ++identifying characteristics of a known cloud-init datasource. ++ ++The most likely affected cloud platforms are AltCloud, Ec2 and OpenStack for ++non-x86 architectures where DMI data is not exposed by the kernel. ++ ++If your non-x86 architecture or images no longer detect the proper datasource, ++any of the following steps can ensure proper detection of cloud-init config: ++ ++- Provide kernel commandline containing ``ds=`` ++ which forces ds-identify to discover a specific datasource. ++- Image creators: provide a config file part such as ++ :file:`/etc/cloud/cloud.cfg.d/*.cfg` containing the ++ case-sensitive ``datasource_list: [ ]`` to force cloud-init ++ to use a specific datasource without performing discovery. ++ ++For example, to force OpenStack discovery in cloud-init any of the following ++approaches work: ++ ++- OpenStack: `attach a ConfigDrive`_ as an alternative config source ++- Kernel command line containing ``ds=openstack`` ++- Custom images provide :file:`/etc/cloud/cloud.cfg.d/91-set-datasource.cfg` ++ containing: ++ ++.. code-block:: yaml ++ ++ datasource_list: [ OpenStack ] ++ ++ + 24.3 + ==== + +@@ -148,5 +196,6 @@ Workarounds include updating the kernel command line and optionally configuring + a ``datasource_list`` in ``/etc/cloud/cloud.cfg.d/*.cfg``. + + ++.. _attach a ConfigDrive: https://docs.openstack.org/nova/2024.1/admin/config-drive.html + .. _this patch: https://github.com/canonical/cloud-init/blob/ubuntu/noble/debian/patches/no-single-process.patch + .. _Python3 equivalent: https://github.com/canonical/cloud-init/pull/5489#issuecomment-2408210561 +diff --git a/tests/unittests/test_ds_identify.py b/tests/unittests/test_ds_identify.py +index 5d47e552b..9b3828ce6 100644 +--- a/tests/unittests/test_ds_identify.py ++++ b/tests/unittests/test_ds_identify.py +@@ -208,9 +208,9 @@ system_info: + """ + + POLICY_FOUND_ONLY = "search,found=all,maybe=none,notfound=disabled" +-POLICY_FOUND_OR_MAYBE = "search,found=all,maybe=all,notfound=disabled" +-DI_DEFAULT_POLICY = "search,found=all,maybe=all,notfound=disabled" +-DI_DEFAULT_POLICY_NO_DMI = "search,found=all,maybe=all,notfound=enabled" ++POLICY_FOUND_OR_MAYBE = "search,found=all,maybe=none,notfound=disabled" ++DI_DEFAULT_POLICY = "search,found=all,maybe=none,notfound=disabled" ++DI_DEFAULT_POLICY_NO_DMI = "search,found=all,maybe=none,notfound=enabled" + DI_EC2_STRICT_ID_DEFAULT = "true" + OVF_MATCH_STRING = "http://schemas.dmtf.org/ovf/environment/1" + +@@ -937,7 +937,7 @@ class TestDsIdentify(DsIdentifyBase): + self._test_ds_found("OpenStack-AssetTag-Compute") + + def test_openstack_on_non_intel_is_maybe(self): +- """On non-Intel, openstack without dmi info is maybe. ++ """On non-Intel, openstack without dmi info is none. + + nova does not identify itself on platforms other than intel. + https://bugs.launchpad.net/cloud-init/+bugs?field.tag=dsid-nova""" +@@ -957,10 +957,9 @@ class TestDsIdentify(DsIdentifyBase): + + # updating the uname to ppc64 though should get a maybe. + data.update({"mocks": [MOCK_VIRT_IS_KVM, MOCK_UNAME_IS_PPC64]}) +- (_, _, err, _, _) = self._check_via_dict( +- data, RC_FOUND, dslist=["OpenStack", "None"] +- ) ++ (_, _, err, _, _) = self._check_via_dict(data, RC_NOT_FOUND) + self.assertIn("check for 'OpenStack' returned maybe", err) ++ self.assertIn("No ds found", err) + + def test_default_ovf_is_found(self): + """OVF is identified found when ovf/ovf-env.xml seed file exists.""" +diff --git a/tools/ds-identify b/tools/ds-identify +index e00b05e80..5644b1e39 100755 +--- a/tools/ds-identify ++++ b/tools/ds-identify +@@ -14,7 +14,7 @@ + # The format is: + # ,found=value,maybe=value,notfound=value + # default setting is: +-# search,found=all,maybe=all,notfound=disabled ++# search,found=all,maybe=none,notfound=disabled + # + # kernel command line option: ci.di.policy= + # example line in /etc/cloud/ds-identify.cfg: +@@ -40,7 +40,7 @@ + # first: use the first found do no further checking + # all: enable all DS_FOUND + # +-# maybe: (default=all) ++# maybe: (default=none) + # if nothing returned 'found', then how to handle maybe. + # no network sources are allowed to return 'maybe'. + # all: enable all DS_MAYBE +@@ -100,8 +100,8 @@ DI_MAIN=${DI_MAIN:-main} + + DI_BLKID_EXPORT_OUT="" + DI_GEOM_LABEL_STATUS_OUT="" +-DI_DEFAULT_POLICY="search,found=all,maybe=all,notfound=${DI_DISABLED}" +-DI_DEFAULT_POLICY_NO_DMI="search,found=all,maybe=all,notfound=${DI_ENABLED}" ++DI_DEFAULT_POLICY="search,found=all,maybe=none,notfound=${DI_DISABLED}" ++DI_DEFAULT_POLICY_NO_DMI="search,found=all,maybe=none,notfound=${DI_ENABLED}" + DI_DMI_BOARD_NAME="" + DI_DMI_CHASSIS_ASSET_TAG="" + DI_DMI_PRODUCT_NAME="" +-- +2.39.3 + diff --git a/SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch b/SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch new file mode 100644 index 0000000..2652a66 --- /dev/null +++ b/SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch @@ -0,0 +1,89 @@ +From e408a36f43f476a0804f4855da2d7b58b405d87f Mon Sep 17 00:00:00 2001 +From: Chad Smith +Date: Tue, 24 Jun 2025 09:12:52 -0600 +Subject: [PATCH 2/2] fix: strict disable in ds-identify on no datasources + found + +RH-Author: Ani Sinha +RH-MergeRequest: 161: CVE-2024-6174: fix: Don't attempt to identify non-x86 OpenStack instances +RH-Jira: RHEL-100611 +RH-Acked-by: xiachen +RH-Commit: [2/2] 4a12b4c640fe84916cc52484c232898506ab9d19 + +Take the CVE-2024-6174 strict detection fix one step further. + +Commit 8c3ae1b took a step to ignore DS_MAYBE datasource discovery. +But, if no datasources are met the DS_FOUND conditions, ds-identify was +still leaving cloud-init enabled. This resulted in cloud-init python +code attempting to discover all datasources later in boot based on +the default datasource_list. + +ds-identify will now assert that at least one datasource is found. If +no datasources, ds-identify will exit 1 which disables cloud-init boot +stages and results in no boot configuration operations from cloud-init. + +OpenStack images which cannot identify a valid datasource with DMI-data +or kernel command line ci.ds=OpenStack parameter will need to either: +- provide image-based configuration in either /etc/cloud/cloud.cfg.* to set + datasource_list: [ OpenStack ] +- provide --config-drive true to openstack server create +- attach a nocloud disk labelled CIDATA containing user-data and + meta-data files + +CVE-2024-6174 +LP: #2069607 + +(cherry picked from commit e3f42adc2674a38fb29e414cfbf96f884934b2d2) +Signed-off-by: Ani Sinha +--- + tests/unittests/test_ds_identify.py | 6 ++++-- + tools/ds-identify | 2 +- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/tests/unittests/test_ds_identify.py b/tests/unittests/test_ds_identify.py +index 9b3828ce6..2d6306c2f 100644 +--- a/tests/unittests/test_ds_identify.py ++++ b/tests/unittests/test_ds_identify.py +@@ -210,7 +210,7 @@ system_info: + POLICY_FOUND_ONLY = "search,found=all,maybe=none,notfound=disabled" + POLICY_FOUND_OR_MAYBE = "search,found=all,maybe=none,notfound=disabled" + DI_DEFAULT_POLICY = "search,found=all,maybe=none,notfound=disabled" +-DI_DEFAULT_POLICY_NO_DMI = "search,found=all,maybe=none,notfound=enabled" ++DI_DEFAULT_POLICY_NO_DMI = "search,found=all,maybe=none,notfound=disabled" + DI_EC2_STRICT_ID_DEFAULT = "true" + OVF_MATCH_STRING = "http://schemas.dmtf.org/ovf/environment/1" + +@@ -947,7 +947,7 @@ class TestDsIdentify(DsIdentifyBase): + data.update( + { + "policy_dmi": POLICY_FOUND_OR_MAYBE, +- "policy_no_dmi": POLICY_FOUND_OR_MAYBE, ++ "policy_no_dmi": DI_DEFAULT_POLICY_NO_DMI, + } + ) + +@@ -960,6 +960,8 @@ class TestDsIdentify(DsIdentifyBase): + (_, _, err, _, _) = self._check_via_dict(data, RC_NOT_FOUND) + self.assertIn("check for 'OpenStack' returned maybe", err) + self.assertIn("No ds found", err) ++ self.assertIn("Disabled cloud-init", err) ++ self.assertIn("returning 1", err) + + def test_default_ovf_is_found(self): + """OVF is identified found when ovf/ovf-env.xml seed file exists.""" +diff --git a/tools/ds-identify b/tools/ds-identify +index 5644b1e39..9bd9c9bbb 100755 +--- a/tools/ds-identify ++++ b/tools/ds-identify +@@ -101,7 +101,7 @@ DI_MAIN=${DI_MAIN:-main} + DI_BLKID_EXPORT_OUT="" + DI_GEOM_LABEL_STATUS_OUT="" + DI_DEFAULT_POLICY="search,found=all,maybe=none,notfound=${DI_DISABLED}" +-DI_DEFAULT_POLICY_NO_DMI="search,found=all,maybe=none,notfound=${DI_ENABLED}" ++DI_DEFAULT_POLICY_NO_DMI="search,found=all,maybe=none,notfound=${DI_DISABLED}" + DI_DMI_BOARD_NAME="" + DI_DMI_CHASSIS_ASSET_TAG="" + DI_DMI_PRODUCT_NAME="" +-- +2.39.3 + diff --git a/SOURCES/ignore-enslaved-interface.patch b/SOURCES/ignore-enslaved-interface.patch new file mode 100644 index 0000000..cfefbe4 --- /dev/null +++ b/SOURCES/ignore-enslaved-interface.patch @@ -0,0 +1,44 @@ +From e7aba0f0ccd6f023667f41385f25044a94428ed3 Mon Sep 17 00:00:00 2001 +From: Darren Archibald +Date: Fri, 23 Feb 2024 05:56:06 -0800 +Subject: [PATCH] ignore enslaved interface + + Changes to ignore all enslaved interfaces. + https://jira.oci.oraclecorp.com/browse/LINUX-1947 + + Orabug: 30092148 + + Signed-off-by: Si-Wei Liu + Signed-off-by: Darren Archibald +--- + cloudinit/net/__init__.py | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/cloudinit/net/__init__.py b/cloudinit/net/__init__.py +index c0888f5..b093796 100644 +--- a/cloudinit/net/__init__.py ++++ b/cloudinit/net/__init__.py +@@ -335,6 +335,10 @@ def is_netfail_standby(devname, driver=None): + return True + + ++def is_slave(devname): ++ return os.path.exists(sys_dev_path(devname, "master")) ++ ++ + def is_renamed(devname): + """ + /* interface name assignment types (sysfs name_assign_type attribute) */ +@@ -1054,6 +1058,9 @@ def get_interfaces( + if is_bridge(name): + filtered_logger("Ignoring bridge interface: %s", name) + continue ++ if is_slave(name): ++ filtered_logger("Ignoring bridge interface: %s", name) ++ continue + if filter_vlan and is_vlan(name): + continue + if is_bond(name): +-- +2.31.1 + diff --git a/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch b/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch new file mode 100644 index 0000000..c8b89d8 --- /dev/null +++ b/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch @@ -0,0 +1,26 @@ +From 8735577c8a683407e94abed0cfccc3aacbb9aa47 Mon Sep 17 00:00:00 2001 +From: Si-Wei Liu +Date: Wed, 10 Jun 2020 20:59:29 -0400 +Subject: [PATCH] sysconfig: add Oracle Linux variant to known distros + +otherwise anything sysconfig breaks on Oracle Linux. + +JIRA: https://jira.oci.oraclecorp.com/browse/LINUX-6128 + +Signed-off-by: Si-Wei Liu +--- + cloudinit/net/sysconfig.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py +index e94590f..55b7db5 100644 +--- a/cloudinit/net/sysconfig.py ++++ b/cloudinit/net/sysconfig.py +@@ -35,6 +35,7 @@ + "suse", + "TencentOS", + "virtuozzo", ++ "ol", + ] + + diff --git a/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch b/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch new file mode 100644 index 0000000..992c033 --- /dev/null +++ b/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch @@ -0,0 +1,77 @@ +From 51cdd87ad861d5d47c212258bf00402a4dec2198 Mon Sep 17 00:00:00 2001 +From: Darren Archibald +Date: Fri, 23 Feb 2024 06:17:54 -0800 +Subject: [PATCH] Update cloud-init collect-logs for Oracle Linux + +Updating the code to collect triage logs with OL distro specic methods. + +Orabug: 30435672 + +Signed-off-by: Vijay Balakrishna +Reviewed-by: Si-Wei Liu +Acked-by: Joe Kennedy +Reviewed-by: Laurence Rochfort +Signed-off-by: Rajesh Harekal +--- + cloudinit/cmd/devel/logs.py | 26 ++++++++++++++++---------- + cloudinit/util.py | 1 + + 2 files changed, 17 insertions(+), 10 deletions(-) + +diff --git a/cloudinit/cmd/devel/logs.py b/cloudinit/cmd/devel/logs.py +index 8312218..85d976a 100755 +--- a/cloudinit/cmd/devel/logs.py ++++ b/cloudinit/cmd/devel/logs.py +@@ -21,7 +21,7 @@ + from cloudinit.stages import Init + from cloudinit.subp import ProcessExecutionError, subp + from cloudinit.temp_utils import tempdir +-from cloudinit.util import copy, get_config_logfiles, write_file ++from cloudinit.util import copy, get_config_logfiles, write_file, system_info + + LOG = cast(loggers.CustomLoggerType, logging.getLogger(__name__)) + +@@ -214,13 +214,21 @@ + file_path=log_dir / "version", + msg="cloud-init --version", + ) +- dpkg_ver = _write_command_output_to_file( +- cmd=["dpkg-query", "--show", "-f=${Version}\n", "cloud-init"], +- file_path=log_dir / "dpkg-version", +- msg="dpkg version", +- ) +- if not version: +- version = dpkg_ver or "not-available" ++ if system_info()['variant'] == "ol": ++ rpm_ver = _write_command_output_to_file( ++ cmd=["rpm", "-q", "--queryformat", ++ "[%{VERSION}-%{RELEASE}.%{ARCH}]\n", "cloud-init"], ++ file_path=log_dir / "rpm-version", ++ msg="rpm version") ++ if not version: ++ version = rpm_ver if rpm_ver else "not-available" ++ else: ++ dpkg_ver = _write_command_output_to_file( ++ cmd=["dpkg-query", "--show", "-f=${Version}\n", "cloud-init"], ++ file_path=log_dir / "dpkg-version", ++ msg="dpkg version") ++ if not version: ++ version = dpkg_ver or "not-available" + + + def _collect_system_logs( +diff --git a/cloudinit/util.py b/cloudinit/util.py +index 3295735..db7bb97 100644 +--- a/cloudinit/util.py ++++ b/cloudinit/util.py +@@ -660,6 +660,7 @@ def _get_variant(info): + "suse", + "tencentos", + "virtuozzo", ++ "ol", + ): + variant = linux_dist + elif linux_dist in ("ubuntu", "linuxmint", "mint"): +-- +2.31.1 + diff --git a/SOURCES/orabug30435672-004-ol-cloud-config.patch b/SOURCES/orabug30435672-004-ol-cloud-config.patch new file mode 100644 index 0000000..5958b77 --- /dev/null +++ b/SOURCES/orabug30435672-004-ol-cloud-config.patch @@ -0,0 +1,112 @@ +From 250aa45f74e29b95f81b24811c972369605bd24e Mon Sep 17 00:00:00 2001 +From: Vijay Balakrishna +Date: Tue, 5 Nov 2019 16:00:21 -0500 +Subject: [PATCH] Add static cloud.cfg file for OL7. + +Adding OL specific cloud.cfg file to enable updates cloud-init +config file independently, adding newly verified ntp module. + +Orabug: 30435672 + +Signed-off-by: Vijay Balakrishna +Signed-off-by: Si-Wei Liu +Acked-by: Joe Kennedy +Reviewed-by: Laurence Rochfort + +--- + ol/README.ol | 6 ++++++ + ol/cloud.cfg | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 75 insertions(+) + create mode 100644 ol/README.ol + create mode 100644 ol/cloud.cfg + +diff --git a/ol/README.ol b/ol/README.ol +new file mode 100644 +index 0000000..f59d559 +--- /dev/null ++++ b/ol/README.ol +@@ -0,0 +1,6 @@ ++The following cloud-init modules are currently unsupported on this OS: ++ - apt_update_upgrade ('apt_update', 'apt_upgrade', 'apt_mirror', 'apt_preserve_sources_list', 'apt_old_mirror', 'apt_sources', 'debconf_selections', 'packages' options) ++ - byobu ('byobu_by_default' option) ++ - chef ++ - grub_dpkg ++ - rh_subscription +diff --git a/ol/cloud.cfg b/ol/cloud.cfg +new file mode 100644 +index 0000000..2ee1fb3 +--- /dev/null ++++ b/ol/cloud.cfg +@@ -0,0 +1,69 @@ ++users: ++ - default ++ ++disable_root: 1 ++ssh_pwauth: 0 ++ ++mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2'] ++resize_rootfs_tmp: /dev ++ssh_deletekeys: 0 ++ssh_genkeytypes: ~ ++syslog_fix_perms: ~ ++disable_vmware_customization: false ++ ++cloud_init_modules: ++ - disk_setup ++ - migrator ++ - bootcmd ++ - write-files ++ - growpart ++ - resizefs ++ - set_hostname ++ - update_hostname ++ - update_etc_hosts ++ - rsyslog ++ - users-groups ++ - ssh ++ ++cloud_config_modules: ++ - mounts ++ - locale ++ - set-passwords ++ - ntp ++ - yum-add-repo ++ - package-update-upgrade-install ++ - timezone ++ - puppet ++ - chef ++ - salt-minion ++ - mcollective ++ - disable-ec2-metadata ++ - runcmd ++ ++cloud_final_modules: ++ - rightscale_userdata ++ - scripts-per-once ++ - scripts-per-boot ++ - scripts-per-instance ++ - scripts-user ++ - ssh-authkey-fingerprints ++ - keys-to-console ++ - phone-home ++ - final-message ++ - power-state-change ++ ++system_info: ++ default_user: ++ name: cloud-user ++ lock_passwd: true ++ gecos: Cloud User ++ groups: [adm, systemd-journal] ++ sudo: ["ALL=(ALL) NOPASSWD:ALL"] ++ shell: /bin/bash ++ distro: rhel ++ paths: ++ cloud_dir: /var/lib/cloud ++ templates_dir: /etc/cloud/templates ++ ssh_svcname: sshd ++ ++# vim:syntax=yaml +-- +1.8.3.1 + diff --git a/SOURCES/orabug30435672-006-cc_spacewalk.py.patch b/SOURCES/orabug30435672-006-cc_spacewalk.py.patch new file mode 100644 index 0000000..f4d4517 --- /dev/null +++ b/SOURCES/orabug30435672-006-cc_spacewalk.py.patch @@ -0,0 +1,55 @@ +From 2b92e042bb8a4510abec38fcfc302d8de1e28f37 Mon Sep 17 00:00:00 2001 +From: Darren Archibald +Date: Fri, 23 Feb 2024 06:55:32 -0800 +Subject: [PATCH] spacewalk: fix CA cert file path for Oracle Linux + +Update the CA cert file that is available in Oracle Linux to register with ULN. + +Orabug: 30435672 + +Signed-off-by: Si-Wei Liu +Signed-off-by: Vijay Balakrishna +Acked-by: Joe Kennedy +Reviewed-by: Laurence Rochfort +Signed-off-by: Darren Archibald +Signed-off-by: Rajesh Harekal +--- + cloudinit/config/cc_spacewalk.py | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/cloudinit/config/cc_spacewalk.py b/cloudinit/config/cc_spacewalk.py +index 08514f2..7248cce 100644 +--- a/cloudinit/config/cc_spacewalk.py ++++ b/cloudinit/config/cc_spacewalk.py +@@ -3,7 +3,7 @@ + + import logging + +-from cloudinit import subp ++from cloudinit import subp, util + from cloudinit.cloud import Cloud + from cloudinit.config import Config + from cloudinit.config.schema import MetaSchema +@@ -21,6 +21,7 @@ + distros = ["redhat", "fedora", "openeuler"] + required_packages = ["rhn-setup"] + def_ca_cert_path = "/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT" ++ol_ca_cert_path = "/usr/share/rhn/ULN-CA-CERT" + + + def is_registered(): +@@ -74,9 +75,14 @@ + # Need to have this installed before further things will work. + cloud.distro.install_packages(required_packages) + if not is_registered(): ++ if util.system_info()['variant'] == "ol": ++ cert = ol_ca_cert_path ++ else: ++ cert = def_ca_cert_path + do_register( + spacewalk_server, + cloud.datasource.get_hostname(fqdn=True).hostname, ++ ca_cert_path=cert, + proxy=cfg.get("proxy"), + activation_key=cfg.get("activation_key"), + ) diff --git a/SOURCES/orabug32183938-009-missing-sshd-services.patch b/SOURCES/orabug32183938-009-missing-sshd-services.patch new file mode 100644 index 0000000..3386a06 --- /dev/null +++ b/SOURCES/orabug32183938-009-missing-sshd-services.patch @@ -0,0 +1,31 @@ +cloud-init service file is missing sshd required services +Orabug: 32183938 + +in the systemd sshd-keygen.target file, the following services are listed: +[Unit] +Wants=sshd-keygen@rsa.service +Wants=sshd-keygen@ecdsa.service +Wants=sshd-keygen@ed25519.service + +Need to add the following to the cloud-init service file: +Before=sshd-keygen@rsa.service +Before=sshd-keygen@ecdsa.service +Before=sshd-keygen@ed25519.service + +Signed-off-by: Isaac Chen +Signed-off-by: Rajesh Harekal + +diff -up cloud-init-19.4/systemd/cloud-init.service.tmpl.orig cloud-init-19.4/systemd/cloud-init.service.tmpl +--- cloud-init-24.4/systemd/cloud-init.service.tmpl 2025-01-28 11:13:57.339346352 -0800 ++++ cloud-init-24.4/systemd/cloud-init.service.tmpl 2025-01-28 11:14:31.587669418 -0800 +@@ -28,7 +28,9 @@ + After=dbus.service + {% endif %} + Before=network-online.target +-Before=sshd-keygen.service ++Before=sshd-keygen@rsa.service ++Before=sshd-keygen@ecdsa.service ++Before=sshd-keygen@ed25519.service + Before=sshd.service + Before=systemd-user-sessions.service + {% if variant in ["ubuntu", "unknown", "debian"] %} diff --git a/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch b/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch new file mode 100644 index 0000000..7cb4fb0 --- /dev/null +++ b/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch @@ -0,0 +1,22 @@ +cloud-init service file is missing sshd required services +Orabug: 32183938 + +This patch is the supplement of patch orabug32183938-009, where changes +to cloud-init.service also need to be added to files in rhel/systemd. + +Signed-off-by: Isaac Chen + +diff -up cloud-init-19.4/systemd/cloud-init.service.tmpl.orig cloud-init-19.4/systemd/cloud-init.service.tmpl +--- cloud-init-19.4/systemd/cloud-init.service.tmpl.orig 2020-12-11 19:59:37.331277979 -0800 ++++ cloud-init-19.4/systemd/cloud-init.service.tmpl 2020-12-11 20:00:38.867459043 -0800 +@@ -5,7 +5,9 @@ + DefaultDependencies=no + {% endif %} + Wants=cloud-init-local.service +-Wants=sshd-keygen.service ++Wants=sshd-keygen@rsa.service ++Wants=sshd-keygen@ecdsa.service ++Wants=sshd-keygen@ed25519.service + Wants=sshd.service + After=cloud-init-local.service + After=systemd-networkd-wait-online.service diff --git a/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch b/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch new file mode 100644 index 0000000..49ff3cb --- /dev/null +++ b/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch @@ -0,0 +1,287 @@ +From e921be03f802ee154ed1ddf044e276b23af0d2b6 Mon Sep 17 00:00:00 2001 +From: Darren Archibald +Date: Fri, 23 Feb 2024 07:52:25 -0800 +Subject: [PATCH] Add Oracle to distro detection logic in cloud.cfg.tmpl + +Oracle Linux is being detected as "ol" variant by cloud-init. +This patch adds "ol" to the list of supported variants, and applies needed settings to it. +You can notice that variant "ol" is being set as distro "rhel" in a couple of places, +that is expected as this designated that base distro for "ol" is "rhel" ( which is true ) + +The main reason for this change is that cloud-init package dropped hardcoded configs that set OL as rhel +and to make cloud-init behave on OL systems as expected we need to add "ol" designation to supported list. + +Orabug: 34845400 +Signed-off-by: Alex Burmashev +Signed-off-by: Darren Archibald +Signed-off-by: Rajesh Harekal +--- + cloudinit/distros/__init__.py | 1 + + cloudinit/sources/DataSourceRbxCloud.py | 2 +- + config/cloud.cfg.tmpl | 33 ++++++++++++++++++------- + systemd/cloud-final.service | 4 ++- + systemd/cloud-init-local.service.tmpl | 12 ++++++--- + systemd/cloud-init.service.tmpl | 8 ++++-- + systemd/cloud-init-generator.tmpl | 1 +++-- + tests/unittests/test_util.py | 1 + + 8 files changed, 48 insertions(+), 17 deletions(-) + +diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py +index 79e2623..8f1381b 100644 +--- a/cloudinit/distros/__init__.py ++++ b/cloudinit/distros/__init__.py +@@ -78,6 +78,7 @@ OSFAMILIES = { + "rhel", + "rocky", + "virtuozzo", ++ "ol", + ], + "suse": [ + "opensuse", +diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py +index 9214f1b..5379132 100644 +--- a/cloudinit/sources/DataSourceRbxCloud.py ++++ b/cloudinit/sources/DataSourceRbxCloud.py +@@ -60,7 +60,7 @@ def _sub_arp(cmd): + + def gratuitous_arp(items, distro): + source_param = "-S" +- if distro.name in ["fedora", "centos", "rhel"]: ++ if distro.name in ["fedora", "centos", "rhel", "ol"]: + source_param = "-s" + for item in items: + try: +diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl +index a470120..f440830 100644 +--- a/config/cloud.cfg.tmpl ++++ b/config/cloud.cfg.tmpl +@@ -59,10 +59,10 @@ + {% endif %} + + {%- if variant in ["alpine", "amazon", "fedora", "OpenCloudOS", "openeuler", +- "openmandriva", "photon", "TencentOS"] or is_rhel %} ++ "openmandriva", "photon", "TencentOS", "ol"] or is_rhel %} + +-{% if is_rhel %} +-mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.after=cloud-init-network.service,_netdev', '0', '2'] ++{% if variant in ["ol"] or is_rhel %} ++mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.after=cloud-init.service,_netdev', '0', '2'] + {% else %} + mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2'] + {% endif %} +@@ -101,7 +101,7 @@ + + {% endif -%} + +-{% if is_rhel %} ++{% if variant in ["ol"] or is_rhel %} + # Default redhat settings: + ssh_deletekeys: true + ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519'] +@@ -166,18 +166,20 @@ + - ubuntu_pro + {% endif %} + {% elif variant in ["azurelinux", "fedora", "mariner", "openeuler", +- "openmandriva", "photon"] or is_rhel %} ++ "openmandriva", "photon", "ol"] or is_rhel %} + {% if is_rhel %} + - rh_subscription + {% endif %} +-{% if variant not in ["azurelinux", "mariner", "photon"] %} ++{% if variant not in ["azurelinux", "mariner", "photon", "ol"] %} + - spacewalk + {% endif %} + - yum_add_repo + {% elif variant == "suse" %} + - zypper_add_repo + {% endif %} ++{% if variant not in ["ol"] %} + - ntp ++{% endif %} + - timezone + {% if variant not in ["azurelinux"] %} + - disable_ec2_metadata +@@ -207,6 +209,8 @@ + {% if variant not in ["azurelinux"] %} + - mcollective + - salt_minion ++{% endif %} ++{% if variant not in ["azurelinux", "ol"] %} + - reset_rmc + {% endif %} + - scripts_vendor +@@ -230,6 +234,8 @@ + "OpenCloudOS", "openeuler", "openmandriva", "photon", "suse", + "TencentOS", "ubuntu"] or is_rhel %} + distro: {{ variant }} ++{% elif variant == "ol" %} ++ distro: rhel + {% elif variant == "dragonfly" %} + distro: dragonflybsd + {% else %} +@@ -238,7 +244,9 @@ + {% endif %} + # Default user name + that default users groups (if added/used) + default_user: +-{% if variant in usernames %} ++{% if variant == "ol" %} ++ name: cloud-user ++{% elif variant in usernames %} + name: {{ usernames[variant] }} + {% else %} + name: {{ variant }} +@@ -246,11 +254,13 @@ + {% if variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "debian", "fedora", + "gentoo", "mariner", "OpenCloudOS", "openeuler", + "openmandriva", "photon", "suse", "TencentOS", "ubuntu", +- "unknown"] ++ "unknown", "ol"] + or is_bsd or is_rhel %} + lock_passwd: True + {% endif %} +-{% if variant in gecos %} ++{% if variant == "ol" %} ++ gecos: Cloud User ++{% elif variant in gecos %} + gecos: {{ gecos[variant] }} + {% else %} + gecos: {{ variant }} Cloud User +@@ -259,7 +269,7 @@ + groups: [{{ groups[variant] }}] + {% elif is_bsd %} + groups: [wheel] +-{% elif is_rhel %} ++{% elif variant in ["ol"] or is_rhel %} + groups: [adm, systemd-journal] + {% else %} + groups: [wheel, adm, systemd-journal] +@@ -328,7 +338,7 @@ + {% if variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "debian", "fedora", + "gentoo", "mariner", "OpenCloudOS", "openeuler", + "openmandriva", "photon", "suse", "TencentOS", "ubuntu", +- "unknown"] ++ "unknown", "ol"] + or is_rhel %} + # Other config here will be given to the distro class and/or path classes + paths: +@@ -375,7 +385,7 @@ + ssh_svcname: ssh + {% elif variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "fedora", + "gentoo", "mariner", "OpenCloudOS", "openeuler", +- "openmandriva", "photon", "suse", "TencentOS"] ++ "openmandriva", "photon", "suse", "TencentOS", "ol"] + or is_rhel %} + ssh_svcname: sshd + {% endif %} + +diff --git a/systemd/cloud-final.service b/systemd/cloud-final.service +index ab3daed..1c69dde 100644 +--- a/systemd/cloud-final.service ++++ b/systemd/cloud-final.service +@@ -3,7 +3,6 @@ + Description=Cloud-init: Final Stage + After=network-online.target time-sync.target cloud-config.service rc-local.service + After=multi-user.target +-Before=apt-daily.service + Wants=network-online.target cloud-config.service + ConditionPathExists=!/etc/cloud/cloud-init.disabled + ConditionKernelCommandLine=!cloud-init=disabled + +diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl +index 3a1ca7f..4750c36 100644 +--- a/systemd/cloud-init-local.service.tmpl ++++ b/systemd/cloud-init-local.service.tmpl +@@ -2,19 +2,21 @@ + [Unit] + # https://docs.cloud-init.io/en/latest/explanation/boot.html + Description=Cloud-init: Local Stage (pre-network) +-{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel"] %} ++{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel", "ol"] %} + DefaultDependencies=no + {% endif %} + Wants=network-pre.target ++{% if variant not in ["ol"] %} + After=hv_kvp_daemon.service +-{% if variant in ["almalinux", "cloudlinux", "rhel"] %} ++{% endif %} ++{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} + Requires=dbus.socket + After=dbus.socket + {% endif %} + After=systemd-remount-fs.service + Before=network-pre.target + Before=shutdown.target +-{% if variant in ["almalinux", "cloudlinux", "rhel"] %} ++{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} + Before=firewalld.target + {% endif %} + {% if variant in ["ubuntu", "unknown", "debian"] %} +@@ -28,7 +30,7 @@ + + [Service] + Type=oneshot +-{% if variant in ["almalinux", "cloudlinux", "rhel"] %} ++{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} + ExecStartPre=/sbin/restorecon /run/cloud-init + {% endif %} + ExecStart=/usr/bin/cloud-init init --local + +diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl +index 90d45f2..2e1ce48 100644 +--- a/systemd/cloud-init.service.tmpl ++++ b/systemd/cloud-init.service.tmpl +@@ -2,7 +2,7 @@ + [Unit] + # https://docs.cloud-init.io/en/latest/explanation/boot.html + Description=Cloud-init: Network Stage +-{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %} ++{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel", "ol"] %} + DefaultDependencies=no + {% endif %} + Wants=cloud-init-local.service +@@ -11,13 +11,15 @@ + Wants=sshd-keygen@ed25519.service + Wants=sshd.service + After=cloud-init-local.service ++{% if variant not in ["ol"] %} + After=systemd-networkd-wait-online.service ++{% endif %} + {% if variant in ["ubuntu", "unknown", "debian"] %} + After=networking.service + {% endif %} + {% if variant in ["almalinux", "centos", "cloudlinux", "eurolinux", "fedora", + "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", +- "suse", "TencentOS", "virtuozzo"] %} ++ "suse", "TencentOS", "virtuozzo", "ol"] %} + + After=NetworkManager.service + After=NetworkManager-wait-online.service + +diff --git a/systemd/cloud-init-generator.tmpl b/systemd/cloud-init-generator.tmpl +--- a/systemd/cloud-init-generator.tmpl ++++ b/systemd/cloud-init-generator.tmpl +@@ -21,7 +21,7 @@ + CLOUD_SYSTEM_TARGET="/lib/systemd/system/cloud-init.target" + {% endif %} + {% if variant in ["almalinux", "centos", "cloudlinux", "eurolinux", "fedora", +- "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", "TencentOS", "virtuozzo"] %} ++ "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", "TencentOS", "virtuozzo", "ol"] %} + dsidentify="/usr/libexec/cloud-init/ds-identify" + {% elif variant == "benchmark" %} + dsidentify="/bin/true" + +diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py +index 519ef63..323e7f6 100644 +--- a/tests/unittests/test_util.py ++++ b/tests/unittests/test_util.py +@@ -1311,6 +1311,7 @@ class TestGetVariant: + ({"system": "linux", "dist": ("sles",)}, "suse"), + ({"system": "linux", "dist": ("sle_hpc",)}, "suse"), + ({"system": "linux", "dist": ("my_distro",)}, "linux"), ++ ({"system": "linux", "dist": ("ol",)}, "ol"), + ({"system": "Windows", "dist": ("dontcare",)}, "windows"), + ({"system": "Darwin", "dist": ("dontcare",)}, "darwin"), + ({"system": "Freebsd", "dist": ("dontcare",)}, "freebsd"), +-- +2.31.1 + diff --git a/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch b/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch new file mode 100644 index 0000000..5a2835e --- /dev/null +++ b/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch @@ -0,0 +1,115 @@ +Patch to adapt DataSourceOracle and make it functional for OCI. +Also includes setting for retries and timeouts previously provided by +a separate patch to help PCA instances get IMDS data. + +Orabug: 37065979 + +Signed-off-by: Rajesh Harekal +--- +diff -git a/cloudinit/sources/DataSourceOracle.py b/cloudinit/sources/DataSourceOracle.py +--- a/cloudinit/sources/DataSourceOracle.py 2025-03-07 16:04:37.773216485 -0800 ++++ a/cloudinit/sources/DataSourceOracle.py 2025-03-07 16:32:33.174574170 -0800 +@@ -15,6 +15,7 @@ + + import base64 + import ipaddress ++import os + import json + import logging + import time +@@ -32,6 +33,8 @@ + + LOG = logging.getLogger(__name__) + ++ISCSI_IBFT_PATH='/sys/firmware/acpi/tables/iBFT' ++ + BUILTIN_DS_CONFIG = { + # Don't use IMDS to configure secondary NICs by default + "configure_secondary_nics": False, +@@ -135,8 +138,8 @@ + perform_dhcp_setup = True + + # Careful...these can be overridden in __init__ +- url_max_wait = 30 +- url_timeout = 5 ++ url_max_wait = 180 ++ url_timeout = 20 + + def __init__(self, sys_cfg, *args, **kwargs): + super(DataSourceOracle, self).__init__(sys_cfg, *args, **kwargs) +@@ -149,7 +152,7 @@ + ] + ) + self._network_config_source = KlibcOracleNetworkConfigSource() +- self._network_config: dict = {"config": [], "version": 1} ++ self._network_config = sources.UNSET + + url_params = self.get_url_params() + self.url_max_wait = url_params.max_wait_seconds +@@ -274,7 +277,7 @@ + + def _is_iscsi_root(self) -> bool: + """Return whether we are on a iscsi machine.""" +- return self._network_config_source.is_applicable() ++ return self._network_config_source.is_applicable() or bool(os.path.exists(ISCSI_IBFT_PATH)) + + def _get_iscsi_config(self) -> dict: + return self._network_config_source.render_config() +@@ -294,34 +297,31 @@ + + set_primary = False + # this is v1 +- if self._is_iscsi_root(): +- self._network_config = self._get_iscsi_config() +- if not self._has_network_config(): +- LOG.warning( +- "Could not obtain network configuration from initramfs. " +- "Falling back to IMDS." ++ if self._network_config == sources.UNSET: ++ # this is v1 ++ if not self._has_network_config(): ++ self._network_config = self.distro.generate_fallback_config() ++ set_primary = True ++ ++ set_secondary = self.ds_cfg.get( ++ "configure_secondary_nics", ++ BUILTIN_DS_CONFIG["configure_secondary_nics"], + ) +- set_primary = True +- +- set_secondary = self.ds_cfg.get( +- "configure_secondary_nics", +- BUILTIN_DS_CONFIG["configure_secondary_nics"], +- ) +- if set_primary or set_secondary: +- try: +- # Mutate self._network_config to include primary and/or +- # secondary VNICs +- self._add_network_config_from_opc_imds(set_primary) +- except Exception: +- util.logexc( +- LOG, +- "Failed to parse IMDS network configuration!", +- ) ++ if set_primary or set_secondary: ++ try: ++ # Mutate self._network_config to include primary and/or ++ # secondary VNICs ++ self._add_network_config_from_opc_imds(set_primary) ++ except Exception: ++ util.logexc( ++ LOG, ++ "Failed to parse IMDS network configuration!", ++ ) + +- # we need to verify that the nic selected is not a netfail over +- # device and, if it is a netfail master, then we need to avoid +- # emitting any match by mac +- _ensure_netfailover_safe(self._network_config) ++ # we need to verify that the nic selected is not a netfail over ++ # device and, if it is a netfail master, then we need to avoid ++ # emitting any match by mac ++ _ensure_netfailover_safe(self._network_config) + + return self._network_config + diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec index 8372442..ace737f 100644 --- a/SPECS/cloud-init.spec +++ b/SPECS/cloud-init.spec @@ -1,77 +1,96 @@ -Name: cloud-init -Version: 24.4 -Release: 4%{?dist}.1 -Summary: Cloud instance init scripts -License: ASL 2.0 or GPLv3 -URL: http://launchpad.net/cloud-init -Source0: https://github.com/canonical/cloud-init/archive/refs/tags/%{version}.tar.gz -Source1: cloud-init-tmpfiles.conf +Name: cloud-init +Version: 24.4 +Release: 4.0.1%{?dist}.3 +Summary: Cloud instance init scripts +License: ASL 2.0 or GPLv3 +URL: http://launchpad.net/cloud-init +Source0: https://github.com/canonical/cloud-init/archive/refs/tags/%{version}.tar.gz +Source1: cloud-init-tmpfiles.conf # Source-git patches -Patch1: 0001-downstream-Add-initial-redhat-changes.patch -Patch2: 0002-downstream-Setting-autoconnect-priority-setting-for-.patch -Patch3: 0004-downstream-Revert-chore-eliminate-redundant-ordering.patch -Patch4: 0005-downstream-remove-single-process-optimization.patch -Patch5: 0006-fix-don-t-deadlock-when-starting-network-service-wit.patch +Patch1: 0001-downstream-Add-initial-redhat-changes.patch +Patch2: 0002-downstream-Setting-autoconnect-priority-setting-for-.patch +Patch3: 0004-downstream-Revert-chore-eliminate-redundant-ordering.patch +Patch4: 0005-downstream-remove-single-process-optimization.patch +Patch5: 0006-fix-don-t-deadlock-when-starting-network-service-wit.patch # For RHEL-74334 - [rhel-9.6] Suggest to continue using sysconfig as the default network renderer in rhel-9.6 -Patch6: ci-downstream-Revert-feat-Use-NetworkManager-renderer-b.patch +Patch6: ci-downstream-Revert-feat-Use-NetworkManager-renderer-b.patch # For RHEL-71122 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [RHEL-9.6] -Patch7: ci-Use-log_with_downgradable_level-for-user-password-wa.patch +Patch7: ci-Use-log_with_downgradable_level-for-user-password-wa.patch # For RHEL-71122 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [RHEL-9.6] -Patch8: ci-downstream-set-deprecation-boundary-version.patch +Patch8: ci-downstream-set-deprecation-boundary-version.patch # For RHEL-76361 - [c9s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network -Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch +Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch # For RHEL-83636 - DataSourceNoCloudNet network configuration is ineffective [rhel-9.6.z] -Patch10: ci-fix-NM-reload-and-bring-up-individual-network-conns-.patch +Patch10: ci-fix-NM-reload-and-bring-up-individual-network-conns-.patch +Patch11: 0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch +# For RHEL-100611 - CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z] +Patch12: ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch +# For RHEL-100611 - CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z] +Patch13: ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch -BuildArch: noarch +# Oracle patches +Patch100: 0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch +Patch101: ignore-enslaved-interface.patch +Patch102: ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch +Patch103: 0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch +# Oracle specific patches (preferred prefix: "ol" or "orabugNNNNNNNN") +Patch1001: orabug30435672-003-cloud-init-collect-logs.patch +Patch1002: orabug30435672-004-ol-cloud-config.patch +Patch1003: orabug30435672-006-cc_spacewalk.py.patch +Patch1004: orabug32183938-009-missing-sshd-services.patch +Patch1005: orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch +Patch1006: orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch +Patch1007: orabug35950168-DataSourceOracle-network-getdata-updates.patch -BuildRequires: pkgconfig(systemd) -BuildRequires: python3-devel -BuildRequires: python3-setuptools -BuildRequires: systemd +BuildArch: noarch + +BuildRequires: pkgconfig(systemd) +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: systemd # For tests -BuildRequires: iproute -BuildRequires: python3-configobj +BuildRequires: iproute +BuildRequires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 -BuildRequires: python3-distro -BuildRequires: python3-jinja2 -BuildRequires: python3-jsonpatch -BuildRequires: python3-oauthlib -BuildRequires: python3-prettytable -BuildRequires: python3-pyserial -BuildRequires: python3-PyYAML -BuildRequires: python3-requests -BuildRequires: python3-six +BuildRequires: python3-distro +BuildRequires: python3-jinja2 +BuildRequires: python3-jsonpatch +BuildRequires: python3-oauthlib +BuildRequires: python3-prettytable +BuildRequires: python3-pyserial +BuildRequires: python3-PyYAML +BuildRequires: python3-requests +BuildRequires: python3-six # dnf is needed to make cc_ntp unit tests work # https://bugs.launchpad.net/cloud-init/+bug/1721573 -BuildRequires: /usr/bin/dnf +BuildRequires: /usr/bin/dnf -Requires: e2fsprogs -Requires: iproute -Requires: libselinux-python3 -Requires: policycoreutils-python3 -Requires: procps -Requires: python3-configobj +Requires: e2fsprogs +Requires: iproute +Requires: libselinux-python3 +Requires: policycoreutils-python3 +Requires: procps +Requires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 -Requires: python3-distro -Requires: python3-jinja2 -Requires: python3-jsonpatch -Requires: python3-oauthlib -Requires: python3-prettytable -Requires: python3-pyserial -Requires: python3-PyYAML -Requires: python3-requests -Requires: python3-six -Requires: shadow-utils -Requires: util-linux -Requires: xfsprogs -Requires: dhcp-client +Requires: python3-distro +Requires: python3-jinja2 +Requires: python3-jsonpatch +Requires: python3-oauthlib +Requires: python3-prettytable +Requires: python3-pyserial +Requires: python3-PyYAML +Requires: python3-requests +Requires: python3-six +Requires: shadow-utils +Requires: util-linux +Requires: xfsprogs +Requires: dhcp-client # https://bugzilla.redhat.com/show_bug.cgi?id=2032524 -Requires: gdisk -Requires: openssl -Requires: python3-netifaces +Requires: gdisk +Requires: openssl +Requires: python3-netifaces %{?systemd_requires} @@ -237,6 +256,34 @@ fi %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog +* Mon Jul 14 2025 Craig Guiller - 24.4-4.0.1.el9_6.3 +- Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168] +- Fix log file permission [Orabug: 35302969] +- Update detection logic for OL distros in config template [Orabug: 34845400] +- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938] +- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938] +- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672] +- limit permissions [Orabug: 31352433] +- Changes to ignore all enslaved interfaces [Orabug: 30092148] +- Make Oracle datasource detect dracut based config files [Orabug: 29956753] +- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: + 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata + 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader + Resolves: Oracle-Bug:41660 (Bugzilla) +- added OL to list of known distros +Resolves: rhbz#1427280 +Resolves: rhbz#1427280 + +* Thu Jul 03 2025 Miroslav Rezanina - 24.4-4.el9_6.3 +- ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100611] +- ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100611] +- Resolves: RHEL-100611 + (CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z]) + +* Thu Jul 03 2025 Miroslav Rezanina - 24.4-4.el9_6.2 +- Adding missed fix 'Retain exit code in cloud-init status for recoverable errors' +- Resolves: RHEL-101693 + * Thu Mar 20 2025 Jon Maloy - 24.4-4.el9_6.1 - ci-fix-NM-reload-and-bring-up-individual-network-conns-.patch [RHEL-83636] - Resolves: RHEL-83636 @@ -774,7 +821,7 @@ fi * Thu Apr 13 2017 Charalampos Stratakis 0.7.9-4 - Import to RHEL 7 -Resolves: rhbz#1427280 +Resolves: rhbz#1427280 * Tue Mar 07 2017 Lars Kellogg-Stedman 0.7.9-3 - fixes for network config generation From 80e354bc047f59f64214d4ce9d0e2473fde1342c Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 22 Jul 2025 11:16:42 +0000 Subject: [PATCH 2/2] Revert OL modifications --- ...to-stop-retrying-to-get-ec2-metadata.patch | 50 --- ...add-a-new-unit-test-for-network-mana.patch | 136 --------- SOURCES/ignore-enslaved-interface.patch | 44 --- ...racle-Linux-variant-to-known-distros.patch | 26 -- ...30435672-003-cloud-init-collect-logs.patch | 77 ----- .../orabug30435672-004-ol-cloud-config.patch | 112 ------- .../orabug30435672-006-cc_spacewalk.py.patch | 55 ---- ...ug32183938-009-missing-sshd-services.patch | 31 -- ...issing-sshd-services-in-rhel-systemd.patch | 22 -- ...stro-detection-logic-in-cloud.cfg.tm.patch | 287 ------------------ ...SourceOracle-network-getdata-updates.patch | 115 ------- SPECS/cloud-init.spec | 154 ++++------ 12 files changed, 61 insertions(+), 1048 deletions(-) delete mode 100644 SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch delete mode 100644 SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch delete mode 100644 SOURCES/ignore-enslaved-interface.patch delete mode 100644 SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch delete mode 100644 SOURCES/orabug30435672-003-cloud-init-collect-logs.patch delete mode 100644 SOURCES/orabug30435672-004-ol-cloud-config.patch delete mode 100644 SOURCES/orabug30435672-006-cc_spacewalk.py.patch delete mode 100644 SOURCES/orabug32183938-009-missing-sshd-services.patch delete mode 100644 SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch delete mode 100644 SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch delete mode 100644 SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch diff --git a/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch b/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch deleted file mode 100644 index d691b94..0000000 --- a/SOURCES/0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch +++ /dev/null @@ -1,50 +0,0 @@ -Enable ec2_utils to stop retrying to get ec2 metadata - -Signed-off-by: David Sloboda -Reviewed-by: Laurence Rochfort - -diff -ruN a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py ---- a/cloudinit/sources/helpers/openstack.py 2018-04-02 12:51:20.053828637 -0700 -+++ b/cloudinit/sources/helpers/openstack.py 2018-04-02 12:33:20.000000000 -0700 -@@ -464,6 +464,16 @@ - - return results - -+def should_retry_cb(_request_args, cause): -+ try: -+ code = int(cause.code) -+ if code >= 400: -+ return False -+ except (TypeError, ValueError): -+ # Older versions of requests didn't have a code. -+ pass -+ return True -+ - - class MetadataReader(BaseReader): - def __init__(self, base_url, ssl_details=None, timeout=5, retries=5): -@@ -489,16 +499,6 @@ - return self._versions - - def _path_read(self, path, decode=False): -- def should_retry_cb(_request_args, cause): -- try: -- code = int(cause.code) -- if code >= 400: -- return False -- except (TypeError, ValueError): -- # Older versions of requests didn't have a code. -- pass -- return True -- - response = url_helper.readurl( - path, - retries=self.retries, -@@ -519,6 +519,7 @@ - ssl_details=self.ssl_details, - timeout=self.timeout, - retries=self.retries, -+ exception_cb=should_retry_cb, - ) - - diff --git a/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch b/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch deleted file mode 100644 index 2248cbf..0000000 --- a/SOURCES/0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch +++ /dev/null @@ -1,136 +0,0 @@ -From 37a6837813e418486af8cbef436ab82a8be3e3fa Mon Sep 17 00:00:00 2001 -From: Darren Archibald -Date: Fri, 23 Feb 2024 06:06:30 -0800 -Subject: [PATCH] tests/unittests: add a new unit test for network manager net - activator (#4672) - -Some changes in behavior in network manager net activator was brought in with -the commit -d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent") - -This change adds some unit tests that exercizes network manager activator's -bring_up_interface() method that tests failure scenarios as well as cases -where an ifcfg file is used to bring the interface up. - -Signed-off-by: Ani Sinha -(cherry picked from commit bb474df78bfe45ea5f05907eb710e8d5de764fc8) -Signed-off-by: Darren Archibald ---- - tests/unittests/test_net_activators.py | 101 +++++++++++++++++++++++++ - 1 file changed, 101 insertions(+) - -diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py -index 2a363ec..f95c8a7 100644 ---- a/tests/unittests/test_net_activators.py -+++ b/tests/unittests/test_net_activators.py -@@ -288,6 +288,107 @@ class TestActivatorsBringUp: - for call in m_subp.call_args_list: - assert call in expected_call_list - -+class TestNetworkManagerActivatorBringUp: -+ @patch("cloudinit.subp.subp", return_value=("", "")) -+ @patch( -+ "cloudinit.net.network_manager.available_nm_ifcfg_rh", -+ return_value=True, -+ ) -+ @patch("os.path.isfile") -+ @patch("os.path.exists", return_value=True) -+ def test_bring_up_interface_no_nm_conn( -+ self, m_exists, m_isfile, m_plugin, m_subp -+ ): -+ """ -+ There is no network manager connection file but ifcfg-rh plugin is -+ present and ifcfg interface config files are also present. In this -+ case, we should use ifcfg files. -+ """ -+ -+ def fake_isfile_no_nmconn(filename): -+ return False if filename.endswith(".nmconnection") else True -+ -+ m_isfile.side_effect = fake_isfile_no_nmconn -+ -+ expected_call_list = [ -+ ( -+ ( -+ [ -+ "nmcli", -+ "connection", -+ "load", -+ "".join( -+ [ -+ "/etc/sysconfig/network-scripts/ifcfg-eth0", -+ ] -+ ), -+ ], -+ ), -+ {}, -+ ), -+ ( -+ ( -+ [ -+ "nmcli", -+ "connection", -+ "up", -+ "filename", -+ "".join( -+ [ -+ "/etc/sysconfig/network-scripts/ifcfg-eth0", -+ ] -+ ), -+ ], -+ ), -+ {}, -+ ), -+ ] -+ -+ index = 0 -+ assert NetworkManagerActivator.bring_up_interface("eth0") -+ for call in m_subp.call_args_list: -+ assert call == expected_call_list[index] -+ index += 1 -+ -+ @patch("cloudinit.subp.subp", return_value=("", "")) -+ @patch( -+ "cloudinit.net.network_manager.available_nm_ifcfg_rh", -+ return_value=False, -+ ) -+ @patch("os.path.isfile") -+ @patch("os.path.exists", return_value=True) -+ def test_bring_up_interface_no_plugin_no_nm_conn( -+ self, m_exists, m_isfile, m_plugin, m_subp -+ ): -+ """ -+ The ifcfg-rh plugin is absent and nmconnection file is also -+ not present. In this case, we can't use ifcfg file and the -+ interface bring up should fail. -+ """ -+ -+ def fake_isfile_no_nmconn(filename): -+ return False if filename.endswith(".nmconnection") else True -+ -+ m_isfile.side_effect = fake_isfile_no_nmconn -+ assert not NetworkManagerActivator.bring_up_interface("eth0") -+ -+ @patch("cloudinit.subp.subp", return_value=("", "")) -+ @patch( -+ "cloudinit.net.network_manager.available_nm_ifcfg_rh", -+ return_value=True, -+ ) -+ @patch("os.path.isfile", return_value=False) -+ @patch("os.path.exists", return_value=True) -+ def test_bring_up_interface_no_conn_file( -+ self, m_exists, m_isfile, m_plugin, m_subp -+ ): -+ """ -+ Neither network manager connection files are present nor -+ ifcfg files are present. Even if ifcfg-rh plugin is present, -+ we can not bring up the interface. So bring_up_interface() -+ should fail. -+ """ -+ assert not NetworkManagerActivator.bring_up_interface("eth0") - - IF_UP_DOWN_BRING_DOWN_CALL_LIST: list = [ - ((["ifdown", "eth0"],), {}), --- -2.31.1 - diff --git a/SOURCES/ignore-enslaved-interface.patch b/SOURCES/ignore-enslaved-interface.patch deleted file mode 100644 index cfefbe4..0000000 --- a/SOURCES/ignore-enslaved-interface.patch +++ /dev/null @@ -1,44 +0,0 @@ -From e7aba0f0ccd6f023667f41385f25044a94428ed3 Mon Sep 17 00:00:00 2001 -From: Darren Archibald -Date: Fri, 23 Feb 2024 05:56:06 -0800 -Subject: [PATCH] ignore enslaved interface - - Changes to ignore all enslaved interfaces. - https://jira.oci.oraclecorp.com/browse/LINUX-1947 - - Orabug: 30092148 - - Signed-off-by: Si-Wei Liu - Signed-off-by: Darren Archibald ---- - cloudinit/net/__init__.py | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/cloudinit/net/__init__.py b/cloudinit/net/__init__.py -index c0888f5..b093796 100644 ---- a/cloudinit/net/__init__.py -+++ b/cloudinit/net/__init__.py -@@ -335,6 +335,10 @@ def is_netfail_standby(devname, driver=None): - return True - - -+def is_slave(devname): -+ return os.path.exists(sys_dev_path(devname, "master")) -+ -+ - def is_renamed(devname): - """ - /* interface name assignment types (sysfs name_assign_type attribute) */ -@@ -1054,6 +1058,9 @@ def get_interfaces( - if is_bridge(name): - filtered_logger("Ignoring bridge interface: %s", name) - continue -+ if is_slave(name): -+ filtered_logger("Ignoring bridge interface: %s", name) -+ continue - if filter_vlan and is_vlan(name): - continue - if is_bond(name): --- -2.31.1 - diff --git a/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch b/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch deleted file mode 100644 index c8b89d8..0000000 --- a/SOURCES/ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 8735577c8a683407e94abed0cfccc3aacbb9aa47 Mon Sep 17 00:00:00 2001 -From: Si-Wei Liu -Date: Wed, 10 Jun 2020 20:59:29 -0400 -Subject: [PATCH] sysconfig: add Oracle Linux variant to known distros - -otherwise anything sysconfig breaks on Oracle Linux. - -JIRA: https://jira.oci.oraclecorp.com/browse/LINUX-6128 - -Signed-off-by: Si-Wei Liu ---- - cloudinit/net/sysconfig.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py -index e94590f..55b7db5 100644 ---- a/cloudinit/net/sysconfig.py -+++ b/cloudinit/net/sysconfig.py -@@ -35,6 +35,7 @@ - "suse", - "TencentOS", - "virtuozzo", -+ "ol", - ] - - diff --git a/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch b/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch deleted file mode 100644 index 992c033..0000000 --- a/SOURCES/orabug30435672-003-cloud-init-collect-logs.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 51cdd87ad861d5d47c212258bf00402a4dec2198 Mon Sep 17 00:00:00 2001 -From: Darren Archibald -Date: Fri, 23 Feb 2024 06:17:54 -0800 -Subject: [PATCH] Update cloud-init collect-logs for Oracle Linux - -Updating the code to collect triage logs with OL distro specic methods. - -Orabug: 30435672 - -Signed-off-by: Vijay Balakrishna -Reviewed-by: Si-Wei Liu -Acked-by: Joe Kennedy -Reviewed-by: Laurence Rochfort -Signed-off-by: Rajesh Harekal ---- - cloudinit/cmd/devel/logs.py | 26 ++++++++++++++++---------- - cloudinit/util.py | 1 + - 2 files changed, 17 insertions(+), 10 deletions(-) - -diff --git a/cloudinit/cmd/devel/logs.py b/cloudinit/cmd/devel/logs.py -index 8312218..85d976a 100755 ---- a/cloudinit/cmd/devel/logs.py -+++ b/cloudinit/cmd/devel/logs.py -@@ -21,7 +21,7 @@ - from cloudinit.stages import Init - from cloudinit.subp import ProcessExecutionError, subp - from cloudinit.temp_utils import tempdir --from cloudinit.util import copy, get_config_logfiles, write_file -+from cloudinit.util import copy, get_config_logfiles, write_file, system_info - - LOG = cast(loggers.CustomLoggerType, logging.getLogger(__name__)) - -@@ -214,13 +214,21 @@ - file_path=log_dir / "version", - msg="cloud-init --version", - ) -- dpkg_ver = _write_command_output_to_file( -- cmd=["dpkg-query", "--show", "-f=${Version}\n", "cloud-init"], -- file_path=log_dir / "dpkg-version", -- msg="dpkg version", -- ) -- if not version: -- version = dpkg_ver or "not-available" -+ if system_info()['variant'] == "ol": -+ rpm_ver = _write_command_output_to_file( -+ cmd=["rpm", "-q", "--queryformat", -+ "[%{VERSION}-%{RELEASE}.%{ARCH}]\n", "cloud-init"], -+ file_path=log_dir / "rpm-version", -+ msg="rpm version") -+ if not version: -+ version = rpm_ver if rpm_ver else "not-available" -+ else: -+ dpkg_ver = _write_command_output_to_file( -+ cmd=["dpkg-query", "--show", "-f=${Version}\n", "cloud-init"], -+ file_path=log_dir / "dpkg-version", -+ msg="dpkg version") -+ if not version: -+ version = dpkg_ver or "not-available" - - - def _collect_system_logs( -diff --git a/cloudinit/util.py b/cloudinit/util.py -index 3295735..db7bb97 100644 ---- a/cloudinit/util.py -+++ b/cloudinit/util.py -@@ -660,6 +660,7 @@ def _get_variant(info): - "suse", - "tencentos", - "virtuozzo", -+ "ol", - ): - variant = linux_dist - elif linux_dist in ("ubuntu", "linuxmint", "mint"): --- -2.31.1 - diff --git a/SOURCES/orabug30435672-004-ol-cloud-config.patch b/SOURCES/orabug30435672-004-ol-cloud-config.patch deleted file mode 100644 index 5958b77..0000000 --- a/SOURCES/orabug30435672-004-ol-cloud-config.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 250aa45f74e29b95f81b24811c972369605bd24e Mon Sep 17 00:00:00 2001 -From: Vijay Balakrishna -Date: Tue, 5 Nov 2019 16:00:21 -0500 -Subject: [PATCH] Add static cloud.cfg file for OL7. - -Adding OL specific cloud.cfg file to enable updates cloud-init -config file independently, adding newly verified ntp module. - -Orabug: 30435672 - -Signed-off-by: Vijay Balakrishna -Signed-off-by: Si-Wei Liu -Acked-by: Joe Kennedy -Reviewed-by: Laurence Rochfort - ---- - ol/README.ol | 6 ++++++ - ol/cloud.cfg | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 75 insertions(+) - create mode 100644 ol/README.ol - create mode 100644 ol/cloud.cfg - -diff --git a/ol/README.ol b/ol/README.ol -new file mode 100644 -index 0000000..f59d559 ---- /dev/null -+++ b/ol/README.ol -@@ -0,0 +1,6 @@ -+The following cloud-init modules are currently unsupported on this OS: -+ - apt_update_upgrade ('apt_update', 'apt_upgrade', 'apt_mirror', 'apt_preserve_sources_list', 'apt_old_mirror', 'apt_sources', 'debconf_selections', 'packages' options) -+ - byobu ('byobu_by_default' option) -+ - chef -+ - grub_dpkg -+ - rh_subscription -diff --git a/ol/cloud.cfg b/ol/cloud.cfg -new file mode 100644 -index 0000000..2ee1fb3 ---- /dev/null -+++ b/ol/cloud.cfg -@@ -0,0 +1,69 @@ -+users: -+ - default -+ -+disable_root: 1 -+ssh_pwauth: 0 -+ -+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2'] -+resize_rootfs_tmp: /dev -+ssh_deletekeys: 0 -+ssh_genkeytypes: ~ -+syslog_fix_perms: ~ -+disable_vmware_customization: false -+ -+cloud_init_modules: -+ - disk_setup -+ - migrator -+ - bootcmd -+ - write-files -+ - growpart -+ - resizefs -+ - set_hostname -+ - update_hostname -+ - update_etc_hosts -+ - rsyslog -+ - users-groups -+ - ssh -+ -+cloud_config_modules: -+ - mounts -+ - locale -+ - set-passwords -+ - ntp -+ - yum-add-repo -+ - package-update-upgrade-install -+ - timezone -+ - puppet -+ - chef -+ - salt-minion -+ - mcollective -+ - disable-ec2-metadata -+ - runcmd -+ -+cloud_final_modules: -+ - rightscale_userdata -+ - scripts-per-once -+ - scripts-per-boot -+ - scripts-per-instance -+ - scripts-user -+ - ssh-authkey-fingerprints -+ - keys-to-console -+ - phone-home -+ - final-message -+ - power-state-change -+ -+system_info: -+ default_user: -+ name: cloud-user -+ lock_passwd: true -+ gecos: Cloud User -+ groups: [adm, systemd-journal] -+ sudo: ["ALL=(ALL) NOPASSWD:ALL"] -+ shell: /bin/bash -+ distro: rhel -+ paths: -+ cloud_dir: /var/lib/cloud -+ templates_dir: /etc/cloud/templates -+ ssh_svcname: sshd -+ -+# vim:syntax=yaml --- -1.8.3.1 - diff --git a/SOURCES/orabug30435672-006-cc_spacewalk.py.patch b/SOURCES/orabug30435672-006-cc_spacewalk.py.patch deleted file mode 100644 index f4d4517..0000000 --- a/SOURCES/orabug30435672-006-cc_spacewalk.py.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 2b92e042bb8a4510abec38fcfc302d8de1e28f37 Mon Sep 17 00:00:00 2001 -From: Darren Archibald -Date: Fri, 23 Feb 2024 06:55:32 -0800 -Subject: [PATCH] spacewalk: fix CA cert file path for Oracle Linux - -Update the CA cert file that is available in Oracle Linux to register with ULN. - -Orabug: 30435672 - -Signed-off-by: Si-Wei Liu -Signed-off-by: Vijay Balakrishna -Acked-by: Joe Kennedy -Reviewed-by: Laurence Rochfort -Signed-off-by: Darren Archibald -Signed-off-by: Rajesh Harekal ---- - cloudinit/config/cc_spacewalk.py | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/cloudinit/config/cc_spacewalk.py b/cloudinit/config/cc_spacewalk.py -index 08514f2..7248cce 100644 ---- a/cloudinit/config/cc_spacewalk.py -+++ b/cloudinit/config/cc_spacewalk.py -@@ -3,7 +3,7 @@ - - import logging - --from cloudinit import subp -+from cloudinit import subp, util - from cloudinit.cloud import Cloud - from cloudinit.config import Config - from cloudinit.config.schema import MetaSchema -@@ -21,6 +21,7 @@ - distros = ["redhat", "fedora", "openeuler"] - required_packages = ["rhn-setup"] - def_ca_cert_path = "/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT" -+ol_ca_cert_path = "/usr/share/rhn/ULN-CA-CERT" - - - def is_registered(): -@@ -74,9 +75,14 @@ - # Need to have this installed before further things will work. - cloud.distro.install_packages(required_packages) - if not is_registered(): -+ if util.system_info()['variant'] == "ol": -+ cert = ol_ca_cert_path -+ else: -+ cert = def_ca_cert_path - do_register( - spacewalk_server, - cloud.datasource.get_hostname(fqdn=True).hostname, -+ ca_cert_path=cert, - proxy=cfg.get("proxy"), - activation_key=cfg.get("activation_key"), - ) diff --git a/SOURCES/orabug32183938-009-missing-sshd-services.patch b/SOURCES/orabug32183938-009-missing-sshd-services.patch deleted file mode 100644 index 3386a06..0000000 --- a/SOURCES/orabug32183938-009-missing-sshd-services.patch +++ /dev/null @@ -1,31 +0,0 @@ -cloud-init service file is missing sshd required services -Orabug: 32183938 - -in the systemd sshd-keygen.target file, the following services are listed: -[Unit] -Wants=sshd-keygen@rsa.service -Wants=sshd-keygen@ecdsa.service -Wants=sshd-keygen@ed25519.service - -Need to add the following to the cloud-init service file: -Before=sshd-keygen@rsa.service -Before=sshd-keygen@ecdsa.service -Before=sshd-keygen@ed25519.service - -Signed-off-by: Isaac Chen -Signed-off-by: Rajesh Harekal - -diff -up cloud-init-19.4/systemd/cloud-init.service.tmpl.orig cloud-init-19.4/systemd/cloud-init.service.tmpl ---- cloud-init-24.4/systemd/cloud-init.service.tmpl 2025-01-28 11:13:57.339346352 -0800 -+++ cloud-init-24.4/systemd/cloud-init.service.tmpl 2025-01-28 11:14:31.587669418 -0800 -@@ -28,7 +28,9 @@ - After=dbus.service - {% endif %} - Before=network-online.target --Before=sshd-keygen.service -+Before=sshd-keygen@rsa.service -+Before=sshd-keygen@ecdsa.service -+Before=sshd-keygen@ed25519.service - Before=sshd.service - Before=systemd-user-sessions.service - {% if variant in ["ubuntu", "unknown", "debian"] %} diff --git a/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch b/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch deleted file mode 100644 index 7cb4fb0..0000000 --- a/SOURCES/orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch +++ /dev/null @@ -1,22 +0,0 @@ -cloud-init service file is missing sshd required services -Orabug: 32183938 - -This patch is the supplement of patch orabug32183938-009, where changes -to cloud-init.service also need to be added to files in rhel/systemd. - -Signed-off-by: Isaac Chen - -diff -up cloud-init-19.4/systemd/cloud-init.service.tmpl.orig cloud-init-19.4/systemd/cloud-init.service.tmpl ---- cloud-init-19.4/systemd/cloud-init.service.tmpl.orig 2020-12-11 19:59:37.331277979 -0800 -+++ cloud-init-19.4/systemd/cloud-init.service.tmpl 2020-12-11 20:00:38.867459043 -0800 -@@ -5,7 +5,9 @@ - DefaultDependencies=no - {% endif %} - Wants=cloud-init-local.service --Wants=sshd-keygen.service -+Wants=sshd-keygen@rsa.service -+Wants=sshd-keygen@ecdsa.service -+Wants=sshd-keygen@ed25519.service - Wants=sshd.service - After=cloud-init-local.service - After=systemd-networkd-wait-online.service diff --git a/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch b/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch deleted file mode 100644 index 49ff3cb..0000000 --- a/SOURCES/orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch +++ /dev/null @@ -1,287 +0,0 @@ -From e921be03f802ee154ed1ddf044e276b23af0d2b6 Mon Sep 17 00:00:00 2001 -From: Darren Archibald -Date: Fri, 23 Feb 2024 07:52:25 -0800 -Subject: [PATCH] Add Oracle to distro detection logic in cloud.cfg.tmpl - -Oracle Linux is being detected as "ol" variant by cloud-init. -This patch adds "ol" to the list of supported variants, and applies needed settings to it. -You can notice that variant "ol" is being set as distro "rhel" in a couple of places, -that is expected as this designated that base distro for "ol" is "rhel" ( which is true ) - -The main reason for this change is that cloud-init package dropped hardcoded configs that set OL as rhel -and to make cloud-init behave on OL systems as expected we need to add "ol" designation to supported list. - -Orabug: 34845400 -Signed-off-by: Alex Burmashev -Signed-off-by: Darren Archibald -Signed-off-by: Rajesh Harekal ---- - cloudinit/distros/__init__.py | 1 + - cloudinit/sources/DataSourceRbxCloud.py | 2 +- - config/cloud.cfg.tmpl | 33 ++++++++++++++++++------- - systemd/cloud-final.service | 4 ++- - systemd/cloud-init-local.service.tmpl | 12 ++++++--- - systemd/cloud-init.service.tmpl | 8 ++++-- - systemd/cloud-init-generator.tmpl | 1 +++-- - tests/unittests/test_util.py | 1 + - 8 files changed, 48 insertions(+), 17 deletions(-) - -diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py -index 79e2623..8f1381b 100644 ---- a/cloudinit/distros/__init__.py -+++ b/cloudinit/distros/__init__.py -@@ -78,6 +78,7 @@ OSFAMILIES = { - "rhel", - "rocky", - "virtuozzo", -+ "ol", - ], - "suse": [ - "opensuse", -diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py -index 9214f1b..5379132 100644 ---- a/cloudinit/sources/DataSourceRbxCloud.py -+++ b/cloudinit/sources/DataSourceRbxCloud.py -@@ -60,7 +60,7 @@ def _sub_arp(cmd): - - def gratuitous_arp(items, distro): - source_param = "-S" -- if distro.name in ["fedora", "centos", "rhel"]: -+ if distro.name in ["fedora", "centos", "rhel", "ol"]: - source_param = "-s" - for item in items: - try: -diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl -index a470120..f440830 100644 ---- a/config/cloud.cfg.tmpl -+++ b/config/cloud.cfg.tmpl -@@ -59,10 +59,10 @@ - {% endif %} - - {%- if variant in ["alpine", "amazon", "fedora", "OpenCloudOS", "openeuler", -- "openmandriva", "photon", "TencentOS"] or is_rhel %} -+ "openmandriva", "photon", "TencentOS", "ol"] or is_rhel %} - --{% if is_rhel %} --mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.after=cloud-init-network.service,_netdev', '0', '2'] -+{% if variant in ["ol"] or is_rhel %} -+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.after=cloud-init.service,_netdev', '0', '2'] - {% else %} - mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2'] - {% endif %} -@@ -101,7 +101,7 @@ - - {% endif -%} - --{% if is_rhel %} -+{% if variant in ["ol"] or is_rhel %} - # Default redhat settings: - ssh_deletekeys: true - ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519'] -@@ -166,18 +166,20 @@ - - ubuntu_pro - {% endif %} - {% elif variant in ["azurelinux", "fedora", "mariner", "openeuler", -- "openmandriva", "photon"] or is_rhel %} -+ "openmandriva", "photon", "ol"] or is_rhel %} - {% if is_rhel %} - - rh_subscription - {% endif %} --{% if variant not in ["azurelinux", "mariner", "photon"] %} -+{% if variant not in ["azurelinux", "mariner", "photon", "ol"] %} - - spacewalk - {% endif %} - - yum_add_repo - {% elif variant == "suse" %} - - zypper_add_repo - {% endif %} -+{% if variant not in ["ol"] %} - - ntp -+{% endif %} - - timezone - {% if variant not in ["azurelinux"] %} - - disable_ec2_metadata -@@ -207,6 +209,8 @@ - {% if variant not in ["azurelinux"] %} - - mcollective - - salt_minion -+{% endif %} -+{% if variant not in ["azurelinux", "ol"] %} - - reset_rmc - {% endif %} - - scripts_vendor -@@ -230,6 +234,8 @@ - "OpenCloudOS", "openeuler", "openmandriva", "photon", "suse", - "TencentOS", "ubuntu"] or is_rhel %} - distro: {{ variant }} -+{% elif variant == "ol" %} -+ distro: rhel - {% elif variant == "dragonfly" %} - distro: dragonflybsd - {% else %} -@@ -238,7 +244,9 @@ - {% endif %} - # Default user name + that default users groups (if added/used) - default_user: --{% if variant in usernames %} -+{% if variant == "ol" %} -+ name: cloud-user -+{% elif variant in usernames %} - name: {{ usernames[variant] }} - {% else %} - name: {{ variant }} -@@ -246,11 +254,13 @@ - {% if variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "debian", "fedora", - "gentoo", "mariner", "OpenCloudOS", "openeuler", - "openmandriva", "photon", "suse", "TencentOS", "ubuntu", -- "unknown"] -+ "unknown", "ol"] - or is_bsd or is_rhel %} - lock_passwd: True - {% endif %} --{% if variant in gecos %} -+{% if variant == "ol" %} -+ gecos: Cloud User -+{% elif variant in gecos %} - gecos: {{ gecos[variant] }} - {% else %} - gecos: {{ variant }} Cloud User -@@ -259,7 +269,7 @@ - groups: [{{ groups[variant] }}] - {% elif is_bsd %} - groups: [wheel] --{% elif is_rhel %} -+{% elif variant in ["ol"] or is_rhel %} - groups: [adm, systemd-journal] - {% else %} - groups: [wheel, adm, systemd-journal] -@@ -328,7 +338,7 @@ - {% if variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "debian", "fedora", - "gentoo", "mariner", "OpenCloudOS", "openeuler", - "openmandriva", "photon", "suse", "TencentOS", "ubuntu", -- "unknown"] -+ "unknown", "ol"] - or is_rhel %} - # Other config here will be given to the distro class and/or path classes - paths: -@@ -375,7 +385,7 @@ - ssh_svcname: ssh - {% elif variant in ["alpine", "amazon", "aosc", "arch", "azurelinux", "fedora", - "gentoo", "mariner", "OpenCloudOS", "openeuler", -- "openmandriva", "photon", "suse", "TencentOS"] -+ "openmandriva", "photon", "suse", "TencentOS", "ol"] - or is_rhel %} - ssh_svcname: sshd - {% endif %} - -diff --git a/systemd/cloud-final.service b/systemd/cloud-final.service -index ab3daed..1c69dde 100644 ---- a/systemd/cloud-final.service -+++ b/systemd/cloud-final.service -@@ -3,7 +3,6 @@ - Description=Cloud-init: Final Stage - After=network-online.target time-sync.target cloud-config.service rc-local.service - After=multi-user.target --Before=apt-daily.service - Wants=network-online.target cloud-config.service - ConditionPathExists=!/etc/cloud/cloud-init.disabled - ConditionKernelCommandLine=!cloud-init=disabled - -diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl -index 3a1ca7f..4750c36 100644 ---- a/systemd/cloud-init-local.service.tmpl -+++ b/systemd/cloud-init-local.service.tmpl -@@ -2,19 +2,21 @@ - [Unit] - # https://docs.cloud-init.io/en/latest/explanation/boot.html - Description=Cloud-init: Local Stage (pre-network) --{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel"] %} -+{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel", "ol"] %} - DefaultDependencies=no - {% endif %} - Wants=network-pre.target -+{% if variant not in ["ol"] %} - After=hv_kvp_daemon.service --{% if variant in ["almalinux", "cloudlinux", "rhel"] %} -+{% endif %} -+{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} - Requires=dbus.socket - After=dbus.socket - {% endif %} - After=systemd-remount-fs.service - Before=network-pre.target - Before=shutdown.target --{% if variant in ["almalinux", "cloudlinux", "rhel"] %} -+{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} - Before=firewalld.target - {% endif %} - {% if variant in ["ubuntu", "unknown", "debian"] %} -@@ -28,7 +30,7 @@ - - [Service] - Type=oneshot --{% if variant in ["almalinux", "cloudlinux", "rhel"] %} -+{% if variant in ["almalinux", "cloudlinux", "rhel", "ol"] %} - ExecStartPre=/sbin/restorecon /run/cloud-init - {% endif %} - ExecStart=/usr/bin/cloud-init init --local - -diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl -index 90d45f2..2e1ce48 100644 ---- a/systemd/cloud-init.service.tmpl -+++ b/systemd/cloud-init.service.tmpl -@@ -2,7 +2,7 @@ - [Unit] - # https://docs.cloud-init.io/en/latest/explanation/boot.html - Description=Cloud-init: Network Stage --{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %} -+{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel", "ol"] %} - DefaultDependencies=no - {% endif %} - Wants=cloud-init-local.service -@@ -11,13 +11,15 @@ - Wants=sshd-keygen@ed25519.service - Wants=sshd.service - After=cloud-init-local.service -+{% if variant not in ["ol"] %} - After=systemd-networkd-wait-online.service -+{% endif %} - {% if variant in ["ubuntu", "unknown", "debian"] %} - After=networking.service - {% endif %} - {% if variant in ["almalinux", "centos", "cloudlinux", "eurolinux", "fedora", - "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", -- "suse", "TencentOS", "virtuozzo"] %} -+ "suse", "TencentOS", "virtuozzo", "ol"] %} - - After=NetworkManager.service - After=NetworkManager-wait-online.service - -diff --git a/systemd/cloud-init-generator.tmpl b/systemd/cloud-init-generator.tmpl ---- a/systemd/cloud-init-generator.tmpl -+++ b/systemd/cloud-init-generator.tmpl -@@ -21,7 +21,7 @@ - CLOUD_SYSTEM_TARGET="/lib/systemd/system/cloud-init.target" - {% endif %} - {% if variant in ["almalinux", "centos", "cloudlinux", "eurolinux", "fedora", -- "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", "TencentOS", "virtuozzo"] %} -+ "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", "TencentOS", "virtuozzo", "ol"] %} - dsidentify="/usr/libexec/cloud-init/ds-identify" - {% elif variant == "benchmark" %} - dsidentify="/bin/true" - -diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py -index 519ef63..323e7f6 100644 ---- a/tests/unittests/test_util.py -+++ b/tests/unittests/test_util.py -@@ -1311,6 +1311,7 @@ class TestGetVariant: - ({"system": "linux", "dist": ("sles",)}, "suse"), - ({"system": "linux", "dist": ("sle_hpc",)}, "suse"), - ({"system": "linux", "dist": ("my_distro",)}, "linux"), -+ ({"system": "linux", "dist": ("ol",)}, "ol"), - ({"system": "Windows", "dist": ("dontcare",)}, "windows"), - ({"system": "Darwin", "dist": ("dontcare",)}, "darwin"), - ({"system": "Freebsd", "dist": ("dontcare",)}, "freebsd"), --- -2.31.1 - diff --git a/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch b/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch deleted file mode 100644 index 5a2835e..0000000 --- a/SOURCES/orabug35950168-DataSourceOracle-network-getdata-updates.patch +++ /dev/null @@ -1,115 +0,0 @@ -Patch to adapt DataSourceOracle and make it functional for OCI. -Also includes setting for retries and timeouts previously provided by -a separate patch to help PCA instances get IMDS data. - -Orabug: 37065979 - -Signed-off-by: Rajesh Harekal ---- -diff -git a/cloudinit/sources/DataSourceOracle.py b/cloudinit/sources/DataSourceOracle.py ---- a/cloudinit/sources/DataSourceOracle.py 2025-03-07 16:04:37.773216485 -0800 -+++ a/cloudinit/sources/DataSourceOracle.py 2025-03-07 16:32:33.174574170 -0800 -@@ -15,6 +15,7 @@ - - import base64 - import ipaddress -+import os - import json - import logging - import time -@@ -32,6 +33,8 @@ - - LOG = logging.getLogger(__name__) - -+ISCSI_IBFT_PATH='/sys/firmware/acpi/tables/iBFT' -+ - BUILTIN_DS_CONFIG = { - # Don't use IMDS to configure secondary NICs by default - "configure_secondary_nics": False, -@@ -135,8 +138,8 @@ - perform_dhcp_setup = True - - # Careful...these can be overridden in __init__ -- url_max_wait = 30 -- url_timeout = 5 -+ url_max_wait = 180 -+ url_timeout = 20 - - def __init__(self, sys_cfg, *args, **kwargs): - super(DataSourceOracle, self).__init__(sys_cfg, *args, **kwargs) -@@ -149,7 +152,7 @@ - ] - ) - self._network_config_source = KlibcOracleNetworkConfigSource() -- self._network_config: dict = {"config": [], "version": 1} -+ self._network_config = sources.UNSET - - url_params = self.get_url_params() - self.url_max_wait = url_params.max_wait_seconds -@@ -274,7 +277,7 @@ - - def _is_iscsi_root(self) -> bool: - """Return whether we are on a iscsi machine.""" -- return self._network_config_source.is_applicable() -+ return self._network_config_source.is_applicable() or bool(os.path.exists(ISCSI_IBFT_PATH)) - - def _get_iscsi_config(self) -> dict: - return self._network_config_source.render_config() -@@ -294,34 +297,31 @@ - - set_primary = False - # this is v1 -- if self._is_iscsi_root(): -- self._network_config = self._get_iscsi_config() -- if not self._has_network_config(): -- LOG.warning( -- "Could not obtain network configuration from initramfs. " -- "Falling back to IMDS." -+ if self._network_config == sources.UNSET: -+ # this is v1 -+ if not self._has_network_config(): -+ self._network_config = self.distro.generate_fallback_config() -+ set_primary = True -+ -+ set_secondary = self.ds_cfg.get( -+ "configure_secondary_nics", -+ BUILTIN_DS_CONFIG["configure_secondary_nics"], - ) -- set_primary = True -- -- set_secondary = self.ds_cfg.get( -- "configure_secondary_nics", -- BUILTIN_DS_CONFIG["configure_secondary_nics"], -- ) -- if set_primary or set_secondary: -- try: -- # Mutate self._network_config to include primary and/or -- # secondary VNICs -- self._add_network_config_from_opc_imds(set_primary) -- except Exception: -- util.logexc( -- LOG, -- "Failed to parse IMDS network configuration!", -- ) -+ if set_primary or set_secondary: -+ try: -+ # Mutate self._network_config to include primary and/or -+ # secondary VNICs -+ self._add_network_config_from_opc_imds(set_primary) -+ except Exception: -+ util.logexc( -+ LOG, -+ "Failed to parse IMDS network configuration!", -+ ) - -- # we need to verify that the nic selected is not a netfail over -- # device and, if it is a netfail master, then we need to avoid -- # emitting any match by mac -- _ensure_netfailover_safe(self._network_config) -+ # we need to verify that the nic selected is not a netfail over -+ # device and, if it is a netfail master, then we need to avoid -+ # emitting any match by mac -+ _ensure_netfailover_safe(self._network_config) - - return self._network_config - diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec index ace737f..60f5d6d 100644 --- a/SPECS/cloud-init.spec +++ b/SPECS/cloud-init.spec @@ -1,96 +1,82 @@ -Name: cloud-init -Version: 24.4 -Release: 4.0.1%{?dist}.3 -Summary: Cloud instance init scripts -License: ASL 2.0 or GPLv3 -URL: http://launchpad.net/cloud-init -Source0: https://github.com/canonical/cloud-init/archive/refs/tags/%{version}.tar.gz -Source1: cloud-init-tmpfiles.conf +Name: cloud-init +Version: 24.4 +Release: 4%{?dist}.3 +Summary: Cloud instance init scripts +License: ASL 2.0 or GPLv3 +URL: http://launchpad.net/cloud-init +Source0: https://github.com/canonical/cloud-init/archive/refs/tags/%{version}.tar.gz +Source1: cloud-init-tmpfiles.conf # Source-git patches -Patch1: 0001-downstream-Add-initial-redhat-changes.patch -Patch2: 0002-downstream-Setting-autoconnect-priority-setting-for-.patch -Patch3: 0004-downstream-Revert-chore-eliminate-redundant-ordering.patch -Patch4: 0005-downstream-remove-single-process-optimization.patch -Patch5: 0006-fix-don-t-deadlock-when-starting-network-service-wit.patch +Patch1: 0001-downstream-Add-initial-redhat-changes.patch +Patch2: 0002-downstream-Setting-autoconnect-priority-setting-for-.patch +Patch3: 0004-downstream-Revert-chore-eliminate-redundant-ordering.patch +Patch4: 0005-downstream-remove-single-process-optimization.patch +Patch5: 0006-fix-don-t-deadlock-when-starting-network-service-wit.patch # For RHEL-74334 - [rhel-9.6] Suggest to continue using sysconfig as the default network renderer in rhel-9.6 -Patch6: ci-downstream-Revert-feat-Use-NetworkManager-renderer-b.patch +Patch6: ci-downstream-Revert-feat-Use-NetworkManager-renderer-b.patch # For RHEL-71122 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [RHEL-9.6] -Patch7: ci-Use-log_with_downgradable_level-for-user-password-wa.patch +Patch7: ci-Use-log_with_downgradable_level-for-user-password-wa.patch # For RHEL-71122 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [RHEL-9.6] -Patch8: ci-downstream-set-deprecation-boundary-version.patch +Patch8: ci-downstream-set-deprecation-boundary-version.patch # For RHEL-76361 - [c9s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network -Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch +Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch # For RHEL-83636 - DataSourceNoCloudNet network configuration is ineffective [rhel-9.6.z] -Patch10: ci-fix-NM-reload-and-bring-up-individual-network-conns-.patch -Patch11: 0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch +Patch10: ci-fix-NM-reload-and-bring-up-individual-network-conns-.patch +Patch11: 0003-downstream-Retain-exit-code-in-cloud-init-status-for.patch # For RHEL-100611 - CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z] -Patch12: ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch +Patch12: ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch # For RHEL-100611 - CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z] -Patch13: ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch +Patch13: ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch -# Oracle patches -Patch100: 0041-enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch -Patch101: ignore-enslaved-interface.patch -Patch102: ol-sysconfig-add-Oracle-Linux-variant-to-known-distros.patch -Patch103: 0106-tests-unittests-add-a-new-unit-test-for-network-mana.patch -# Oracle specific patches (preferred prefix: "ol" or "orabugNNNNNNNN") -Patch1001: orabug30435672-003-cloud-init-collect-logs.patch -Patch1002: orabug30435672-004-ol-cloud-config.patch -Patch1003: orabug30435672-006-cc_spacewalk.py.patch -Patch1004: orabug32183938-009-missing-sshd-services.patch -Patch1005: orabug32183938-010-missing-sshd-services-in-rhel-systemd.patch -Patch1006: orabug34845400-Add-Oracle-to-distro-detection-logic-in-cloud.cfg.tm.patch -Patch1007: orabug35950168-DataSourceOracle-network-getdata-updates.patch +BuildArch: noarch -BuildArch: noarch - -BuildRequires: pkgconfig(systemd) -BuildRequires: python3-devel -BuildRequires: python3-setuptools -BuildRequires: systemd +BuildRequires: pkgconfig(systemd) +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: systemd # For tests -BuildRequires: iproute -BuildRequires: python3-configobj +BuildRequires: iproute +BuildRequires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 -BuildRequires: python3-distro -BuildRequires: python3-jinja2 -BuildRequires: python3-jsonpatch -BuildRequires: python3-oauthlib -BuildRequires: python3-prettytable -BuildRequires: python3-pyserial -BuildRequires: python3-PyYAML -BuildRequires: python3-requests -BuildRequires: python3-six +BuildRequires: python3-distro +BuildRequires: python3-jinja2 +BuildRequires: python3-jsonpatch +BuildRequires: python3-oauthlib +BuildRequires: python3-prettytable +BuildRequires: python3-pyserial +BuildRequires: python3-PyYAML +BuildRequires: python3-requests +BuildRequires: python3-six # dnf is needed to make cc_ntp unit tests work # https://bugs.launchpad.net/cloud-init/+bug/1721573 -BuildRequires: /usr/bin/dnf +BuildRequires: /usr/bin/dnf -Requires: e2fsprogs -Requires: iproute -Requires: libselinux-python3 -Requires: policycoreutils-python3 -Requires: procps -Requires: python3-configobj +Requires: e2fsprogs +Requires: iproute +Requires: libselinux-python3 +Requires: policycoreutils-python3 +Requires: procps +Requires: python3-configobj # https://bugzilla.redhat.com/show_bug.cgi?id=1695953 -Requires: python3-distro -Requires: python3-jinja2 -Requires: python3-jsonpatch -Requires: python3-oauthlib -Requires: python3-prettytable -Requires: python3-pyserial -Requires: python3-PyYAML -Requires: python3-requests -Requires: python3-six -Requires: shadow-utils -Requires: util-linux -Requires: xfsprogs -Requires: dhcp-client +Requires: python3-distro +Requires: python3-jinja2 +Requires: python3-jsonpatch +Requires: python3-oauthlib +Requires: python3-prettytable +Requires: python3-pyserial +Requires: python3-PyYAML +Requires: python3-requests +Requires: python3-six +Requires: shadow-utils +Requires: util-linux +Requires: xfsprogs +Requires: dhcp-client # https://bugzilla.redhat.com/show_bug.cgi?id=2032524 -Requires: gdisk -Requires: openssl -Requires: python3-netifaces +Requires: gdisk +Requires: openssl +Requires: python3-netifaces %{?systemd_requires} @@ -256,24 +242,6 @@ fi %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog -* Mon Jul 14 2025 Craig Guiller - 24.4-4.0.1.el9_6.3 -- Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168] -- Fix log file permission [Orabug: 35302969] -- Update detection logic for OL distros in config template [Orabug: 34845400] -- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938] -- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938] -- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672] -- limit permissions [Orabug: 31352433] -- Changes to ignore all enslaved interfaces [Orabug: 30092148] -- Make Oracle datasource detect dracut based config files [Orabug: 29956753] -- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: - 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata - 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader - Resolves: Oracle-Bug:41660 (Bugzilla) -- added OL to list of known distros -Resolves: rhbz#1427280 -Resolves: rhbz#1427280 - * Thu Jul 03 2025 Miroslav Rezanina - 24.4-4.el9_6.3 - ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100611] - ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100611] @@ -821,7 +789,7 @@ Resolves: rhbz#1427280 * Thu Apr 13 2017 Charalampos Stratakis 0.7.9-4 - Import to RHEL 7 -Resolves: rhbz#1427280 +Resolves: rhbz#1427280 * Tue Mar 07 2017 Lars Kellogg-Stedman 0.7.9-3 - fixes for network config generation