import CS cloud-init-23.1.1-11.el9
This commit is contained in:
parent
5231c595b0
commit
5d7981bee5
@ -1 +1 @@
|
||||
830185bb5ce87ad86e4d1c0c62329bb255ec1648 SOURCES/cloud-init-22.1.tar.gz
|
||||
0b491818abcdce5ba6c1b30c75dd680d6ee3983e SOURCES/23.1.1.tar.gz
|
||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
||||
SOURCES/cloud-init-22.1.tar.gz
|
||||
SOURCES/23.1.1.tar.gz
|
||||
|
@ -1,621 +1,61 @@
|
||||
From 7daf47d1ee60a132244f2a9ec4e89ad496c32c3e Mon Sep 17 00:00:00 2001
|
||||
From c4d66915520554adedff9be7396f877cd1a5525c Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Mon, 28 Mar 2022 14:08:05 +0200
|
||||
Subject: Add initial redhat setup
|
||||
Date: Mon, 6 Mar 2023 16:37:20 +0100
|
||||
Subject: [PATCH] Add initial redhat changes
|
||||
|
||||
Merged patches (22.1):
|
||||
- 70f80f82 Use _systemdgeneratordir macro for cloud-init-generator handling
|
||||
- 0f74e7b8 Add dhcp-client as a dependency
|
||||
- 791eb2b6 Report full specific version with "cloud-init --version"
|
||||
- 865805d6 source-git: Use dynamic SRPM_NAME
|
||||
- 45ddc666 add the drop-in also in the %files section of cloud-init.spec
|
||||
- 08d939b2 Add gdisk and openssl as deps to fix UEFI / Azure initialization
|
||||
- 0531cd68 Add netifaces package as a Requires in cloud-init.spec.template
|
||||
Adding minimal set of changes necessary for successful build of the package
|
||||
on RHEL/CentOS 9 Stream koji.
|
||||
|
||||
Merged patches (23.1.1):
|
||||
724a80ac Add TargetRelease
|
||||
967a4405b rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
|
||||
^ Merged since it removes hunks added in this commit itself
|
||||
|
||||
Discarded because not needed anymore (packit):
|
||||
e3fd7ce12 Configure Packit to ignore the .gitignore file
|
||||
e18654e9 Fixes for packit support
|
||||
|
||||
Discarded because file does not exist anymore and templates are aligned with upstream:
|
||||
3576b12460bf18557857ee25df6bf530dab66612 Adding _netdev to the default mount configuration
|
||||
8092b57ab245856ff1fdde1469960608a489c95e Remove rhel specific files
|
||||
|
||||
Added the following entry to %files to keep track of the new README file in config/clean.d/README
|
||||
%doc %{_sysconfdir}/cloud/clean.d/README
|
||||
|
||||
ignored
|
||||
c75e509b0 Revert "Revert "Setting highest autoconnect priority for network-scripts""
|
||||
0eba5c619 Revert "Setting highest autoconnect priority for network-scripts"
|
||||
|
||||
ignored
|
||||
ba19343c0d9807d0c68a2d8e4ab274f3ca884247 Add Gitlab CI
|
||||
fe09305a5479a4814d6c46df07a906bafa29d637 Delete .gitlab-ci.yml
|
||||
|
||||
Conflicts:
|
||||
- .gitignore
|
||||
- cloudinit/config/cc_chef.py = use double quotes instead of single quotes
|
||||
- cloudinit/settings.py = use rhel settings
|
||||
- cloudinit/sources/DataSourceAzure.py = remove temporary_hostname and helper
|
||||
- requirements.txt = just add netifaces and not jsonschema dep
|
||||
- setup.py = use double quotes instead of single quotes
|
||||
missing rhel/ static files and "" instead of '' in setup.py
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
|
||||
Merged patches (RHEL-9/21.1):
|
||||
- 5688a1d0 Removing python-nose and python-tox as dependency
|
||||
- 237d57f9 Removing mock dependency
|
||||
- d1c2f496 Removing python-jsonschema dependency
|
||||
- 0d1cd14c Don't override default network configuration
|
||||
|
||||
Merged patches (21.1):
|
||||
- 915d30ad Change gating file to correct rhel version
|
||||
- 311f318d Removing net-tools dependency
|
||||
- 74731806 Adding man pages to Red Hat spec file
|
||||
- 758d333d Removing blocking test from yaml configuration file
|
||||
- c7e7c59c Changing permission of cloud-init-generator to 755
|
||||
- 8b85abbb Installing man pages in the correct place with correct permissions
|
||||
- c6808d8d Fix unit failure of cloud-final.service if NetworkManager was not present.
|
||||
- 11866ef6 Report full specific version with "cloud-init --version"
|
||||
|
||||
Rebase notes (18.5):
|
||||
- added bash_completition file
|
||||
- added cloud-id file
|
||||
|
||||
Merged patches (20.3):
|
||||
- 01900d0 changing ds-identify patch from /usr/lib to /usr/libexec
|
||||
- 7f47ca3 Render the generator from template instead of cp
|
||||
|
||||
Merged patches (19.4):
|
||||
- 4ab5a61 Fix for network configuration not persisting after reboot
|
||||
- 84cf125 Removing cloud-user from wheel
|
||||
- 31290ab Adding gating tests for Azure, ESXi and AWS
|
||||
|
||||
Merged patches (18.5):
|
||||
- 2d6b469 add power-state-change module to cloud_final_modules
|
||||
- 764159f Adding systemd mount options to wait for cloud-init
|
||||
- da4d99e Adding disk_setup to rhel/cloud.cfg
|
||||
- f5c6832 Enable cloud-init by default on vmware
|
||||
|
||||
Conflicts:
|
||||
cloudinit/config/cc_chef.py:
|
||||
- Updated header documentation text
|
||||
- Replacing double quotes by simple quotes
|
||||
|
||||
setup.py:
|
||||
- Adding missing cmdclass info
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
Changes:
|
||||
- move redhat to .distro to use new build script structure
|
||||
- Fixing changelog for RHEL 9
|
||||
|
||||
Merged patches (21.1):
|
||||
- 69bd7f71 DataSourceAzure.py: use hostnamectl to set hostname
|
||||
- 0407867e Remove race condition between cloud-init and NetworkManager
|
||||
|
||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
---
|
||||
.distro/.gitignore | 1 +
|
||||
.distro/Makefile | 74 ++++
|
||||
.distro/Makefile.common | 20 +
|
||||
.distro/cloud-init-tmpfiles.conf | 1 +
|
||||
.distro/cloud-init.spec.template | 505 ++++++++++++++++++++++++++
|
||||
.distro/gating.yaml | 8 +
|
||||
.distro/rpmbuild/BUILD/.gitignore | 3 +
|
||||
.distro/rpmbuild/RPMS/.gitignore | 3 +
|
||||
.distro/rpmbuild/SOURCES/.gitignore | 3 +
|
||||
.distro/rpmbuild/SPECS/.gitignore | 3 +
|
||||
.distro/rpmbuild/SRPMS/.gitignore | 3 +
|
||||
.distro/scripts/frh.py | 27 ++
|
||||
.distro/scripts/git-backport-diff | 327 +++++++++++++++++
|
||||
.distro/scripts/git-compile-check | 215 +++++++++++
|
||||
.distro/scripts/process-patches.sh | 88 +++++
|
||||
.distro/scripts/tarball_checksum.sh | 3 +
|
||||
.gitignore | 1 +
|
||||
cloudinit/config/cc_chef.py | 65 +++-
|
||||
cloudinit/settings.py | 21 +-
|
||||
requirements.txt | 3 -
|
||||
rhel/README.rhel | 5 +
|
||||
rhel/cloud-init-tmpfiles.conf | 1 +
|
||||
rhel/cloud.cfg | 69 ++++
|
||||
rhel/systemd/cloud-config.service | 18 +
|
||||
rhel/systemd/cloud-config.target | 11 +
|
||||
rhel/systemd/cloud-final.service | 24 ++
|
||||
rhel/systemd/cloud-init-local.service | 31 ++
|
||||
rhel/systemd/cloud-init.service | 26 ++
|
||||
rhel/systemd/cloud-init.target | 7 +
|
||||
setup.py | 28 +-
|
||||
tools/read-version | 28 +-
|
||||
31 files changed, 1557 insertions(+), 65 deletions(-)
|
||||
create mode 100644 .distro/.gitignore
|
||||
create mode 100644 .distro/Makefile
|
||||
create mode 100644 .distro/Makefile.common
|
||||
create mode 100644 .distro/cloud-init-tmpfiles.conf
|
||||
create mode 100644 .distro/cloud-init.spec.template
|
||||
create mode 100644 .distro/gating.yaml
|
||||
create mode 100644 .distro/rpmbuild/BUILD/.gitignore
|
||||
create mode 100644 .distro/rpmbuild/RPMS/.gitignore
|
||||
create mode 100644 .distro/rpmbuild/SOURCES/.gitignore
|
||||
create mode 100644 .distro/rpmbuild/SPECS/.gitignore
|
||||
create mode 100644 .distro/rpmbuild/SRPMS/.gitignore
|
||||
create mode 100755 .distro/scripts/frh.py
|
||||
create mode 100755 .distro/scripts/git-backport-diff
|
||||
create mode 100755 .distro/scripts/git-compile-check
|
||||
create mode 100755 .distro/scripts/process-patches.sh
|
||||
create mode 100755 .distro/scripts/tarball_checksum.sh
|
||||
create mode 100644 rhel/README.rhel
|
||||
create mode 100644 rhel/cloud-init-tmpfiles.conf
|
||||
create mode 100644 rhel/cloud.cfg
|
||||
create mode 100644 rhel/systemd/cloud-config.service
|
||||
create mode 100644 rhel/systemd/cloud-config.target
|
||||
create mode 100644 rhel/systemd/cloud-final.service
|
||||
create mode 100644 rhel/systemd/cloud-init-local.service
|
||||
create mode 100644 rhel/systemd/cloud-init.service
|
||||
create mode 100644 rhel/systemd/cloud-init.target
|
||||
cloudinit/settings.py | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
|
||||
index fdb3a6e3..d028c548 100644
|
||||
--- a/cloudinit/config/cc_chef.py
|
||||
+++ b/cloudinit/config/cc_chef.py
|
||||
@@ -6,7 +6,70 @@
|
||||
#
|
||||
# This file is part of cloud-init. See LICENSE file for license information.
|
||||
|
||||
-"""Chef: module that configures, starts and installs chef."""
|
||||
+"""
|
||||
+Chef
|
||||
+----
|
||||
+**Summary:** module that configures, starts and installs chef.
|
||||
+
|
||||
+This module enables chef to be installed (from packages or
|
||||
+from gems, or from omnibus). Before this occurs chef configurations are
|
||||
+written to disk (validation.pem, client.pem, firstboot.json, client.rb),
|
||||
+and needed chef folders/directories are created (/etc/chef and /var/log/chef
|
||||
+and so-on). Then once installing proceeds correctly if configured chef will
|
||||
+be started (in daemon mode or in non-daemon mode) and then once that has
|
||||
+finished (if ran in non-daemon mode this will be when chef finishes
|
||||
+converging, if ran in daemon mode then no further actions are possible since
|
||||
+chef will have forked into its own process) then a post run function can
|
||||
+run that can do finishing activities (such as removing the validation pem
|
||||
+file).
|
||||
+
|
||||
+**Internal name:** ``cc_chef``
|
||||
+
|
||||
+**Module frequency:** per always
|
||||
+
|
||||
+**Supported distros:** all
|
||||
+
|
||||
+**Config keys**::
|
||||
+
|
||||
+ chef:
|
||||
+ directories: (defaulting to /etc/chef, /var/log/chef, /var/lib/chef,
|
||||
+ /var/cache/chef, /var/backups/chef, /run/chef)
|
||||
+ validation_cert: (optional string to be written to file validation_key)
|
||||
+ special value 'system' means set use existing file
|
||||
+ validation_key: (optional the path for validation_cert. default
|
||||
+ /etc/chef/validation.pem)
|
||||
+ firstboot_path: (path to write run_list and initial_attributes keys that
|
||||
+ should also be present in this configuration, defaults
|
||||
+ to /etc/chef/firstboot.json)
|
||||
+ exec: boolean to run or not run chef (defaults to false, unless
|
||||
+ a gem installed is requested
|
||||
+ where this will then default
|
||||
+ to true)
|
||||
+
|
||||
+ chef.rb template keys (if falsey, then will be skipped and not
|
||||
+ written to /etc/chef/client.rb)
|
||||
+
|
||||
+ chef:
|
||||
+ client_key:
|
||||
+ encrypted_data_bag_secret:
|
||||
+ environment:
|
||||
+ file_backup_path:
|
||||
+ file_cache_path:
|
||||
+ json_attribs:
|
||||
+ log_level:
|
||||
+ log_location:
|
||||
+ node_name:
|
||||
+ omnibus_url:
|
||||
+ omnibus_url_retries:
|
||||
+ omnibus_version:
|
||||
+ pid_file:
|
||||
+ server_url:
|
||||
+ show_time:
|
||||
+ ssl_verify_mode:
|
||||
+ validation_cert:
|
||||
+ validation_key:
|
||||
+ validation_name:
|
||||
+"""
|
||||
|
||||
import itertools
|
||||
import json
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index ecc1403b..a780e21e 100644
|
||||
index 8684d003..edbb217d 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -48,16 +48,19 @@ CFG_BUILTIN = {
|
||||
# At the end to act as a 'catch' when none of the above work...
|
||||
"None",
|
||||
@@ -53,13 +53,14 @@ CFG_BUILTIN = {
|
||||
],
|
||||
- "def_log_file": "/var/log/cloud-init.log",
|
||||
- "log_cfgs": [],
|
||||
"def_log_file": "/var/log/cloud-init.log",
|
||||
"log_cfgs": [],
|
||||
- "syslog_fix_perms": ["syslog:adm", "root:adm", "root:wheel", "root:root"],
|
||||
- "system_info": {
|
||||
- "paths": {
|
||||
- "cloud_dir": "/var/lib/cloud",
|
||||
- "templates_dir": "/etc/cloud/templates/",
|
||||
+ 'def_log_file': '/var/log/cloud-init.log',
|
||||
+ 'log_cfgs': [],
|
||||
+ 'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
+ 'ssh_deletekeys': False,
|
||||
+ 'ssh_genkeytypes': [],
|
||||
+ 'syslog_fix_perms': [],
|
||||
+ 'system_info': {
|
||||
+ 'paths': {
|
||||
+ 'cloud_dir': '/var/lib/cloud',
|
||||
+ 'templates_dir': '/etc/cloud/templates/',
|
||||
+ "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
|
||||
+ "syslog_fix_perms": [],
|
||||
"system_info": {
|
||||
"paths": {
|
||||
"cloud_dir": "/var/lib/cloud",
|
||||
"templates_dir": "/etc/cloud/templates/",
|
||||
},
|
||||
- "distro": "ubuntu",
|
||||
- "network": {"renderers": None},
|
||||
+ 'distro': 'rhel',
|
||||
+ 'network': {'renderers': None},
|
||||
+ "distro": "rhel",
|
||||
"network": {"renderers": None},
|
||||
},
|
||||
"vendor_data": {"enabled": True, "prefix": []},
|
||||
"vendor_data2": {"enabled": True, "prefix": []},
|
||||
diff --git a/requirements.txt b/requirements.txt
|
||||
index c4adc455..f77f1d73 100644
|
||||
--- a/requirements.txt
|
||||
+++ b/requirements.txt
|
||||
@@ -30,9 +30,6 @@ requests
|
||||
# For patching pieces of cloud-config together
|
||||
jsonpatch
|
||||
|
||||
-# For validating cloud-config sections per schema definitions
|
||||
-jsonschema
|
||||
-
|
||||
# Used by DataSourceVMware to inspect the host's network configuration during
|
||||
# the "setup()" function.
|
||||
#
|
||||
diff --git a/rhel/README.rhel b/rhel/README.rhel
|
||||
new file mode 100644
|
||||
index 00000000..aa29630d
|
||||
--- /dev/null
|
||||
+++ b/rhel/README.rhel
|
||||
@@ -0,0 +1,5 @@
|
||||
+The following cloud-init modules are currently unsupported on this OS:
|
||||
+ - apt_update_upgrade ('apt_update', 'apt_upgrade', 'apt_mirror', 'apt_preserve_sources_list', 'apt_old_mirror', 'apt_sources', 'debconf_selections', 'packages' options)
|
||||
+ - byobu ('byobu_by_default' option)
|
||||
+ - chef
|
||||
+ - grub_dpkg
|
||||
diff --git a/rhel/cloud-init-tmpfiles.conf b/rhel/cloud-init-tmpfiles.conf
|
||||
new file mode 100644
|
||||
index 00000000..0c6d2a3b
|
||||
--- /dev/null
|
||||
+++ b/rhel/cloud-init-tmpfiles.conf
|
||||
@@ -0,0 +1 @@
|
||||
+d /run/cloud-init 0700 root root - -
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
new file mode 100644
|
||||
index 00000000..9ecba215
|
||||
--- /dev/null
|
||||
+++ b/rhel/cloud.cfg
|
||||
@@ -0,0 +1,69 @@
|
||||
+users:
|
||||
+ - default
|
||||
+
|
||||
+disable_root: 1
|
||||
+ssh_pwauth: 0
|
||||
+
|
||||
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
|
||||
+resize_rootfs_tmp: /dev
|
||||
+ssh_deletekeys: 1
|
||||
+ssh_genkeytypes: ~
|
||||
+syslog_fix_perms: ~
|
||||
+disable_vmware_customization: false
|
||||
+
|
||||
+cloud_init_modules:
|
||||
+ - disk_setup
|
||||
+ - migrator
|
||||
+ - bootcmd
|
||||
+ - write-files
|
||||
+ - growpart
|
||||
+ - resizefs
|
||||
+ - set_hostname
|
||||
+ - update_hostname
|
||||
+ - update_etc_hosts
|
||||
+ - rsyslog
|
||||
+ - users-groups
|
||||
+ - ssh
|
||||
+
|
||||
+cloud_config_modules:
|
||||
+ - mounts
|
||||
+ - locale
|
||||
+ - set-passwords
|
||||
+ - rh_subscription
|
||||
+ - yum-add-repo
|
||||
+ - package-update-upgrade-install
|
||||
+ - timezone
|
||||
+ - puppet
|
||||
+ - chef
|
||||
+ - salt-minion
|
||||
+ - mcollective
|
||||
+ - disable-ec2-metadata
|
||||
+ - runcmd
|
||||
+
|
||||
+cloud_final_modules:
|
||||
+ - rightscale_userdata
|
||||
+ - scripts-per-once
|
||||
+ - scripts-per-boot
|
||||
+ - scripts-per-instance
|
||||
+ - scripts-user
|
||||
+ - ssh-authkey-fingerprints
|
||||
+ - keys-to-console
|
||||
+ - phone-home
|
||||
+ - final-message
|
||||
+ - power-state-change
|
||||
+
|
||||
+system_info:
|
||||
+ default_user:
|
||||
+ name: cloud-user
|
||||
+ lock_passwd: true
|
||||
+ gecos: Cloud User
|
||||
+ groups: [adm, systemd-journal]
|
||||
+ sudo: ["ALL=(ALL) NOPASSWD:ALL"]
|
||||
+ shell: /bin/bash
|
||||
+ distro: rhel
|
||||
+ paths:
|
||||
+ cloud_dir: /var/lib/cloud
|
||||
+ templates_dir: /etc/cloud/templates
|
||||
+ ssh_svcname: sshd
|
||||
+
|
||||
+# vim:syntax=yaml
|
||||
diff --git a/rhel/systemd/cloud-config.service b/rhel/systemd/cloud-config.service
|
||||
new file mode 100644
|
||||
index 00000000..f3dcd4be
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-config.service
|
||||
@@ -0,0 +1,18 @@
|
||||
+[Unit]
|
||||
+Description=Apply the settings specified in cloud-config
|
||||
+After=network-online.target cloud-config.target
|
||||
+Wants=network-online.target cloud-config.target
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+
|
||||
+[Service]
|
||||
+Type=oneshot
|
||||
+ExecStart=/usr/bin/cloud-init modules --mode=config
|
||||
+RemainAfterExit=yes
|
||||
+TimeoutSec=0
|
||||
+
|
||||
+# Output needs to appear in instance console output
|
||||
+StandardOutput=journal+console
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-config.target b/rhel/systemd/cloud-config.target
|
||||
new file mode 100644
|
||||
index 00000000..ae9b7d02
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-config.target
|
||||
@@ -0,0 +1,11 @@
|
||||
+# cloud-init normally emits a "cloud-config" upstart event to inform third
|
||||
+# parties that cloud-config is available, which does us no good when we're
|
||||
+# using systemd. cloud-config.target serves as this synchronization point
|
||||
+# instead. Services that would "start on cloud-config" with upstart can
|
||||
+# instead use "After=cloud-config.target" and "Wants=cloud-config.target"
|
||||
+# as appropriate.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Cloud-config availability
|
||||
+Wants=cloud-init-local.service cloud-init.service
|
||||
+After=cloud-init-local.service cloud-init.service
|
||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||
new file mode 100644
|
||||
index 00000000..e281c0cf
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-final.service
|
||||
@@ -0,0 +1,24 @@
|
||||
+[Unit]
|
||||
+Description=Execute cloud user/final scripts
|
||||
+After=network-online.target cloud-config.service rc-local.service
|
||||
+Wants=network-online.target cloud-config.service
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+
|
||||
+[Service]
|
||||
+Type=oneshot
|
||||
+ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
+RemainAfterExit=yes
|
||||
+TimeoutSec=0
|
||||
+KillMode=process
|
||||
+# Restart NetworkManager if it is present and running.
|
||||
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
+ out=$(systemctl show --property=SubState $u) || exit; \
|
||||
+ [ "$out" = "SubState=running" ] || exit 0; \
|
||||
+ systemctl reload-or-try-restart $u'
|
||||
+
|
||||
+# Output needs to appear in instance console output
|
||||
+StandardOutput=journal+console
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init-local.service b/rhel/systemd/cloud-init-local.service
|
||||
new file mode 100644
|
||||
index 00000000..8f9f6c9f
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init-local.service
|
||||
@@ -0,0 +1,31 @@
|
||||
+[Unit]
|
||||
+Description=Initial cloud-init job (pre-networking)
|
||||
+DefaultDependencies=no
|
||||
+Wants=network-pre.target
|
||||
+After=systemd-remount-fs.service
|
||||
+Requires=dbus.socket
|
||||
+After=dbus.socket
|
||||
+Before=NetworkManager.service network.service
|
||||
+Before=network-pre.target
|
||||
+Before=shutdown.target
|
||||
+Before=firewalld.target
|
||||
+Conflicts=shutdown.target
|
||||
+RequiresMountsFor=/var/lib/cloud
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+
|
||||
+[Service]
|
||||
+Type=oneshot
|
||||
+ExecStartPre=/bin/mkdir -p /run/cloud-init
|
||||
+ExecStartPre=/sbin/restorecon /run/cloud-init
|
||||
+ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
|
||||
+ExecStart=/usr/bin/cloud-init init --local
|
||||
+ExecStart=/bin/touch /run/cloud-init/network-config-ready
|
||||
+RemainAfterExit=yes
|
||||
+TimeoutSec=0
|
||||
+
|
||||
+# Output needs to appear in instance console output
|
||||
+StandardOutput=journal+console
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
||||
new file mode 100644
|
||||
index 00000000..0b3d796d
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init.service
|
||||
@@ -0,0 +1,26 @@
|
||||
+[Unit]
|
||||
+Description=Initial cloud-init job (metadata service crawler)
|
||||
+Wants=cloud-init-local.service
|
||||
+Wants=sshd-keygen.service
|
||||
+Wants=sshd.service
|
||||
+After=cloud-init-local.service
|
||||
+After=NetworkManager.service network.service
|
||||
+After=NetworkManager-wait-online.service
|
||||
+Before=network-online.target
|
||||
+Before=sshd-keygen.service
|
||||
+Before=sshd.service
|
||||
+Before=systemd-user-sessions.service
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+
|
||||
+[Service]
|
||||
+Type=oneshot
|
||||
+ExecStart=/usr/bin/cloud-init init
|
||||
+RemainAfterExit=yes
|
||||
+TimeoutSec=0
|
||||
+
|
||||
+# Output needs to appear in instance console output
|
||||
+StandardOutput=journal+console
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.target b/rhel/systemd/cloud-init.target
|
||||
new file mode 100644
|
||||
index 00000000..083c3b6f
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init.target
|
||||
@@ -0,0 +1,7 @@
|
||||
+# cloud-init target is enabled by cloud-init-generator
|
||||
+# To disable it you can either:
|
||||
+# a.) boot with kernel cmdline of 'cloud-init=disabled'
|
||||
+# b.) touch a file /etc/cloud/cloud-init.disabled
|
||||
+[Unit]
|
||||
+Description=Cloud-init target
|
||||
+After=multi-user.target
|
||||
diff --git a/setup.py b/setup.py
|
||||
index a9132d2c..3c377eaa 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -139,21 +139,6 @@ INITSYS_FILES = {
|
||||
"sysvinit_deb": [f for f in glob("sysvinit/debian/*") if is_f(f)],
|
||||
"sysvinit_openrc": [f for f in glob("sysvinit/gentoo/*") if is_f(f)],
|
||||
"sysvinit_suse": [f for f in glob("sysvinit/suse/*") if is_f(f)],
|
||||
- "systemd": [
|
||||
- render_tmpl(f)
|
||||
- for f in (
|
||||
- glob("systemd/*.tmpl")
|
||||
- + glob("systemd/*.service")
|
||||
- + glob("systemd/*.socket")
|
||||
- + glob("systemd/*.target")
|
||||
- )
|
||||
- if (is_f(f) and not is_generator(f))
|
||||
- ],
|
||||
- "systemd.generators": [
|
||||
- render_tmpl(f, mode=0o755)
|
||||
- for f in glob("systemd/*")
|
||||
- if is_f(f) and is_generator(f)
|
||||
- ],
|
||||
"upstart": [f for f in glob("upstart/*") if is_f(f)],
|
||||
}
|
||||
INITSYS_ROOTS = {
|
||||
@@ -163,10 +148,6 @@ INITSYS_ROOTS = {
|
||||
"sysvinit_deb": "etc/init.d",
|
||||
"sysvinit_openrc": "etc/init.d",
|
||||
"sysvinit_suse": "etc/init.d",
|
||||
- "systemd": pkg_config_read("systemd", "systemdsystemunitdir"),
|
||||
- "systemd.generators": pkg_config_read(
|
||||
- "systemd", "systemdsystemgeneratordir"
|
||||
- ),
|
||||
"upstart": "etc/init/",
|
||||
}
|
||||
INITSYS_TYPES = sorted([f.partition(".")[0] for f in INITSYS_ROOTS.keys()])
|
||||
@@ -281,15 +262,13 @@ data_files = [
|
||||
(
|
||||
USR_LIB_EXEC + "/cloud-init",
|
||||
[
|
||||
- "tools/ds-identify",
|
||||
"tools/hook-hotplug",
|
||||
"tools/uncloud-init",
|
||||
"tools/write-ssh-key-fingerprints",
|
||||
],
|
||||
),
|
||||
(
|
||||
- USR + "/share/bash-completion/completions",
|
||||
- ["bash_completion/cloud-init"],
|
||||
+ ETC + "/bash_completion.d", ["bash_completion/cloud-init"],
|
||||
),
|
||||
(USR + "/share/doc/cloud-init", [f for f in glob("doc/*") if is_f(f)]),
|
||||
(
|
||||
@@ -308,8 +287,7 @@ if not platform.system().endswith("BSD"):
|
||||
ETC + "/NetworkManager/dispatcher.d/",
|
||||
["tools/hook-network-manager"],
|
||||
),
|
||||
- (ETC + "/dhcp/dhclient-exit-hooks.d/", ["tools/hook-dhclient"]),
|
||||
- (LIB + "/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
+ ("/usr/lib/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
(
|
||||
ETC + "/systemd/system/sshd-keygen@.service.d/",
|
||||
["systemd/disable-sshd-keygen-if-cloud-init-active.conf"],
|
||||
@@ -339,8 +317,6 @@ setuptools.setup(
|
||||
scripts=["tools/cloud-init-per"],
|
||||
license="Dual-licensed under GPLv3 or Apache 2.0",
|
||||
data_files=data_files,
|
||||
- install_requires=requirements,
|
||||
- cmdclass=cmdclass,
|
||||
entry_points={
|
||||
"console_scripts": [
|
||||
"cloud-init = cloudinit.cmd.main:main",
|
||||
diff --git a/tools/read-version b/tools/read-version
|
||||
index 02c90643..79755f78 100755
|
||||
--- a/tools/read-version
|
||||
+++ b/tools/read-version
|
||||
@@ -71,32 +71,8 @@ version_long = None
|
||||
is_release_branch_ci = (
|
||||
os.environ.get("TRAVIS_PULL_REQUEST_BRANCH", "").startswith("upstream/")
|
||||
)
|
||||
-if is_gitdir(_tdir) and which("git") and not is_release_branch_ci:
|
||||
- flags = []
|
||||
- if use_tags:
|
||||
- flags = ['--tags']
|
||||
- cmd = ['git', 'describe', '--abbrev=8', '--match=[0-9]*'] + flags
|
||||
-
|
||||
- try:
|
||||
- version = tiny_p(cmd).strip()
|
||||
- except RuntimeError:
|
||||
- version = None
|
||||
-
|
||||
- if version is None or not version.startswith(src_version):
|
||||
- sys.stderr.write("git describe version (%s) differs from "
|
||||
- "cloudinit.version (%s)\n" % (version, src_version))
|
||||
- sys.stderr.write(
|
||||
- "Please get the latest upstream tags.\n"
|
||||
- "As an example, this can be done with the following:\n"
|
||||
- "$ git remote add upstream https://git.launchpad.net/cloud-init\n"
|
||||
- "$ git fetch upstream --tags\n"
|
||||
- )
|
||||
- sys.exit(1)
|
||||
-
|
||||
- version_long = tiny_p(cmd + ["--long"]).strip()
|
||||
-else:
|
||||
- version = src_version
|
||||
- version_long = None
|
||||
+version = src_version
|
||||
+version_long = None
|
||||
|
||||
# version is X.Y.Z[+xxx.gHASH]
|
||||
# version_long is None or X.Y.Z-xxx-gHASH
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
@ -1,7 +1,8 @@
|
||||
From c521ec2ce5b1d9a7322ce152011b8792f121bf5c Mon Sep 17 00:00:00 2001
|
||||
From b3b96bff187e9d0bfcbfefd5fca05c61bd50d368 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Fri, 7 May 2021 13:36:06 +0200
|
||||
Subject: Do not write NM_CONTROLLED=no in generated interface config files
|
||||
Subject: [PATCH] Do not write NM_CONTROLLED=no in generated interface config
|
||||
files
|
||||
|
||||
Conflicts 20.3:
|
||||
- Not appplying patch on cloudinit/net/sysconfig.py since it now has a
|
||||
@ -20,10 +21,10 @@ Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
||||
2 files changed, 10 insertions(+), 30 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index ba85c4f6..d8c53312 100644
|
||||
index d4daa78f..a7dbe55b 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -336,7 +336,6 @@ class Renderer(renderer.Renderer):
|
||||
@@ -316,7 +316,6 @@ class Renderer(renderer.Renderer):
|
||||
"rhel": {
|
||||
"ONBOOT": True,
|
||||
"USERCTL": False,
|
||||
@ -31,7 +32,7 @@ index ba85c4f6..d8c53312 100644
|
||||
"BOOTPROTO": "none",
|
||||
},
|
||||
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
|
||||
@@ -1039,7 +1038,16 @@ class Renderer(renderer.Renderer):
|
||||
@@ -1019,7 +1018,16 @@ class Renderer(renderer.Renderer):
|
||||
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
|
||||
if sysconfig_path.endswith("network"):
|
||||
util.ensure_dir(os.path.dirname(sysconfig_path))
|
||||
@ -50,10 +51,10 @@ index ba85c4f6..d8c53312 100644
|
||||
netcfg.append("NETWORKING_IPV6=yes")
|
||||
netcfg.append("IPV6_AUTOCONF=no")
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 47e4ba00..591241b3 100644
|
||||
index 056aaeb6..0f523ff8 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -579,7 +579,6 @@ GATEWAY=172.19.3.254
|
||||
@@ -585,7 +585,6 @@ GATEWAY=172.19.3.254
|
||||
HWADDR=fa:16:3e:ed:9a:59
|
||||
IPADDR=172.19.1.34
|
||||
NETMASK=255.255.252.0
|
||||
@ -61,7 +62,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -712,7 +711,6 @@ IPADDR=172.19.1.34
|
||||
@@ -749,7 +748,6 @@ IPADDR=172.19.1.34
|
||||
IPADDR1=10.0.0.10
|
||||
NETMASK=255.255.252.0
|
||||
NETMASK1=255.255.255.0
|
||||
@ -69,7 +70,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -874,7 +872,6 @@ IPV6_AUTOCONF=no
|
||||
@@ -911,7 +909,6 @@ IPV6_AUTOCONF=no
|
||||
IPV6_DEFAULTGW=2001:DB8::1
|
||||
IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.252.0
|
||||
@ -77,7 +78,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -1053,7 +1050,6 @@ NETWORK_CONFIGS = {
|
||||
@@ -1090,7 +1087,6 @@ NETWORK_CONFIGS = {
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth1
|
||||
HWADDR=cf:d6:af:48:e8:80
|
||||
@ -85,7 +86,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -1072,7 +1068,6 @@ NETWORK_CONFIGS = {
|
||||
@@ -1109,7 +1105,6 @@ NETWORK_CONFIGS = {
|
||||
IPADDR=192.168.21.3
|
||||
NETMASK=255.255.255.0
|
||||
METRIC=10000
|
||||
@ -93,7 +94,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -1244,7 +1239,6 @@ NETWORK_CONFIGS = {
|
||||
@@ -1353,7 +1348,6 @@ NETWORK_CONFIGS = {
|
||||
IPV6_AUTOCONF=no
|
||||
IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.255.0
|
||||
@ -101,7 +102,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2093,7 +2087,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2377,7 +2371,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DHCPV6C=yes
|
||||
IPV6INIT=yes
|
||||
MACADDR=aa:bb:cc:dd:ee:ff
|
||||
@ -109,7 +110,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Bond
|
||||
USERCTL=no"""
|
||||
@@ -2103,7 +2096,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2387,7 +2380,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=bond0.200
|
||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||
@ -117,7 +118,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
PHYSDEV=bond0
|
||||
USERCTL=no
|
||||
@@ -2123,7 +2115,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2407,7 +2399,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
||||
MACADDR=bb:bb:bb:bb:bb:aa
|
||||
NETMASK=255.255.255.0
|
||||
@ -125,7 +126,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
PRIO=22
|
||||
STP=no
|
||||
@@ -2135,7 +2126,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2419,7 +2410,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth0
|
||||
HWADDR=c0:d6:9f:2c:e8:80
|
||||
@ -133,7 +134,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -2154,7 +2144,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2438,7 +2428,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
MTU=1500
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
@ -141,7 +142,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
PHYSDEV=eth0
|
||||
USERCTL=no
|
||||
@@ -2166,7 +2155,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2450,7 +2439,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth1
|
||||
HWADDR=aa:d6:9f:2c:e8:80
|
||||
MASTER=bond0
|
||||
@ -149,7 +150,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2178,7 +2166,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2462,7 +2450,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth2
|
||||
HWADDR=c0:bb:9f:2c:e8:80
|
||||
MASTER=bond0
|
||||
@ -157,7 +158,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2190,7 +2177,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2474,7 +2461,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BRIDGE=br0
|
||||
DEVICE=eth3
|
||||
HWADDR=66:bb:9f:2c:e8:80
|
||||
@ -165,7 +166,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -2201,7 +2187,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2485,7 +2471,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BRIDGE=br0
|
||||
DEVICE=eth4
|
||||
HWADDR=98:bb:9f:2c:e8:80
|
||||
@ -173,7 +174,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -2212,7 +2197,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2496,7 +2481,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth5
|
||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||
HWADDR=98:bb:9f:2c:e8:8a
|
||||
@ -181,7 +182,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -2689,7 +2673,6 @@ iface bond0 inet6 static
|
||||
@@ -3220,7 +3204,6 @@ iface bond0 inet6 static
|
||||
MTU=9000
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
@ -189,7 +190,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Bond
|
||||
USERCTL=no
|
||||
@@ -2701,7 +2684,6 @@ iface bond0 inet6 static
|
||||
@@ -3232,7 +3215,6 @@ iface bond0 inet6 static
|
||||
DEVICE=bond0s0
|
||||
HWADDR=aa:bb:cc:dd:e8:00
|
||||
MASTER=bond0
|
||||
@ -197,7 +198,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2729,7 +2711,6 @@ iface bond0 inet6 static
|
||||
@@ -3260,7 +3242,6 @@ iface bond0 inet6 static
|
||||
DEVICE=bond0s1
|
||||
HWADDR=aa:bb:cc:dd:e8:01
|
||||
MASTER=bond0
|
||||
@ -205,7 +206,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2794,7 +2775,6 @@ iface bond0 inet6 static
|
||||
@@ -3406,7 +3387,6 @@ iface bond0 inet6 static
|
||||
BOOTPROTO=none
|
||||
DEVICE=en0
|
||||
HWADDR=aa:bb:cc:dd:e8:00
|
||||
@ -213,7 +214,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""
|
||||
@@ -2815,7 +2795,6 @@ iface bond0 inet6 static
|
||||
@@ -3427,7 +3407,6 @@ iface bond0 inet6 static
|
||||
MTU=2222
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
@ -221,7 +222,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
PHYSDEV=en0
|
||||
USERCTL=no
|
||||
@@ -2890,7 +2869,6 @@ iface bond0 inet6 static
|
||||
@@ -3553,7 +3532,6 @@ iface bond0 inet6 static
|
||||
DEVICE=br0
|
||||
IPADDR=192.168.2.2
|
||||
NETMASK=255.255.255.0
|
||||
@ -229,7 +230,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
PRIO=22
|
||||
STP=no
|
||||
@@ -3032,7 +3010,6 @@ iface bond0 inet6 static
|
||||
@@ -3769,7 +3747,6 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPADDR=192.168.1.2
|
||||
NETMASK=255.255.255.0
|
||||
@ -237,7 +238,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3044,7 +3021,6 @@ iface bond0 inet6 static
|
||||
@@ -3781,7 +3758,6 @@ iface bond0 inet6 static
|
||||
DEVICE=eth1
|
||||
HWADDR=52:54:00:12:34:aa
|
||||
MTU=1480
|
||||
@ -245,7 +246,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3055,7 +3031,6 @@ iface bond0 inet6 static
|
||||
@@ -3792,7 +3768,6 @@ iface bond0 inet6 static
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth2
|
||||
HWADDR=52:54:00:12:34:ff
|
||||
@ -253,7 +254,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3628,7 +3603,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
||||
@@ -4469,7 +4444,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=eth1000
|
||||
HWADDR=07-1c-c6-75-a4-be
|
||||
@ -261,7 +262,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3840,7 +3814,6 @@ GATEWAY=10.0.2.2
|
||||
@@ -4681,7 +4655,6 @@ GATEWAY=10.0.2.2
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPADDR=10.0.2.15
|
||||
NETMASK=255.255.255.0
|
||||
@ -269,7 +270,7 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3910,7 +3883,6 @@ USERCTL=no
|
||||
@@ -4751,7 +4724,6 @@ USERCTL=no
|
||||
#
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=eth0
|
||||
@ -277,6 +278,3 @@ index 47e4ba00..591241b3 100644
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
@ -1,42 +0,0 @@
|
||||
From b952fa472be3f417e0d857c8647a1b930624c247 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Fri, 25 Feb 2022 05:05:17 -0500
|
||||
Subject: Adding _netdev to the default mount configuration
|
||||
|
||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-MergeRequest: 21: Adding _netdev to the default mount configuration
|
||||
RH-Commit: [1/1] 250860a24db396a5088d207d6526a0028ac73eb3 (otubo/cloud-init-src)
|
||||
RH-Bugzilla: 1998445
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
|
||||
Adding _netdev option also to the default configuration for RHEL.
|
||||
|
||||
rhbz: 1998445
|
||||
x-downstream-only: yes
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
patch_name: ci-Adding-_netdev-to-the-default-mount-configuration.patch
|
||||
present_in_specfile: true
|
||||
location_in_specfile: 29
|
||||
---
|
||||
rhel/cloud.cfg | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
index 9ecba215..1ec1a6c6 100644
|
||||
--- a/rhel/cloud.cfg
|
||||
+++ b/rhel/cloud.cfg
|
||||
@@ -4,7 +4,7 @@ users:
|
||||
disable_root: 1
|
||||
ssh_pwauth: 0
|
||||
|
||||
-mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
|
||||
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
|
||||
resize_rootfs_tmp: /dev
|
||||
ssh_deletekeys: 1
|
||||
ssh_genkeytypes: ~
|
||||
--
|
||||
2.31.1
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a14df44ffdc880ae16c691901e2671458ab234ff Mon Sep 17 00:00:00 2001
|
||||
From c589da20eb92231ef08e10c9724e3e6c663e6ce2 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu, 17 Feb 2022 15:32:35 +0100
|
||||
Subject: Setting highest autoconnect priority for network-scripts
|
||||
Subject: [PATCH] Setting highest autoconnect priority for network-scripts
|
||||
|
||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-MergeRequest: 22: Setting highest autoconnect priority for network-scripts
|
||||
@ -24,19 +24,15 @@ rhbz: 2036060
|
||||
x-downstream-only: yes
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
patch_name: ci-Setting-highest-autoconnect-priority-for-network-scr.patch
|
||||
present_in_specfile: true
|
||||
location_in_specfile: 30
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index d8c53312..b50035b5 100644
|
||||
index a7dbe55b..4262cd48 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -337,6 +337,7 @@ class Renderer(renderer.Renderer):
|
||||
@@ -317,6 +317,7 @@ class Renderer(renderer.Renderer):
|
||||
"ONBOOT": True,
|
||||
"USERCTL": False,
|
||||
"BOOTPROTO": "none",
|
||||
@ -44,6 +40,3 @@ index d8c53312..b50035b5 100644
|
||||
},
|
||||
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
|
||||
}
|
||||
--
|
||||
2.31.1
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 40ad855b883050069393b9c00db2a6d222d949db Mon Sep 17 00:00:00 2001
|
||||
From dfff374f66904e84fb07ca157ba010fac6b5f1de Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Fri, 7 May 2021 13:36:08 +0200
|
||||
Subject: limit permissions on def_log_file
|
||||
Subject: [PATCH] limit permissions on def_log_file
|
||||
|
||||
This sets a default mode of 0600 on def_log_file, and makes this
|
||||
configurable via the def_log_file_mode option in cloud.cfg.
|
||||
@ -13,7 +13,10 @@ X-approved-upstream: true
|
||||
Conflicts 21.1:
|
||||
cloudinit/stages.py: adjusting call of ensure_file() to use more
|
||||
recent version
|
||||
Confilicts 23.1.1:
|
||||
use "" instead of ''
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/settings.py | 1 +
|
||||
@ -22,22 +25,22 @@ Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
3 files changed, 6 insertions(+)
|
||||
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index a780e21e..aa2d6b95 100644
|
||||
index edbb217d..3d541141 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -49,6 +49,7 @@ CFG_BUILTIN = {
|
||||
@@ -52,6 +52,7 @@ CFG_BUILTIN = {
|
||||
"None",
|
||||
],
|
||||
'def_log_file': '/var/log/cloud-init.log',
|
||||
+ 'def_log_file_mode': 0o600,
|
||||
'log_cfgs': [],
|
||||
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
'ssh_deletekeys': False,
|
||||
"def_log_file": "/var/log/cloud-init.log",
|
||||
+ "def_log_file_mode": 0o600,
|
||||
"log_cfgs": [],
|
||||
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
|
||||
"syslog_fix_perms": [],
|
||||
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
|
||||
index 3f17294b..61db1dbd 100644
|
||||
index 9494a0bf..a624a6fb 100644
|
||||
--- a/cloudinit/stages.py
|
||||
+++ b/cloudinit/stages.py
|
||||
@@ -205,6 +205,7 @@ class Init(object):
|
||||
@@ -202,6 +202,7 @@ class Init:
|
||||
def _initialize_filesystem(self):
|
||||
util.ensure_dirs(self._initial_subdirs())
|
||||
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
|
||||
@ -46,10 +49,10 @@ index 3f17294b..61db1dbd 100644
|
||||
util.ensure_file(log_file, mode=0o640, preserve_mode=True)
|
||||
perms = self.cfg.get("syslog_fix_perms")
|
||||
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
|
||||
index a2b4a3fa..0ccf3147 100644
|
||||
index 15d788f3..b6d16c9c 100644
|
||||
--- a/doc/examples/cloud-config.txt
|
||||
+++ b/doc/examples/cloud-config.txt
|
||||
@@ -414,10 +414,14 @@ timezone: US/Eastern
|
||||
@@ -383,10 +383,14 @@ timezone: US/Eastern
|
||||
# if syslog_fix_perms is a list, it will iterate through and use the
|
||||
# first pair that does not raise error.
|
||||
#
|
||||
@ -64,6 +67,3 @@ index a2b4a3fa..0ccf3147 100644
|
||||
syslog_fix_perms: syslog:root
|
||||
|
||||
# you can set passwords for a user or multiple users
|
||||
--
|
||||
2.31.1
|
||||
|
@ -0,0 +1,92 @@
|
||||
From ecae81f98ce230266eb99671b74534a4ede660f0 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Fri, 10 Mar 2023 11:51:48 +0100
|
||||
Subject: [PATCH] Manual revert "Use Network-Manager and Netplan as default
|
||||
renderers for RHEL and Fedora (#1465)"
|
||||
|
||||
This reverts changes done in commit 7703aa98b.
|
||||
Done by hand because the doc file affected by that commit has changed.
|
||||
|
||||
X-downstream-only: true
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
cloudinit/net/renderers.py | 1 -
|
||||
config/cloud.cfg.tmpl | 3 ---
|
||||
doc/rtd/reference/network-config.rst | 16 ++--------------
|
||||
3 files changed, 2 insertions(+), 18 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/renderers.py b/cloudinit/net/renderers.py
|
||||
index fcf7feba..b241683f 100644
|
||||
--- a/cloudinit/net/renderers.py
|
||||
+++ b/cloudinit/net/renderers.py
|
||||
@@ -30,7 +30,6 @@ DEFAULT_PRIORITY = [
|
||||
"eni",
|
||||
"sysconfig",
|
||||
"netplan",
|
||||
- "network-manager",
|
||||
"freebsd",
|
||||
"netbsd",
|
||||
"openbsd",
|
||||
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||
index 7238c102..12f32c51 100644
|
||||
--- a/config/cloud.cfg.tmpl
|
||||
+++ b/config/cloud.cfg.tmpl
|
||||
@@ -381,9 +381,6 @@ system_info:
|
||||
{% elif variant in ["dragonfly"] %}
|
||||
network:
|
||||
renderers: ['freebsd']
|
||||
-{% elif variant in ["fedora"] or is_rhel %}
|
||||
- network:
|
||||
- renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
|
||||
{% elif variant == "openmandriva" %}
|
||||
network:
|
||||
renderers: ['network-manager', 'networkd']
|
||||
diff --git a/doc/rtd/reference/network-config.rst b/doc/rtd/reference/network-config.rst
|
||||
index ea331f1c..bc52afa5 100644
|
||||
--- a/doc/rtd/reference/network-config.rst
|
||||
+++ b/doc/rtd/reference/network-config.rst
|
||||
@@ -176,16 +176,6 @@ this state, ``cloud-init`` delegates rendering of the configuration to
|
||||
distro-supported formats. The following ``renderers`` are supported in
|
||||
``cloud-init``:
|
||||
|
||||
-NetworkManager
|
||||
---------------
|
||||
-
|
||||
-`NetworkManager`_ is the standard Linux network configuration tool suite. It
|
||||
-supports a wide range of networking setups. Configuration is typically stored
|
||||
-in :file:`/etc/NetworkManager`.
|
||||
-
|
||||
-It is the default for a number of Linux distributions; notably Fedora,
|
||||
-CentOS/RHEL, and their derivatives.
|
||||
-
|
||||
ENI
|
||||
---
|
||||
|
||||
@@ -223,7 +213,6 @@ preference) is as follows:
|
||||
- ENI
|
||||
- Sysconfig
|
||||
- Netplan
|
||||
-- NetworkManager
|
||||
- FreeBSD
|
||||
- NetBSD
|
||||
- OpenBSD
|
||||
@@ -234,7 +223,6 @@ preference) is as follows:
|
||||
|
||||
- **ENI**: using ``ifup``, ``ifdown`` to manage device setup/teardown
|
||||
- **Netplan**: using ``netplan apply`` to manage device setup/teardown
|
||||
-- **NetworkManager**: using ``nmcli`` to manage device setup/teardown
|
||||
- **Networkd**: using ``ip`` to manage device setup/teardown
|
||||
|
||||
When applying the policy, ``cloud-init`` checks if the current instance has the
|
||||
@@ -244,8 +232,8 @@ supplying an updated configuration in cloud-config. ::
|
||||
|
||||
system_info:
|
||||
network:
|
||||
- renderers: ['netplan', 'network-manager', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
- activators: ['eni', 'netplan', 'network-manager', 'networkd']
|
||||
+ renderers: ['netplan', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
+ activators: ['eni', 'netplan', 'networkd']
|
||||
|
||||
Network configuration tools
|
||||
===========================
|
File diff suppressed because it is too large
Load Diff
@ -1,65 +0,0 @@
|
||||
From 00f1f910d8d166ebe2913c12549f212c2d666c11 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 20 May 2021 08:53:55 +0200
|
||||
Subject: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in
|
||||
cloud.cfg
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
|
||||
RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f
|
||||
RH-Bugzilla: 1957532
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
||||
Currently genkeytypes in cloud.cfg is set to None, so together with
|
||||
ssh_deletekeys=1 cloudinit on first boot it will just delete the existing
|
||||
keys and not generate new ones.
|
||||
|
||||
Just removing that property in cloud.cfg is not enough, because
|
||||
settings.py provides another empty default value that will be used
|
||||
instead, resulting to no key generated even when the property is not defined.
|
||||
|
||||
Removing genkeytypes also in settings.py will default to GENERATE_KEY_NAMES,
|
||||
but since we want only 'rsa', 'ecdsa' and 'ed25519', add back genkeytypes in
|
||||
cloud.cfg with the above defaults.
|
||||
|
||||
Also remove ssh_deletekeys in settings.py as we always need
|
||||
to 1 (and it also defaults to 1).
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
cloudinit/settings.py | 2 --
|
||||
rhel/cloud.cfg | 2 +-
|
||||
2 files changed, 1 insertion(+), 3 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index aa2d6b95..38a90b70 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -52,8 +52,6 @@ CFG_BUILTIN = {
|
||||
'def_log_file_mode': 0o600,
|
||||
'log_cfgs': [],
|
||||
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
- 'ssh_deletekeys': False,
|
||||
- 'ssh_genkeytypes': [],
|
||||
'syslog_fix_perms': [],
|
||||
'system_info': {
|
||||
'paths': {
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
index 1ec1a6c6..75d5c84b 100644
|
||||
--- a/rhel/cloud.cfg
|
||||
+++ b/rhel/cloud.cfg
|
||||
@@ -7,7 +7,7 @@ ssh_pwauth: 0
|
||||
mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
|
||||
resize_rootfs_tmp: /dev
|
||||
ssh_deletekeys: 1
|
||||
-ssh_genkeytypes: ~
|
||||
+ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519']
|
||||
syslog_fix_perms: ~
|
||||
disable_vmware_customization: false
|
||||
|
||||
--
|
||||
2.31.1
|
||||
|
@ -0,0 +1,54 @@
|
||||
From ac0cf308318d423162ce3b7be32dcbf88f20ff50 Mon Sep 17 00:00:00 2001
|
||||
From: Ani Sinha <anisinha@redhat.com>
|
||||
Date: Tue, 4 Apr 2023 19:59:07 +0530
|
||||
Subject: [PATCH] rhel: make sure previous-hostname file ends with a new line
|
||||
(#2108)
|
||||
|
||||
cloud-init strips new line from "/etc/hostname" on rhel distro when processing
|
||||
"/var/lib/cloud/data/previous-hostname". Although this does not pose a serious
|
||||
issue, it is still better if the behavior is similar to other distros like
|
||||
Ubuntu where /previous-hostname does end with a new line. Fix this issue by
|
||||
using hostname parser in rhel similar to debian.
|
||||
|
||||
Signed-off-by: Ani Sinha <anisinha@redhat.com>
|
||||
(cherry picked from commit 6d42aa8e2c1a5454a658ab4e2b9cead2677c77cd)
|
||||
---
|
||||
cloudinit/distros/rhel.py | 5 ++++-
|
||||
tools/.github-cla-signers | 1 +
|
||||
2 files changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/distros/rhel.py b/cloudinit/distros/rhel.py
|
||||
index df7dc3d6..9625709e 100644
|
||||
--- a/cloudinit/distros/rhel.py
|
||||
+++ b/cloudinit/distros/rhel.py
|
||||
@@ -13,6 +13,7 @@ from cloudinit import distros, helpers
|
||||
from cloudinit import log as logging
|
||||
from cloudinit import subp, util
|
||||
from cloudinit.distros import rhel_util
|
||||
+from cloudinit.distros.parsers.hostname import HostnameConf
|
||||
from cloudinit.settings import PER_INSTANCE
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
@@ -111,7 +112,9 @@ class Distro(distros.Distro):
|
||||
# systemd will never update previous-hostname for us, so
|
||||
# we need to do it ourselves
|
||||
if self.uses_systemd() and filename.endswith("/previous-hostname"):
|
||||
- util.write_file(filename, hostname)
|
||||
+ conf = HostnameConf("")
|
||||
+ conf.set_hostname(hostname)
|
||||
+ util.write_file(filename, str(conf), 0o644)
|
||||
elif self.uses_systemd():
|
||||
subp.subp(["hostnamectl", "set-hostname", str(hostname)])
|
||||
else:
|
||||
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||
index d8cca015..457dacf4 100644
|
||||
--- a/tools/.github-cla-signers
|
||||
+++ b/tools/.github-cla-signers
|
||||
@@ -9,6 +9,7 @@ andgein
|
||||
andrew-lee-metaswitch
|
||||
andrewbogott
|
||||
andrewlukoshko
|
||||
+ani-sinha
|
||||
antonyc
|
||||
aswinrajamannar
|
||||
beantaxi
|
@ -0,0 +1,121 @@
|
||||
From 34ef256dc614c7dcf5b04a431d410030e333d82b Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Mon, 17 Apr 2023 10:20:16 +0200
|
||||
Subject: [PATCH] Don't change permissions of netrules target (#2076)
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2182948
|
||||
|
||||
commit 56c88cafd1b3606e814069a79f4ec265fc427c87
|
||||
Author: James Falcon <james.falcon@canonical.com>
|
||||
Date: Thu Mar 23 10:21:56 2023 -0500
|
||||
|
||||
Don't change permissions of netrules target (#2076)
|
||||
|
||||
Set permissions if file doesn't exist. Leave them if it does.
|
||||
|
||||
LP: #2011783
|
||||
|
||||
Co-authored-by: Chad Smith <chad.smith@canonical.com>
|
||||
|
||||
Conflicts:
|
||||
cloudinit/net/sysconfig.py: enable_ifcfg_rh missing upstream
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
cloudinit/net/eni.py | 4 +++-
|
||||
cloudinit/net/sysconfig.py | 7 ++++++-
|
||||
tests/unittests/distros/test_netconfig.py | 20 ++++++++++++++++++--
|
||||
3 files changed, 27 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/eni.py b/cloudinit/net/eni.py
|
||||
index 53bd35ca..1de3bec2 100644
|
||||
--- a/cloudinit/net/eni.py
|
||||
+++ b/cloudinit/net/eni.py
|
||||
@@ -576,7 +576,9 @@ class Renderer(renderer.Renderer):
|
||||
netrules = subp.target_path(target, self.netrules_path)
|
||||
util.ensure_dir(os.path.dirname(netrules))
|
||||
util.write_file(
|
||||
- netrules, self._render_persistent_net(network_state)
|
||||
+ netrules,
|
||||
+ content=self._render_persistent_net(network_state),
|
||||
+ preserve_mode=True,
|
||||
)
|
||||
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index 765c248a..e08c0c69 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -1034,7 +1034,12 @@ class Renderer(renderer.Renderer):
|
||||
if self.netrules_path:
|
||||
netrules_content = self._render_persistent_net(network_state)
|
||||
netrules_path = subp.target_path(target, self.netrules_path)
|
||||
- util.write_file(netrules_path, netrules_content, file_mode)
|
||||
+ util.write_file(
|
||||
+ netrules_path,
|
||||
+ content=netrules_content,
|
||||
+ mode=file_mode,
|
||||
+ preserve_mode=True,
|
||||
+ )
|
||||
if available_nm(target=target):
|
||||
enable_ifcfg_rh(subp.target_path(target, path=NM_CFG_FILE))
|
||||
|
||||
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
|
||||
index e9fb0591..b1c89ce3 100644
|
||||
--- a/tests/unittests/distros/test_netconfig.py
|
||||
+++ b/tests/unittests/distros/test_netconfig.py
|
||||
@@ -458,8 +458,16 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
|
||||
def eni_path(self):
|
||||
return "/etc/network/interfaces.d/50-cloud-init.cfg"
|
||||
|
||||
+ def rules_path(self):
|
||||
+ return "/etc/udev/rules.d/70-persistent-net.rules"
|
||||
+
|
||||
def _apply_and_verify_eni(
|
||||
- self, apply_fn, config, expected_cfgs=None, bringup=False
|
||||
+ self,
|
||||
+ apply_fn,
|
||||
+ config,
|
||||
+ expected_cfgs=None,
|
||||
+ bringup=False,
|
||||
+ previous_files=(),
|
||||
):
|
||||
if not expected_cfgs:
|
||||
raise ValueError("expected_cfg must not be None")
|
||||
@@ -467,7 +475,11 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
|
||||
tmpd = None
|
||||
with mock.patch("cloudinit.net.eni.available") as m_avail:
|
||||
m_avail.return_value = True
|
||||
+ path_modes = {}
|
||||
with self.reRooted(tmpd) as tmpd:
|
||||
+ for previous_path, content, mode in previous_files:
|
||||
+ util.write_file(previous_path, content, mode=mode)
|
||||
+ path_modes[previous_path] = mode
|
||||
apply_fn(config, bringup)
|
||||
|
||||
results = dir2dict(tmpd)
|
||||
@@ -478,7 +490,9 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
|
||||
print(results[cfgpath])
|
||||
print("----------")
|
||||
self.assertEqual(expected, results[cfgpath])
|
||||
- self.assertEqual(0o644, get_mode(cfgpath, tmpd))
|
||||
+ self.assertEqual(
|
||||
+ path_modes.get(cfgpath, 0o644), get_mode(cfgpath, tmpd)
|
||||
+ )
|
||||
|
||||
def test_apply_network_config_and_bringup_filters_priority_eni_ub(self):
|
||||
"""Network activator search priority can be overridden from config."""
|
||||
@@ -527,11 +541,13 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
|
||||
def test_apply_network_config_eni_ub(self):
|
||||
expected_cfgs = {
|
||||
self.eni_path(): V1_NET_CFG_OUTPUT,
|
||||
+ self.rules_path(): "",
|
||||
}
|
||||
self._apply_and_verify_eni(
|
||||
self.distro.apply_network_config,
|
||||
V1_NET_CFG,
|
||||
expected_cfgs=expected_cfgs.copy(),
|
||||
+ previous_files=((self.rules_path(), "something", 0o660),),
|
||||
)
|
||||
|
||||
def test_apply_network_config_ipv6_ub(self):
|
@ -0,0 +1,295 @@
|
||||
From d092efe0f437ad149f6d6e3a9f8b816c0f5c1c2a Mon Sep 17 00:00:00 2001
|
||||
From: James Falcon <james.falcon@canonical.com>
|
||||
Date: Wed, 26 Apr 2023 15:11:55 -0500
|
||||
Subject: [PATCH] Make user/vendor data sensitive and remove log permissions
|
||||
(#2144)
|
||||
|
||||
Because user data and vendor data may contain sensitive information,
|
||||
this commit ensures that any user data or vendor data written to
|
||||
instance-data.json gets redacted and is only available to root user.
|
||||
|
||||
Also, modify the permissions of cloud-init.log to be 640, so that
|
||||
sensitive data leaked to the log isn't world readable.
|
||||
Additionally, remove the logging of user data and vendor data to
|
||||
cloud-init.log from the Vultr datasource.
|
||||
|
||||
LP: #2013967
|
||||
CVE: CVE-2023-1786
|
||||
(cherry picked from commit a378b7e4f47375458651c0972e7cd813f6fe0a6b)
|
||||
Signed-off-by: Ani Sinha <anisinha@redhat.com>
|
||||
---
|
||||
cloudinit/sources/DataSourceLXD.py | 9 ++++++---
|
||||
cloudinit/sources/DataSourceVultr.py | 14 ++++++--------
|
||||
cloudinit/sources/__init__.py | 28 +++++++++++++++++++++++++---
|
||||
cloudinit/stages.py | 4 +++-
|
||||
tests/unittests/sources/test_init.py | 27 ++++++++++++++++++++++++++-
|
||||
tests/unittests/test_stages.py | 18 +++++++++++-------
|
||||
6 files changed, 77 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/sources/DataSourceLXD.py b/cloudinit/sources/DataSourceLXD.py
|
||||
index ab440cc8..e4cae91a 100644
|
||||
--- a/cloudinit/sources/DataSourceLXD.py
|
||||
+++ b/cloudinit/sources/DataSourceLXD.py
|
||||
@@ -14,7 +14,7 @@ import stat
|
||||
import time
|
||||
from enum import Flag, auto
|
||||
from json.decoder import JSONDecodeError
|
||||
-from typing import Any, Dict, List, Optional, Union, cast
|
||||
+from typing import Any, Dict, List, Optional, Tuple, Union, cast
|
||||
|
||||
import requests
|
||||
from requests.adapters import HTTPAdapter
|
||||
@@ -168,11 +168,14 @@ class DataSourceLXD(sources.DataSource):
|
||||
_network_config: Union[Dict, str] = sources.UNSET
|
||||
_crawled_metadata: Union[Dict, str] = sources.UNSET
|
||||
|
||||
- sensitive_metadata_keys = (
|
||||
- "merged_cfg",
|
||||
+ sensitive_metadata_keys: Tuple[
|
||||
+ str, ...
|
||||
+ ] = sources.DataSource.sensitive_metadata_keys + (
|
||||
"user.meta-data",
|
||||
"user.vendor-data",
|
||||
"user.user-data",
|
||||
+ "cloud-init.user-data",
|
||||
+ "cloud-init.vendor-data",
|
||||
)
|
||||
|
||||
skip_hotplug_detect = True
|
||||
diff --git a/cloudinit/sources/DataSourceVultr.py b/cloudinit/sources/DataSourceVultr.py
|
||||
index 9d7c84fb..660e9f14 100644
|
||||
--- a/cloudinit/sources/DataSourceVultr.py
|
||||
+++ b/cloudinit/sources/DataSourceVultr.py
|
||||
@@ -5,6 +5,8 @@
|
||||
# Vultr Metadata API:
|
||||
# https://www.vultr.com/metadata/
|
||||
|
||||
+from typing import Tuple
|
||||
+
|
||||
import cloudinit.sources.helpers.vultr as vultr
|
||||
from cloudinit import log as log
|
||||
from cloudinit import sources, util, version
|
||||
@@ -28,6 +30,10 @@ class DataSourceVultr(sources.DataSource):
|
||||
|
||||
dsname = "Vultr"
|
||||
|
||||
+ sensitive_metadata_keys: Tuple[
|
||||
+ str, ...
|
||||
+ ] = sources.DataSource.sensitive_metadata_keys + ("startup-script",)
|
||||
+
|
||||
def __init__(self, sys_cfg, distro, paths):
|
||||
super(DataSourceVultr, self).__init__(sys_cfg, distro, paths)
|
||||
self.ds_cfg = util.mergemanydict(
|
||||
@@ -54,13 +60,8 @@ class DataSourceVultr(sources.DataSource):
|
||||
self.get_datasource_data(self.metadata)
|
||||
|
||||
# Dump some data so diagnosing failures is manageable
|
||||
- LOG.debug("Vultr Vendor Config:")
|
||||
- LOG.debug(util.json_dumps(self.metadata["vendor-data"]))
|
||||
LOG.debug("SUBID: %s", self.metadata["instance-id"])
|
||||
LOG.debug("Hostname: %s", self.metadata["local-hostname"])
|
||||
- if self.userdata_raw is not None:
|
||||
- LOG.debug("User-Data:")
|
||||
- LOG.debug(self.userdata_raw)
|
||||
|
||||
return True
|
||||
|
||||
@@ -146,7 +147,4 @@ if __name__ == "__main__":
|
||||
config = md["vendor-data"]
|
||||
sysinfo = vultr.get_sysinfo()
|
||||
|
||||
- print(util.json_dumps(sysinfo))
|
||||
- print(util.json_dumps(config))
|
||||
-
|
||||
# vi: ts=4 expandtab
|
||||
diff --git a/cloudinit/sources/__init__.py b/cloudinit/sources/__init__.py
|
||||
index 565e1754..5c6ae8b1 100644
|
||||
--- a/cloudinit/sources/__init__.py
|
||||
+++ b/cloudinit/sources/__init__.py
|
||||
@@ -110,7 +110,10 @@ def process_instance_metadata(metadata, key_path="", sensitive_keys=()):
|
||||
sub_key_path = key_path + "/" + key
|
||||
else:
|
||||
sub_key_path = key
|
||||
- if key in sensitive_keys or sub_key_path in sensitive_keys:
|
||||
+ if (
|
||||
+ key.lower() in sensitive_keys
|
||||
+ or sub_key_path.lower() in sensitive_keys
|
||||
+ ):
|
||||
sens_keys.append(sub_key_path)
|
||||
if isinstance(val, str) and val.startswith("ci-b64:"):
|
||||
base64_encoded_keys.append(sub_key_path)
|
||||
@@ -132,6 +135,12 @@ def redact_sensitive_keys(metadata, redact_value=REDACT_SENSITIVE_VALUE):
|
||||
|
||||
Replace any keys values listed in 'sensitive_keys' with redact_value.
|
||||
"""
|
||||
+ # While 'sensitive_keys' should already sanitized to only include what
|
||||
+ # is in metadata, it is possible keys will overlap. For example, if
|
||||
+ # "merged_cfg" and "merged_cfg/ds/userdata" both match, it's possible that
|
||||
+ # "merged_cfg" will get replaced first, meaning "merged_cfg/ds/userdata"
|
||||
+ # no longer represents a valid key.
|
||||
+ # Thus, we still need to do membership checks in this function.
|
||||
if not metadata.get("sensitive_keys", []):
|
||||
return metadata
|
||||
md_copy = copy.deepcopy(metadata)
|
||||
@@ -139,9 +148,14 @@ def redact_sensitive_keys(metadata, redact_value=REDACT_SENSITIVE_VALUE):
|
||||
path_parts = key_path.split("/")
|
||||
obj = md_copy
|
||||
for path in path_parts:
|
||||
- if isinstance(obj[path], dict) and path != path_parts[-1]:
|
||||
+ if (
|
||||
+ path in obj
|
||||
+ and isinstance(obj[path], dict)
|
||||
+ and path != path_parts[-1]
|
||||
+ ):
|
||||
obj = obj[path]
|
||||
- obj[path] = redact_value
|
||||
+ if path in obj:
|
||||
+ obj[path] = redact_value
|
||||
return md_copy
|
||||
|
||||
|
||||
@@ -249,6 +263,14 @@ class DataSource(CloudInitPickleMixin, metaclass=abc.ABCMeta):
|
||||
sensitive_metadata_keys: Tuple[str, ...] = (
|
||||
"merged_cfg",
|
||||
"security-credentials",
|
||||
+ "userdata",
|
||||
+ "user-data",
|
||||
+ "user_data",
|
||||
+ "vendordata",
|
||||
+ "vendor-data",
|
||||
+ # Provide ds/vendor_data to avoid redacting top-level
|
||||
+ # "vendor_data": {enabled: True}
|
||||