* Wed Jan 10 2024 Camilla Conte <cconte@redhat.com> - 23.4-1

- 0003-Setting-autoconnect-priority-setting-for-network-scr.patch [RHEL-18313]
- Resolves: RHEL-18313
This commit is contained in:
RH Virt Maint Bot 2024-01-10 12:03:18 +00:00 committed by Camilla Conte
parent d45001b368
commit cfb42f5bca
33 changed files with 533 additions and 5836 deletions

View File

@ -1,11 +1,18 @@
From c4d66915520554adedff9be7396f877cd1a5525c Mon Sep 17 00:00:00 2001 From 03345a88b8b0008a4a81e010d46290f5ba643ebc Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com> From: Ani Sinha <anisinha@redhat.com>
Date: Mon, 6 Mar 2023 16:37:20 +0100 Date: Wed, 13 Dec 2023 11:54:55 +0530
Subject: [PATCH] Add initial redhat changes Subject: [PATCH] Add initial redhat changes
Adding minimal set of changes necessary for successful build of the package Adding minimal set of changes necessary for successful build of the package
on RHEL/CentOS 9 Stream koji. on RHEL/CentOS 9 Stream koji.
Additional changes on top of the changes in 23.1.1 rebase:
- Updated VERSION, TARSHA512, MARKER and BUILD_TARGET_RHEL parameters in
Makefile.common in .dist/
- Squashed unit test fixes for the downstream changes in cloudinit/settings.py.
Changes from 23.1.1 rebase follows:
Merged patches (23.1.1): Merged patches (23.1.1):
724a80ac Add TargetRelease 724a80ac Add TargetRelease
967a4405b rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg 967a4405b rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
@ -33,16 +40,19 @@ fe09305a5479a4814d6c46df07a906bafa29d637 Delete .gitlab-ci.yml
Conflicts: Conflicts:
missing rhel/ static files and "" instead of '' in setup.py missing rhel/ static files and "" instead of '' in setup.py
X-downstram-only: true
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Signed-off-by: Ani Sinha <anisinha@redhat.com>
--- ---
cloudinit/settings.py | 5 +++-- cloudinit/settings.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-) tests/unittests/cmd/test_main.py | 15 +++++++++------
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/cloudinit/settings.py b/cloudinit/settings.py diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index 8684d003..edbb217d 100644 index 592e144d..5ced21bd 100644
--- a/cloudinit/settings.py --- a/cloudinit/settings.py
+++ b/cloudinit/settings.py +++ b/cloudinit/settings.py
@@ -53,13 +53,14 @@ CFG_BUILTIN = { @@ -54,13 +54,14 @@ CFG_BUILTIN = {
], ],
"def_log_file": "/var/log/cloud-init.log", "def_log_file": "/var/log/cloud-init.log",
"log_cfgs": [], "log_cfgs": [],
@ -59,3 +69,31 @@ index 8684d003..edbb217d 100644
"network": {"renderers": None}, "network": {"renderers": None},
}, },
"vendor_data": {"enabled": True, "prefix": []}, "vendor_data": {"enabled": True, "prefix": []},
diff --git a/tests/unittests/cmd/test_main.py b/tests/unittests/cmd/test_main.py
index ab427115..19d26ebe 100644
--- a/tests/unittests/cmd/test_main.py
+++ b/tests/unittests/cmd/test_main.py
@@ -119,14 +119,17 @@ class TestMain(FilesystemMockingTestCase):
{
"def_log_file": "/var/log/cloud-init.log",
"log_cfgs": [],
- "syslog_fix_perms": [
- "syslog:adm",
- "root:adm",
- "root:wheel",
- "root:root",
- ],
"vendor_data": {"enabled": True, "prefix": []},
"vendor_data2": {"enabled": True, "prefix": []},
+ "syslog_fix_perms": [],
+ "mount_default_fields": [
+ None,
+ None,
+ "auto",
+ "defaults,nofail",
+ "0",
+ "2",
+ ],
}
)
updated_cfg.pop("system_info")

View File

@ -1,4 +1,4 @@
From b3b96bff187e9d0bfcbfefd5fca05c61bd50d368 Mon Sep 17 00:00:00 2001 From 5129908caa1867c7f584ec8d38607cf56b20521a Mon Sep 17 00:00:00 2001
From: Eduardo Otubo <otubo@redhat.com> From: Eduardo Otubo <otubo@redhat.com>
Date: Fri, 7 May 2021 13:36:06 +0200 Date: Fri, 7 May 2021 13:36:06 +0200
Subject: [PATCH] Do not write NM_CONTROLLED=no in generated interface config Subject: [PATCH] Do not write NM_CONTROLLED=no in generated interface config
@ -15,16 +15,20 @@ Merged patches (21.1):
X-downstream-only: true X-downstream-only: true
Signed-off-by: Eduardo Otubo <otubo@redhat.com> Signed-off-by: Eduardo Otubo <otubo@redhat.com>
Signed-off-by: Ryan McCabe <rmccabe@redhat.com> Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
Signed-off-by: Ani Sinha <anisinha@redhat.com>
--- ---
cloudinit/net/sysconfig.py | 12 ++++++++++-- cloudinit/net/sysconfig.py | 12 ++++-
tests/unittests/test_net.py | 28 ---------------------------- tests/unittests/cmd/devel/test_net_convert.py | 1 -
2 files changed, 10 insertions(+), 30 deletions(-) tests/unittests/distros/test_netconfig.py | 8 ---
tests/unittests/test_net.py | 53 -------------------
4 files changed, 10 insertions(+), 64 deletions(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index d4daa78f..a7dbe55b 100644 index 7570a5e3..f01c4236 100644
--- a/cloudinit/net/sysconfig.py --- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py +++ b/cloudinit/net/sysconfig.py
@@ -316,7 +316,6 @@ class Renderer(renderer.Renderer): @@ -317,7 +317,6 @@ class Renderer(renderer.Renderer):
"rhel": { "rhel": {
"ONBOOT": True, "ONBOOT": True,
"USERCTL": False, "USERCTL": False,
@ -32,26 +36,106 @@ index d4daa78f..a7dbe55b 100644
"BOOTPROTO": "none", "BOOTPROTO": "none",
}, },
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"}, "suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
@@ -1019,7 +1018,16 @@ class Renderer(renderer.Renderer): @@ -1030,7 +1029,16 @@ class Renderer(renderer.Renderer):
# Distros configuring /etc/sysconfig/network as a file e.g. Centos # Distros configuring /etc/sysconfig/network as a file e.g. Centos
if sysconfig_path.endswith("network"): if sysconfig_path.endswith("network"):
util.ensure_dir(os.path.dirname(sysconfig_path)) util.ensure_dir(os.path.dirname(sysconfig_path))
- netcfg = [_make_header(), "NETWORKING=yes"] - netcfg = [_make_header(), "NETWORKING=yes"]
+ netcfg = [] + netcfg = []
+ for line in util.load_file(sysconfig_path, quiet=True).split('\n'): + for line in util.load_file(sysconfig_path, quiet=True).split("\n"):
+ if 'cloud-init' in line: + if "cloud-init" in line:
+ break + break
+ if not line.startswith(('NETWORKING=', + if not line.startswith(
+ 'IPV6_AUTOCONF=', + ("NETWORKING=", "IPV6_AUTOCONF=", "NETWORKING_IPV6=")
+ 'NETWORKING_IPV6=')): + ):
+ netcfg.append(line) + netcfg.append(line)
+ # Now generate the cloud-init portion of sysconfig/network + # Now generate the cloud-init portion of sysconfig/network
+ netcfg.extend([_make_header(), 'NETWORKING=yes']) + netcfg.extend([_make_header(), "NETWORKING=yes"])
if network_state.use_ipv6: if network_state.use_ipv6:
netcfg.append("NETWORKING_IPV6=yes") netcfg.append("NETWORKING_IPV6=yes")
netcfg.append("IPV6_AUTOCONF=no") netcfg.append("IPV6_AUTOCONF=no")
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index fb72963f..7b9121b2 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -62,7 +62,6 @@ SAMPLE_SYSCONFIG_CONTENT = """\
#
BOOTPROTO=dhcp
DEVICE=eth0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index 7ba430f2..962ff7fb 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -723,7 +723,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
GATEWAY=192.168.1.254
IPADDR=192.168.1.5
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -733,7 +732,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
"""\
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -764,7 +762,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -774,7 +771,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
"""\
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -821,7 +817,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
HWADDR=00:16:3e:60:7c:df
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -833,7 +828,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=infra0
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
@@ -869,7 +863,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -881,7 +874,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0.1001
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 056aaeb6..0f523ff8 100644 index c5509536..052b0674 100644
--- a/tests/unittests/test_net.py --- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py +++ b/tests/unittests/test_net.py
@@ -585,7 +585,6 @@ GATEWAY=172.19.3.254 @@ -585,7 +585,6 @@ GATEWAY=172.19.3.254
@ -62,7 +146,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -749,7 +748,6 @@ IPADDR=172.19.1.34 @@ -750,7 +749,6 @@ IPADDR=172.19.1.34
IPADDR1=10.0.0.10 IPADDR1=10.0.0.10
NETMASK=255.255.252.0 NETMASK=255.255.252.0
NETMASK1=255.255.255.0 NETMASK1=255.255.255.0
@ -70,7 +154,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -911,7 +909,6 @@ IPV6_AUTOCONF=no @@ -912,7 +910,6 @@ IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2001:DB8::1 IPV6_DEFAULTGW=2001:DB8::1
IPV6_FORCE_ACCEPT_RA=no IPV6_FORCE_ACCEPT_RA=no
NETMASK=255.255.252.0 NETMASK=255.255.252.0
@ -78,7 +162,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -1090,7 +1087,6 @@ NETWORK_CONFIGS = { @@ -1143,7 +1140,6 @@ NETWORK_CONFIGS = {
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth1 DEVICE=eth1
HWADDR=cf:d6:af:48:e8:80 HWADDR=cf:d6:af:48:e8:80
@ -86,7 +170,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -1109,7 +1105,6 @@ NETWORK_CONFIGS = { @@ -1162,7 +1158,6 @@ NETWORK_CONFIGS = {
IPADDR=192.168.21.3 IPADDR=192.168.21.3
NETMASK=255.255.255.0 NETMASK=255.255.255.0
METRIC=10000 METRIC=10000
@ -94,7 +178,23 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -1353,7 +1348,6 @@ NETWORK_CONFIGS = { @@ -1319,7 +1314,6 @@ NETWORK_CONFIGS = {
BOOTPROTO=none
DEVICE=eth1
HWADDR=cf:d6:af:48:e8:80
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no"""
@@ -1338,7 +1332,6 @@ NETWORK_CONFIGS = {
IPADDR=192.168.21.3
NETMASK=255.255.255.0
METRIC=10000
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no"""
@@ -1581,7 +1574,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no IPV6_FORCE_ACCEPT_RA=no
NETMASK=255.255.255.0 NETMASK=255.255.255.0
@ -102,7 +202,79 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -2377,7 +2371,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -1725,7 +1717,6 @@ NETWORK_CONFIGS = {
DHCPV6C=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1816,7 +1807,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1892,7 +1882,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1956,7 +1945,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2014,7 +2002,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2071,7 +2058,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2157,7 +2143,6 @@ NETWORK_CONFIGS = {
IPV6_FAILURE_FATAL=yes
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2198,7 +2183,6 @@ NETWORK_CONFIGS = {
"""\
BOOTPROTO=dhcp
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2275,7 +2259,6 @@ NETWORK_CONFIGS = {
BOOTPROTO=dhcp
DEVICE=iface0
ETHTOOL_OPTS="wol g"
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2619,7 +2602,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
DHCPV6C=yes DHCPV6C=yes
IPV6INIT=yes IPV6INIT=yes
MACADDR=aa:bb:cc:dd:ee:ff MACADDR=aa:bb:cc:dd:ee:ff
@ -110,7 +282,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Bond TYPE=Bond
USERCTL=no""" USERCTL=no"""
@@ -2387,7 +2380,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2629,7 +2611,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=bond0.200 DEVICE=bond0.200
DHCLIENT_SET_DEFAULT_ROUTE=no DHCLIENT_SET_DEFAULT_ROUTE=no
@ -118,7 +290,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
PHYSDEV=bond0 PHYSDEV=bond0
USERCTL=no USERCTL=no
@@ -2407,7 +2399,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2649,7 +2630,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
IPV6_DEFAULTGW=2001:4800:78ff:1b::1 IPV6_DEFAULTGW=2001:4800:78ff:1b::1
MACADDR=bb:bb:bb:bb:bb:aa MACADDR=bb:bb:bb:bb:bb:aa
NETMASK=255.255.255.0 NETMASK=255.255.255.0
@ -126,7 +298,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
PRIO=22 PRIO=22
STP=no STP=no
@@ -2419,7 +2410,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2661,7 +2641,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
HWADDR=c0:d6:9f:2c:e8:80 HWADDR=c0:d6:9f:2c:e8:80
@ -134,7 +306,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -2438,7 +2428,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2680,7 +2659,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
MTU=1500 MTU=1500
NETMASK=255.255.255.0 NETMASK=255.255.255.0
NETMASK1=255.255.255.0 NETMASK1=255.255.255.0
@ -142,7 +314,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
PHYSDEV=eth0 PHYSDEV=eth0
USERCTL=no USERCTL=no
@@ -2450,7 +2439,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2692,7 +2670,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
DEVICE=eth1 DEVICE=eth1
HWADDR=aa:d6:9f:2c:e8:80 HWADDR=aa:d6:9f:2c:e8:80
MASTER=bond0 MASTER=bond0
@ -150,7 +322,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
SLAVE=yes SLAVE=yes
TYPE=Ethernet TYPE=Ethernet
@@ -2462,7 +2450,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2704,7 +2681,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
DEVICE=eth2 DEVICE=eth2
HWADDR=c0:bb:9f:2c:e8:80 HWADDR=c0:bb:9f:2c:e8:80
MASTER=bond0 MASTER=bond0
@ -158,7 +330,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
SLAVE=yes SLAVE=yes
TYPE=Ethernet TYPE=Ethernet
@@ -2474,7 +2461,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2716,7 +2692,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
BRIDGE=br0 BRIDGE=br0
DEVICE=eth3 DEVICE=eth3
HWADDR=66:bb:9f:2c:e8:80 HWADDR=66:bb:9f:2c:e8:80
@ -166,7 +338,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -2485,7 +2471,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2727,7 +2702,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
BRIDGE=br0 BRIDGE=br0
DEVICE=eth4 DEVICE=eth4
HWADDR=98:bb:9f:2c:e8:80 HWADDR=98:bb:9f:2c:e8:80
@ -174,7 +346,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -2496,7 +2481,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2738,7 +2712,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
DEVICE=eth5 DEVICE=eth5
DHCLIENT_SET_DEFAULT_ROUTE=no DHCLIENT_SET_DEFAULT_ROUTE=no
HWADDR=98:bb:9f:2c:e8:8a HWADDR=98:bb:9f:2c:e8:8a
@ -182,7 +354,15 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=no ONBOOT=no
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -3220,7 +3204,6 @@ iface bond0 inet6 static @@ -2751,7 +2724,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
IPADDR=192.168.200.7
MTU=9000
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=InfiniBand
USERCTL=no"""
@@ -3473,7 +3445,6 @@ iface bond0 inet6 static
MTU=9000 MTU=9000
NETMASK=255.255.255.0 NETMASK=255.255.255.0
NETMASK1=255.255.255.0 NETMASK1=255.255.255.0
@ -190,7 +370,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Bond TYPE=Bond
USERCTL=no USERCTL=no
@@ -3232,7 +3215,6 @@ iface bond0 inet6 static @@ -3485,7 +3456,6 @@ iface bond0 inet6 static
DEVICE=bond0s0 DEVICE=bond0s0
HWADDR=aa:bb:cc:dd:e8:00 HWADDR=aa:bb:cc:dd:e8:00
MASTER=bond0 MASTER=bond0
@ -198,7 +378,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
SLAVE=yes SLAVE=yes
TYPE=Ethernet TYPE=Ethernet
@@ -3260,7 +3242,6 @@ iface bond0 inet6 static @@ -3513,7 +3483,6 @@ iface bond0 inet6 static
DEVICE=bond0s1 DEVICE=bond0s1
HWADDR=aa:bb:cc:dd:e8:01 HWADDR=aa:bb:cc:dd:e8:01
MASTER=bond0 MASTER=bond0
@ -206,7 +386,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
SLAVE=yes SLAVE=yes
TYPE=Ethernet TYPE=Ethernet
@@ -3406,7 +3387,6 @@ iface bond0 inet6 static @@ -3662,7 +3631,6 @@ iface bond0 inet6 static
BOOTPROTO=none BOOTPROTO=none
DEVICE=en0 DEVICE=en0
HWADDR=aa:bb:cc:dd:e8:00 HWADDR=aa:bb:cc:dd:e8:00
@ -214,7 +394,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no""" USERCTL=no"""
@@ -3427,7 +3407,6 @@ iface bond0 inet6 static @@ -3683,7 +3651,6 @@ iface bond0 inet6 static
MTU=2222 MTU=2222
NETMASK=255.255.255.0 NETMASK=255.255.255.0
NETMASK1=255.255.255.0 NETMASK1=255.255.255.0
@ -222,7 +402,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
PHYSDEV=en0 PHYSDEV=en0
USERCTL=no USERCTL=no
@@ -3553,7 +3532,6 @@ iface bond0 inet6 static @@ -3811,7 +3778,6 @@ iface bond0 inet6 static
DEVICE=br0 DEVICE=br0
IPADDR=192.168.2.2 IPADDR=192.168.2.2
NETMASK=255.255.255.0 NETMASK=255.255.255.0
@ -230,7 +410,23 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
PRIO=22 PRIO=22
STP=no STP=no
@@ -3769,7 +3747,6 @@ iface bond0 inet6 static @@ -3829,7 +3795,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -3845,7 +3810,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -4030,7 +3994,6 @@ iface bond0 inet6 static
HWADDR=52:54:00:12:34:00 HWADDR=52:54:00:12:34:00
IPADDR=192.168.1.2 IPADDR=192.168.1.2
NETMASK=255.255.255.0 NETMASK=255.255.255.0
@ -238,7 +434,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=no ONBOOT=no
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -3781,7 +3758,6 @@ iface bond0 inet6 static @@ -4042,7 +4005,6 @@ iface bond0 inet6 static
DEVICE=eth1 DEVICE=eth1
HWADDR=52:54:00:12:34:aa HWADDR=52:54:00:12:34:aa
MTU=1480 MTU=1480
@ -246,7 +442,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -3792,7 +3768,6 @@ iface bond0 inet6 static @@ -4053,7 +4015,6 @@ iface bond0 inet6 static
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth2 DEVICE=eth2
HWADDR=52:54:00:12:34:ff HWADDR=52:54:00:12:34:ff
@ -254,7 +450,15 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=no ONBOOT=no
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -4469,7 +4444,6 @@ class TestRhelSysConfigRendering(CiTestCase): @@ -4138,7 +4099,6 @@ iface bond0 inet6 static
BOOTPROTO=none
DEVICE=eth0
HWADDR=cf:d6:af:48:e8:80
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no"""
@@ -4736,7 +4696,6 @@ class TestRhelSysConfigRendering(CiTestCase):
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth1000 DEVICE=eth1000
HWADDR=07-1c-c6-75-a4-be HWADDR=07-1c-c6-75-a4-be
@ -262,7 +466,7 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -4681,7 +4655,6 @@ GATEWAY=10.0.2.2 @@ -4948,7 +4907,6 @@ GATEWAY=10.0.2.2
HWADDR=52:54:00:12:34:00 HWADDR=52:54:00:12:34:00
IPADDR=10.0.2.15 IPADDR=10.0.2.15
NETMASK=255.255.255.0 NETMASK=255.255.255.0
@ -270,7 +474,23 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -4751,7 +4724,6 @@ USERCTL=no @@ -4979,7 +4937,6 @@ HWADDR=fa:16:3e:25:b4:59
IPADDR=51.68.89.122
MTU=1500
NETMASK=255.255.240.0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -4993,7 +4950,6 @@ DEVICE=eth1
DHCLIENT_SET_DEFAULT_ROUTE=no
HWADDR=fa:16:3e:b1:ca:29
MTU=9000
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5018,7 +4974,6 @@ USERCTL=no
# #
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth0 DEVICE=eth0
@ -278,3 +498,67 @@ index 056aaeb6..0f523ff8 100644
ONBOOT=yes ONBOOT=yes
TYPE=Ethernet TYPE=Ethernet
USERCTL=no USERCTL=no
@@ -5251,7 +5206,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
IPV6_DEFAULTGW=2001:db8::1
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5283,7 +5237,6 @@ USERCTL=no
"""\
BOOTPROTO=none
DEVICE=eno1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5296,7 +5249,6 @@ USERCTL=no
IPADDR=192.6.1.9
MTU=1495
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eno1
USERCTL=no
@@ -5332,7 +5284,6 @@ USERCTL=no
IPADDR=10.101.8.65
MTU=1334
NETMASK=255.255.255.192
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Bond
USERCTL=no
@@ -5344,7 +5295,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s0
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5357,7 +5307,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s1
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5388,7 +5337,6 @@ USERCTL=no
DEVICE=eno1
HWADDR=07-1c-c6-75-a4-be
METRIC=100
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5479,7 +5427,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
MTU=1400
NETMASK=255.255.248.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no

View File

@ -1,8 +1,52 @@
From 908387bc0a73ae3431c0ad90f83e6a4a4e902edb Mon Sep 17 00:00:00 2001 From 8a2fcbbcfdfc1df6f6c18f96588154f40083a239 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com> From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 15:47:09 +0530 Date: Wed, 13 Dec 2023 11:55:16 +0530
Subject: [PATCH] test fixes: update tests to reflect AUTOCONNECT_PRIORITY Subject: [PATCH] Setting autoconnect priority setting for network-scripts
setting
Squashed the following three downstream only commits from RHEL 9.3:
Commit 1:
Setting highest autoconnect priority for network-scripts
RH-Author: Eduardo Otubo <otubo@redhat.com>
RH-MergeRequest: 22: Setting highest autoconnect priority for network-scripts
RH-Commit: [1/1] 34f1d62f8934a983a124df95b861a1e448681d3b (otubo/cloud-init-src)
RH-Bugzilla: 2036060
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Set the highest autoconnect priority for network-scripts which is
loaded by NetworkManager ifcfg-rh plugin. Note that keyfile is the only
and default existing plugin on RHEL9, by setting the highest autoconnect
priority for network-scripts, NetworkManager will activate
network-scripts but keyfile. Network-scripts path:
Since this is a blocking issue, we decided to have this one-liner
downstream-only patch so we can move forward and have a better
NetworkManager support later on the release.
rhbz: 2036060
x-downstream-only: yes
Commit 2:
net/sysconfig: do not use the highest autoconnect priority
Using the highest priority is a very big hammer that we may not want to use. We
may want users to override the cloud init generated ifcfg files for custom
configuration of interfaces. If cloud init uses the highest priority, nothing
can beat it. Hence lower the priority to 120 allowing values from 121 to 999
to be used by users if they want to use a custom interface nm keyfile.
X-downstream-only: true
Suggested-by: thaller@redhat.com
fixes: c589da20eb92231 ("Setting highest autoconnect priority for network-scripts")
Commit 3:
test fixes: update tests to reflect AUTOCONNECT_PRIORITY setting
X-downstream-only: true X-downstream-only: true
fixes: 0a2c6b6118ff ("net/sysconfig: do not use the highest autoconnect priority") fixes: 0a2c6b6118ff ("net/sysconfig: do not use the highest autoconnect priority")
@ -10,25 +54,38 @@ fixes: c589da20eb92 ("Setting highest autoconnect priority for network-scripts")
Signed-off-by: Ani Sinha <anisinha@redhat.com> Signed-off-by: Ani Sinha <anisinha@redhat.com>
--- ---
cloudinit/net/sysconfig.py | 1 +
tests/unittests/cmd/devel/test_net_convert.py | 1 + tests/unittests/cmd/devel/test_net_convert.py | 1 +
tests/unittests/distros/test_netconfig.py | 8 +++ tests/unittests/distros/test_netconfig.py | 8 +++
tests/unittests/test_net.py | 51 +++++++++++++++++++ tests/unittests/test_net.py | 53 +++++++++++++++++++
3 files changed, 60 insertions(+) 4 files changed, 63 insertions(+)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index f01c4236..d39f4fe3 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -318,6 +318,7 @@ class Renderer(renderer.Renderer):
"ONBOOT": True,
"USERCTL": False,
"BOOTPROTO": "none",
+ "AUTOCONNECT_PRIORITY": 120,
},
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
}
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index 71654750..43e879f7 100644 index 7b9121b2..288e3e37 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py --- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py +++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -60,6 +60,7 @@ DHCP=ipv4 @@ -60,6 +60,7 @@ DHCP=ipv4
SAMPLE_SYSCONFIG_CONTENT = """\ SAMPLE_SYSCONFIG_CONTENT = """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth0 DEVICE=eth0
NM_CONTROLLED=no ONBOOT=yes
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index b1c89ce3..eaf723c8 100644 index 962ff7fb..4c624079 100644
--- a/tests/unittests/distros/test_netconfig.py --- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py +++ b/tests/unittests/distros/test_netconfig.py
@@ -717,6 +717,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -717,6 +717,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
@ -39,15 +96,15 @@ index b1c89ce3..eaf723c8 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth0 DEVICE=eth0
@@ -731,6 +732,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -730,6 +731,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
), ),
self.ifcfg_path("eth1"): dedent( self.ifcfg_path("eth1"): dedent(
"""\ """\
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth1 DEVICE=eth1
NM_CONTROLLED=no ONBOOT=yes
@@ -756,6 +758,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -754,6 +756,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = { expected_cfgs = {
self.ifcfg_path("eth0"): dedent( self.ifcfg_path("eth0"): dedent(
"""\ """\
@ -55,15 +112,15 @@ index b1c89ce3..eaf723c8 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth0 DEVICE=eth0
@@ -772,6 +775,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -769,6 +772,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
), ),
self.ifcfg_path("eth1"): dedent( self.ifcfg_path("eth1"): dedent(
"""\ """\
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth1 DEVICE=eth1
NM_CONTROLLED=no ONBOOT=yes
@@ -816,6 +820,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -812,6 +816,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = { expected_cfgs = {
self.ifcfg_path("eth0"): dedent( self.ifcfg_path("eth0"): dedent(
"""\ """\
@ -71,7 +128,7 @@ index b1c89ce3..eaf723c8 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
HWADDR=00:16:3e:60:7c:df HWADDR=00:16:3e:60:7c:df
@@ -829,6 +834,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -824,6 +829,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
), ),
self.ifcfg_path("infra0"): dedent( self.ifcfg_path("infra0"): dedent(
"""\ """\
@ -79,7 +136,7 @@ index b1c89ce3..eaf723c8 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=infra0 DEVICE=infra0
IPADDR=10.0.1.2 IPADDR=10.0.1.2
@@ -865,6 +871,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -859,6 +865,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs = { expected_cfgs = {
self.ifcfg_path("eth0"): dedent( self.ifcfg_path("eth0"): dedent(
"""\ """\
@ -87,7 +144,7 @@ index b1c89ce3..eaf723c8 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
IPADDR=192.10.1.2 IPADDR=192.10.1.2
@@ -877,6 +884,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): @@ -870,6 +877,7 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
), ),
self.ifcfg_path("eth0.1001"): dedent( self.ifcfg_path("eth0.1001"): dedent(
"""\ """\
@ -96,12 +153,12 @@ index b1c89ce3..eaf723c8 100644
DEVICE=eth0.1001 DEVICE=eth0.1001
IPADDR=10.0.1.2 IPADDR=10.0.1.2
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 7abe61b9..1261840b 100644 index 052b0674..cef4fa2d 100644
--- a/tests/unittests/test_net.py --- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py +++ b/tests/unittests/test_net.py
@@ -578,6 +578,7 @@ dns = none @@ -578,6 +578,7 @@ dns = none
""" """
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
@ -109,7 +166,7 @@ index 7abe61b9..1261840b 100644
DEVICE=eth0 DEVICE=eth0
@@ -740,6 +741,7 @@ dns = none @@ -740,6 +741,7 @@ dns = none
""" """
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
@ -117,13 +174,13 @@ index 7abe61b9..1261840b 100644
DEVICE=eth0 DEVICE=eth0
@@ -897,6 +899,7 @@ dns = none @@ -897,6 +899,7 @@ dns = none
""" """
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth0 DEVICE=eth0
@@ -1085,6 +1088,7 @@ NETWORK_CONFIGS = { @@ -1137,6 +1140,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-eth1": textwrap.dedent( "ifcfg-eth1": textwrap.dedent(
"""\ """\
@ -131,7 +188,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth1 DEVICE=eth1
HWADDR=cf:d6:af:48:e8:80 HWADDR=cf:d6:af:48:e8:80
@@ -1094,6 +1098,7 @@ NETWORK_CONFIGS = { @@ -1146,6 +1150,7 @@ NETWORK_CONFIGS = {
), ),
"ifcfg-eth99": textwrap.dedent( "ifcfg-eth99": textwrap.dedent(
"""\ """\
@ -139,7 +196,23 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth99 DEVICE=eth99
@@ -1344,6 +1349,7 @@ NETWORK_CONFIGS = { @@ -1311,6 +1316,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": {
"ifcfg-eth1": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eth1
HWADDR=cf:d6:af:48:e8:80
@@ -1320,6 +1326,7 @@ NETWORK_CONFIGS = {
),
"ifcfg-eth99": textwrap.dedent(
"""\
+ AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEFROUTE=yes
DEVICE=eth99
@@ -1566,6 +1573,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -147,7 +220,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
IPADDR=192.168.14.2 IPADDR=192.168.14.2
@@ -1490,6 +1496,7 @@ NETWORK_CONFIGS = { @@ -1712,6 +1720,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -155,7 +228,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
DHCPV6C=yes DHCPV6C=yes
@@ -1580,6 +1587,7 @@ NETWORK_CONFIGS = { @@ -1801,6 +1810,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -163,7 +236,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
DHCPV6C=yes DHCPV6C=yes
@@ -1656,6 +1664,7 @@ NETWORK_CONFIGS = { @@ -1876,6 +1886,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -171,7 +244,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
DHCPV6C=yes DHCPV6C=yes
@@ -1721,6 +1730,7 @@ NETWORK_CONFIGS = { @@ -1940,6 +1951,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -179,7 +252,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
IPV6_AUTOCONF=yes IPV6_AUTOCONF=yes
@@ -1774,6 +1784,7 @@ NETWORK_CONFIGS = { @@ -1995,6 +2007,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -187,7 +260,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
IPV6ADDR=2001:1::1/64 IPV6ADDR=2001:1::1/64
@@ -1831,6 +1842,7 @@ NETWORK_CONFIGS = { @@ -2051,6 +2064,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -195,23 +268,23 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
DHCPV6C=yes DHCPV6C=yes
@@ -1913,6 +1925,7 @@ NETWORK_CONFIGS = { @@ -2135,6 +2149,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=none
DEVICE=iface0 DEVICE=iface0
DHCPV6C=yes DHCPV6C=yes
@@ -1959,6 +1972,7 @@ NETWORK_CONFIGS = { @@ -2181,6 +2196,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=iface0 DEVICE=iface0
NM_CONTROLLED=no ONBOOT=yes
@@ -2035,6 +2049,7 @@ NETWORK_CONFIGS = { @@ -2256,6 +2272,7 @@ NETWORK_CONFIGS = {
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-iface0": textwrap.dedent( "ifcfg-iface0": textwrap.dedent(
"""\ """\
@ -219,7 +292,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=iface0 DEVICE=iface0
ETHTOOL_OPTS="wol g" ETHTOOL_OPTS="wol g"
@@ -2371,6 +2386,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2591,6 +2608,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-bond0": textwrap.dedent( "ifcfg-bond0": textwrap.dedent(
"""\ """\
@ -227,7 +300,7 @@ index 7abe61b9..1261840b 100644
BONDING_MASTER=yes BONDING_MASTER=yes
BONDING_OPTS="mode=active-backup """ BONDING_OPTS="mode=active-backup """
"""xmit_hash_policy=layer3+4 """ """xmit_hash_policy=layer3+4 """
@@ -2388,6 +2404,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2608,6 +2626,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-bond0.200": textwrap.dedent( "ifcfg-bond0.200": textwrap.dedent(
"""\ """\
@ -235,7 +308,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=bond0.200 DEVICE=bond0.200
DHCLIENT_SET_DEFAULT_ROUTE=no DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -2399,6 +2416,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2619,6 +2638,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
"ifcfg-br0": textwrap.dedent( "ifcfg-br0": textwrap.dedent(
"""\ """\
AGEING=250 AGEING=250
@ -243,7 +316,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=br0 DEVICE=br0
@@ -2418,6 +2436,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2638,6 +2658,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth0": textwrap.dedent( "ifcfg-eth0": textwrap.dedent(
"""\ """\
@ -251,7 +324,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
HWADDR=c0:d6:9f:2c:e8:80 HWADDR=c0:d6:9f:2c:e8:80
@@ -2427,6 +2446,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2647,6 +2668,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth0.101": textwrap.dedent( "ifcfg-eth0.101": textwrap.dedent(
"""\ """\
@ -259,7 +332,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth0.101 DEVICE=eth0.101
@@ -2446,6 +2466,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2666,6 +2688,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth1": textwrap.dedent( "ifcfg-eth1": textwrap.dedent(
"""\ """\
@ -267,7 +340,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth1 DEVICE=eth1
HWADDR=aa:d6:9f:2c:e8:80 HWADDR=aa:d6:9f:2c:e8:80
@@ -2457,6 +2478,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2677,6 +2700,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth2": textwrap.dedent( "ifcfg-eth2": textwrap.dedent(
"""\ """\
@ -275,7 +348,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth2 DEVICE=eth2
HWADDR=c0:bb:9f:2c:e8:80 HWADDR=c0:bb:9f:2c:e8:80
@@ -2468,6 +2490,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2688,6 +2712,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth3": textwrap.dedent( "ifcfg-eth3": textwrap.dedent(
"""\ """\
@ -283,7 +356,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
BRIDGE=br0 BRIDGE=br0
DEVICE=eth3 DEVICE=eth3
@@ -2478,6 +2501,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2698,6 +2723,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth4": textwrap.dedent( "ifcfg-eth4": textwrap.dedent(
"""\ """\
@ -291,7 +364,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
BRIDGE=br0 BRIDGE=br0
DEVICE=eth4 DEVICE=eth4
@@ -2488,6 +2512,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2708,6 +2734,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-eth5": textwrap.dedent( "ifcfg-eth5": textwrap.dedent(
"""\ """\
@ -299,7 +372,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth5 DEVICE=eth5
DHCLIENT_SET_DEFAULT_ROUTE=no DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -2498,6 +2523,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true @@ -2718,6 +2745,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
), ),
"ifcfg-ib0": textwrap.dedent( "ifcfg-ib0": textwrap.dedent(
"""\ """\
@ -307,7 +380,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=ib0 DEVICE=ib0
HWADDR=a0:00:02:20:fe:80:00:00:00:00:00:00:ec:0d:9a:03:00:15:e2:c1 HWADDR=a0:00:02:20:fe:80:00:00:00:00:00:00:ec:0d:9a:03:00:15:e2:c1
@@ -3203,6 +3229,7 @@ iface bond0 inet6 static @@ -3422,6 +3450,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-bond0": textwrap.dedent( "ifcfg-bond0": textwrap.dedent(
"""\ """\
@ -315,7 +388,7 @@ index 7abe61b9..1261840b 100644
BONDING_MASTER=yes BONDING_MASTER=yes
BONDING_OPTS="mode=active-backup xmit_hash_policy=layer3+4 """ BONDING_OPTS="mode=active-backup xmit_hash_policy=layer3+4 """
"""miimon=100 num_grat_arp=5 """ """miimon=100 num_grat_arp=5 """
@@ -3233,6 +3260,7 @@ iface bond0 inet6 static @@ -3452,6 +3481,7 @@ iface bond0 inet6 static
), ),
"ifcfg-bond0s0": textwrap.dedent( "ifcfg-bond0s0": textwrap.dedent(
"""\ """\
@ -323,7 +396,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=bond0s0 DEVICE=bond0s0
HWADDR=aa:bb:cc:dd:e8:00 HWADDR=aa:bb:cc:dd:e8:00
@@ -3260,6 +3288,7 @@ iface bond0 inet6 static @@ -3479,6 +3509,7 @@ iface bond0 inet6 static
), ),
"ifcfg-bond0s1": textwrap.dedent( "ifcfg-bond0s1": textwrap.dedent(
"""\ """\
@ -331,7 +404,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=bond0s1 DEVICE=bond0s1
HWADDR=aa:bb:cc:dd:e8:01 HWADDR=aa:bb:cc:dd:e8:01
@@ -3409,6 +3438,7 @@ iface bond0 inet6 static @@ -3628,6 +3659,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-en0": textwrap.dedent( "ifcfg-en0": textwrap.dedent(
"""\ """\
@ -339,7 +412,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=en0 DEVICE=en0
HWADDR=aa:bb:cc:dd:e8:00 HWADDR=aa:bb:cc:dd:e8:00
@@ -3418,6 +3448,7 @@ iface bond0 inet6 static @@ -3637,6 +3669,7 @@ iface bond0 inet6 static
), ),
"ifcfg-en0.99": textwrap.dedent( "ifcfg-en0.99": textwrap.dedent(
"""\ """\
@ -347,7 +420,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=en0.99 DEVICE=en0.99
@@ -3555,6 +3586,7 @@ iface bond0 inet6 static @@ -3774,6 +3807,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-br0": textwrap.dedent( "ifcfg-br0": textwrap.dedent(
"""\ """\
@ -355,7 +428,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=br0 DEVICE=br0
IPADDR=192.168.2.2 IPADDR=192.168.2.2
@@ -3568,6 +3600,7 @@ iface bond0 inet6 static @@ -3787,6 +3821,7 @@ iface bond0 inet6 static
), ),
"ifcfg-eth0": textwrap.dedent( "ifcfg-eth0": textwrap.dedent(
"""\ """\
@ -363,7 +436,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
BRIDGE=br0 BRIDGE=br0
DEVICE=eth0 DEVICE=eth0
@@ -3584,6 +3617,7 @@ iface bond0 inet6 static @@ -3802,6 +3837,7 @@ iface bond0 inet6 static
), ),
"ifcfg-eth1": textwrap.dedent( "ifcfg-eth1": textwrap.dedent(
"""\ """\
@ -371,7 +444,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
BRIDGE=br0 BRIDGE=br0
DEVICE=eth1 DEVICE=eth1
@@ -3772,6 +3806,7 @@ iface bond0 inet6 static @@ -3989,6 +4025,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-eth0": textwrap.dedent( "ifcfg-eth0": textwrap.dedent(
"""\ """\
@ -379,7 +452,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
HWADDR=52:54:00:12:34:00 HWADDR=52:54:00:12:34:00
@@ -3784,6 +3819,7 @@ iface bond0 inet6 static @@ -4001,6 +4038,7 @@ iface bond0 inet6 static
), ),
"ifcfg-eth1": textwrap.dedent( "ifcfg-eth1": textwrap.dedent(
"""\ """\
@ -387,7 +460,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth1 DEVICE=eth1
HWADDR=52:54:00:12:34:aa HWADDR=52:54:00:12:34:aa
@@ -3795,6 +3831,7 @@ iface bond0 inet6 static @@ -4012,6 +4050,7 @@ iface bond0 inet6 static
), ),
"ifcfg-eth2": textwrap.dedent( "ifcfg-eth2": textwrap.dedent(
"""\ """\
@ -395,7 +468,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth2 DEVICE=eth2
HWADDR=52:54:00:12:34:ff HWADDR=52:54:00:12:34:ff
@@ -3879,6 +3916,7 @@ iface bond0 inet6 static @@ -4096,6 +4135,7 @@ iface bond0 inet6 static
"expected_sysconfig_rhel": { "expected_sysconfig_rhel": {
"ifcfg-eth0": textwrap.dedent( "ifcfg-eth0": textwrap.dedent(
"""\ """\
@ -403,47 +476,47 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eth0 DEVICE=eth0
HWADDR=cf:d6:af:48:e8:80 HWADDR=cf:d6:af:48:e8:80
@@ -4474,6 +4512,7 @@ class TestRhelSysConfigRendering(CiTestCase): @@ -4693,6 +4733,7 @@ class TestRhelSysConfigRendering(CiTestCase):
expected_content = """ expected_content = """
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth1000 DEVICE=eth1000
HWADDR=07-1c-c6-75-a4-be HWADDR=07-1c-c6-75-a4-be
@@ -4681,6 +4720,7 @@ USERCTL=no @@ -4900,6 +4941,7 @@ USERCTL=no
expected = """\ expected = """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=interface0 DEVICE=interface0
@@ -4710,6 +4750,7 @@ USERCTL=no @@ -4929,6 +4971,7 @@ USERCTL=no
expected_i1 = """\ expected_i1 = """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=eth0 DEVICE=eth0
@@ -4727,6 +4768,7 @@ USERCTL=no @@ -4945,6 +4988,7 @@ USERCTL=no
expected_i2 = """\ expected_i2 = """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth1 DEVICE=eth1
DHCLIENT_SET_DEFAULT_ROUTE=no DHCLIENT_SET_DEFAULT_ROUTE=no
@@ -4755,6 +4797,7 @@ USERCTL=no @@ -4972,6 +5016,7 @@ USERCTL=no
expected = """\ expected = """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+AUTOCONNECT_PRIORITY=120 +AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eth0 DEVICE=eth0
ONBOOT=yes ONBOOT=yes
@@ -4968,6 +5011,7 @@ USERCTL=no @@ -5191,6 +5236,7 @@ USERCTL=no
"expected_sysconfig": { "expected_sysconfig": {
"ifcfg-ens3": textwrap.dedent( "ifcfg-ens3": textwrap.dedent(
"""\ """\
@ -451,15 +524,15 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEFROUTE=yes DEFROUTE=yes
DEVICE=ens3 DEVICE=ens3
@@ -5013,6 +5057,7 @@ USERCTL=no @@ -5235,6 +5281,7 @@ USERCTL=no
expected = { expected = {
"ifcfg-eno1": textwrap.dedent( "ifcfg-eno1": textwrap.dedent(
"""\ """\
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none
DEVICE=eno1 DEVICE=eno1
NM_CONTROLLED=no ONBOOT=yes
@@ -5023,6 +5068,7 @@ USERCTL=no @@ -5244,6 +5291,7 @@ USERCTL=no
), ),
"ifcfg-eno1.1000": textwrap.dedent( "ifcfg-eno1.1000": textwrap.dedent(
"""\ """\
@ -467,7 +540,7 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=none BOOTPROTO=none
DEVICE=eno1.1000 DEVICE=eno1.1000
IPADDR=192.6.1.9 IPADDR=192.6.1.9
@@ -5056,6 +5102,7 @@ USERCTL=no @@ -5276,6 +5324,7 @@ USERCTL=no
expected = { expected = {
"ifcfg-bond0": textwrap.dedent( "ifcfg-bond0": textwrap.dedent(
"""\ """\
@ -475,7 +548,7 @@ index 7abe61b9..1261840b 100644
BONDING_MASTER=yes BONDING_MASTER=yes
BONDING_SLAVE0=enp0s0 BONDING_SLAVE0=enp0s0
BONDING_SLAVE1=enp0s1 BONDING_SLAVE1=enp0s1
@@ -5072,6 +5119,7 @@ USERCTL=no @@ -5291,6 +5340,7 @@ USERCTL=no
), ),
"ifcfg-enp0s0": textwrap.dedent( "ifcfg-enp0s0": textwrap.dedent(
"""\ """\
@ -483,7 +556,7 @@ index 7abe61b9..1261840b 100644
BONDING_MASTER=yes BONDING_MASTER=yes
BOOTPROTO=none BOOTPROTO=none
DEVICE=enp0s0 DEVICE=enp0s0
@@ -5085,6 +5133,7 @@ USERCTL=no @@ -5303,6 +5353,7 @@ USERCTL=no
), ),
"ifcfg-enp0s1": textwrap.dedent( "ifcfg-enp0s1": textwrap.dedent(
"""\ """\
@ -491,7 +564,7 @@ index 7abe61b9..1261840b 100644
BONDING_MASTER=yes BONDING_MASTER=yes
BOOTPROTO=none BOOTPROTO=none
DEVICE=enp0s1 DEVICE=enp0s1
@@ -5116,6 +5165,7 @@ USERCTL=no @@ -5333,6 +5384,7 @@ USERCTL=no
expected = { expected = {
"ifcfg-eno1": textwrap.dedent( "ifcfg-eno1": textwrap.dedent(
"""\ """\
@ -499,9 +572,9 @@ index 7abe61b9..1261840b 100644
BOOTPROTO=dhcp BOOTPROTO=dhcp
DEVICE=eno1 DEVICE=eno1
HWADDR=07-1c-c6-75-a4-be HWADDR=07-1c-c6-75-a4-be
@@ -5195,6 +5245,7 @@ USERCTL=no @@ -5411,6 +5463,7 @@ USERCTL=no
"""\ """\
# Created by cloud-init on instance boot automatically, do not edit. # Created by cloud-init automatically, do not edit.
# #
+ AUTOCONNECT_PRIORITY=120 + AUTOCONNECT_PRIORITY=120
BOOTPROTO=none BOOTPROTO=none

View File

@ -1,42 +0,0 @@
From c589da20eb92231ef08e10c9724e3e6c663e6ce2 Mon Sep 17 00:00:00 2001
From: Eduardo Otubo <otubo@redhat.com>
Date: Thu, 17 Feb 2022 15:32:35 +0100
Subject: [PATCH] Setting highest autoconnect priority for network-scripts
RH-Author: Eduardo Otubo <otubo@redhat.com>
RH-MergeRequest: 22: Setting highest autoconnect priority for network-scripts
RH-Commit: [1/1] 34f1d62f8934a983a124df95b861a1e448681d3b (otubo/cloud-init-src)
RH-Bugzilla: 2036060
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Set the highest autoconnect priority for network-scripts which is
loaded by NetworkManager ifcfg-rh plugin. Note that keyfile is the only
and default existing plugin on RHEL9, by setting the highest autoconnect
priority for network-scripts, NetworkManager will activate
network-scripts but keyfile. Network-scripts path:
Since this is a blocking issue, we decided to have this one-liner
downstream-only patch so we can move forward and have a better
NetworkManager support later on the release.
rhbz: 2036060
x-downstream-only: yes
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
---
cloudinit/net/sysconfig.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index a7dbe55b..4262cd48 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -317,6 +317,7 @@ class Renderer(renderer.Renderer):
"ONBOOT": True,
"USERCTL": False,
"BOOTPROTO": "none",
+ "AUTOCONNECT_PRIORITY": 999
},
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
}

View File

@ -1,69 +0,0 @@
From dfff374f66904e84fb07ca157ba010fac6b5f1de Mon Sep 17 00:00:00 2001
From: Eduardo Otubo <otubo@redhat.com>
Date: Fri, 7 May 2021 13:36:08 +0200
Subject: [PATCH] limit permissions on def_log_file
This sets a default mode of 0600 on def_log_file, and makes this
configurable via the def_log_file_mode option in cloud.cfg.
LP: #1541196
Resolves: rhbz#1424612
X-approved-upstream: true
Conflicts 21.1:
cloudinit/stages.py: adjusting call of ensure_file() to use more
recent version
Confilicts 23.1.1:
use "" instead of ''
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
---
cloudinit/settings.py | 1 +
cloudinit/stages.py | 1 +
doc/examples/cloud-config.txt | 4 ++++
3 files changed, 6 insertions(+)
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index edbb217d..3d541141 100644
--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
@@ -52,6 +52,7 @@ CFG_BUILTIN = {
"None",
],
"def_log_file": "/var/log/cloud-init.log",
+ "def_log_file_mode": 0o600,
"log_cfgs": [],
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
"syslog_fix_perms": [],
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index 9494a0bf..a624a6fb 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -202,6 +202,7 @@ class Init:
def _initialize_filesystem(self):
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
+ log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode")
if log_file:
util.ensure_file(log_file, mode=0o640, preserve_mode=True)
perms = self.cfg.get("syslog_fix_perms")
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index 15d788f3..b6d16c9c 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -383,10 +383,14 @@ timezone: US/Eastern
# if syslog_fix_perms is a list, it will iterate through and use the
# first pair that does not raise error.
#
+# 'def_log_file' will be created with mode 'def_log_file_mode', which
+# is specified as a numeric value and defaults to 0600.
+#
# the default values are '/var/log/cloud-init.log' and 'syslog:adm'
# the value of 'def_log_file' should match what is configured in logging
# if either is empty, then no change of ownership will be done
def_log_file: /var/log/my-logging-file.log
+def_log_file_mode: 0600
syslog_fix_perms: syslog:root
# you can set passwords for a user or multiple users

View File

@ -1,92 +0,0 @@
From ecae81f98ce230266eb99671b74534a4ede660f0 Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Fri, 10 Mar 2023 11:51:48 +0100
Subject: [PATCH] Manual revert "Use Network-Manager and Netplan as default
renderers for RHEL and Fedora (#1465)"
This reverts changes done in commit 7703aa98b.
Done by hand because the doc file affected by that commit has changed.
X-downstream-only: true
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
---
cloudinit/net/renderers.py | 1 -
config/cloud.cfg.tmpl | 3 ---
doc/rtd/reference/network-config.rst | 16 ++--------------
3 files changed, 2 insertions(+), 18 deletions(-)
diff --git a/cloudinit/net/renderers.py b/cloudinit/net/renderers.py
index fcf7feba..b241683f 100644
--- a/cloudinit/net/renderers.py
+++ b/cloudinit/net/renderers.py
@@ -30,7 +30,6 @@ DEFAULT_PRIORITY = [
"eni",
"sysconfig",
"netplan",
- "network-manager",
"freebsd",
"netbsd",
"openbsd",
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index 7238c102..12f32c51 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -381,9 +381,6 @@ system_info:
{% elif variant in ["dragonfly"] %}
network:
renderers: ['freebsd']
-{% elif variant in ["fedora"] or is_rhel %}
- network:
- renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']
diff --git a/doc/rtd/reference/network-config.rst b/doc/rtd/reference/network-config.rst
index ea331f1c..bc52afa5 100644
--- a/doc/rtd/reference/network-config.rst
+++ b/doc/rtd/reference/network-config.rst
@@ -176,16 +176,6 @@ this state, ``cloud-init`` delegates rendering of the configuration to
distro-supported formats. The following ``renderers`` are supported in
``cloud-init``:
-NetworkManager
---------------
-
-`NetworkManager`_ is the standard Linux network configuration tool suite. It
-supports a wide range of networking setups. Configuration is typically stored
-in :file:`/etc/NetworkManager`.
-
-It is the default for a number of Linux distributions; notably Fedora,
-CentOS/RHEL, and their derivatives.
-
ENI
---
@@ -223,7 +213,6 @@ preference) is as follows:
- ENI
- Sysconfig
- Netplan
-- NetworkManager
- FreeBSD
- NetBSD
- OpenBSD
@@ -234,7 +223,6 @@ preference) is as follows:
- **ENI**: using ``ifup``, ``ifdown`` to manage device setup/teardown
- **Netplan**: using ``netplan apply`` to manage device setup/teardown
-- **NetworkManager**: using ``nmcli`` to manage device setup/teardown
- **Networkd**: using ``ip`` to manage device setup/teardown
When applying the policy, ``cloud-init`` checks if the current instance has the
@@ -244,8 +232,8 @@ supplying an updated configuration in cloud-config. ::
system_info:
network:
- renderers: ['netplan', 'network-manager', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
- activators: ['eni', 'netplan', 'network-manager', 'networkd']
+ renderers: ['netplan', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
+ activators: ['eni', 'netplan', 'networkd']
Network configuration tools
===========================

File diff suppressed because it is too large Load Diff

View File

@ -1,54 +0,0 @@
From ac0cf308318d423162ce3b7be32dcbf88f20ff50 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 4 Apr 2023 19:59:07 +0530
Subject: [PATCH] rhel: make sure previous-hostname file ends with a new line
(#2108)
cloud-init strips new line from "/etc/hostname" on rhel distro when processing
"/var/lib/cloud/data/previous-hostname". Although this does not pose a serious
issue, it is still better if the behavior is similar to other distros like
Ubuntu where /previous-hostname does end with a new line. Fix this issue by
using hostname parser in rhel similar to debian.
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit 6d42aa8e2c1a5454a658ab4e2b9cead2677c77cd)
---
cloudinit/distros/rhel.py | 5 ++++-
tools/.github-cla-signers | 1 +
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/cloudinit/distros/rhel.py b/cloudinit/distros/rhel.py
index df7dc3d6..9625709e 100644
--- a/cloudinit/distros/rhel.py
+++ b/cloudinit/distros/rhel.py
@@ -13,6 +13,7 @@ from cloudinit import distros, helpers
from cloudinit import log as logging
from cloudinit import subp, util
from cloudinit.distros import rhel_util
+from cloudinit.distros.parsers.hostname import HostnameConf
from cloudinit.settings import PER_INSTANCE
LOG = logging.getLogger(__name__)
@@ -111,7 +112,9 @@ class Distro(distros.Distro):
# systemd will never update previous-hostname for us, so
# we need to do it ourselves
if self.uses_systemd() and filename.endswith("/previous-hostname"):
- util.write_file(filename, hostname)
+ conf = HostnameConf("")
+ conf.set_hostname(hostname)
+ util.write_file(filename, str(conf), 0o644)
elif self.uses_systemd():
subp.subp(["hostnamectl", "set-hostname", str(hostname)])
else:
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
index d8cca015..457dacf4 100644
--- a/tools/.github-cla-signers
+++ b/tools/.github-cla-signers
@@ -9,6 +9,7 @@ andgein
andrew-lee-metaswitch
andrewbogott
andrewlukoshko
+ani-sinha
antonyc
aswinrajamannar
beantaxi

View File

@ -1,121 +0,0 @@
From 34ef256dc614c7dcf5b04a431d410030e333d82b Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Mon, 17 Apr 2023 10:20:16 +0200
Subject: [PATCH] Don't change permissions of netrules target (#2076)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2182948
commit 56c88cafd1b3606e814069a79f4ec265fc427c87
Author: James Falcon <james.falcon@canonical.com>
Date: Thu Mar 23 10:21:56 2023 -0500
Don't change permissions of netrules target (#2076)
Set permissions if file doesn't exist. Leave them if it does.
LP: #2011783
Co-authored-by: Chad Smith <chad.smith@canonical.com>
Conflicts:
cloudinit/net/sysconfig.py: enable_ifcfg_rh missing upstream
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
---
cloudinit/net/eni.py | 4 +++-
cloudinit/net/sysconfig.py | 7 ++++++-
tests/unittests/distros/test_netconfig.py | 20 ++++++++++++++++++--
3 files changed, 27 insertions(+), 4 deletions(-)
diff --git a/cloudinit/net/eni.py b/cloudinit/net/eni.py
index 53bd35ca..1de3bec2 100644
--- a/cloudinit/net/eni.py
+++ b/cloudinit/net/eni.py
@@ -576,7 +576,9 @@ class Renderer(renderer.Renderer):
netrules = subp.target_path(target, self.netrules_path)
util.ensure_dir(os.path.dirname(netrules))
util.write_file(
- netrules, self._render_persistent_net(network_state)
+ netrules,
+ content=self._render_persistent_net(network_state),
+ preserve_mode=True,
)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index 765c248a..e08c0c69 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -1034,7 +1034,12 @@ class Renderer(renderer.Renderer):
if self.netrules_path:
netrules_content = self._render_persistent_net(network_state)
netrules_path = subp.target_path(target, self.netrules_path)
- util.write_file(netrules_path, netrules_content, file_mode)
+ util.write_file(
+ netrules_path,
+ content=netrules_content,
+ mode=file_mode,
+ preserve_mode=True,
+ )
if available_nm(target=target):
enable_ifcfg_rh(subp.target_path(target, path=NM_CFG_FILE))
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index e9fb0591..b1c89ce3 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -458,8 +458,16 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
def eni_path(self):
return "/etc/network/interfaces.d/50-cloud-init.cfg"
+ def rules_path(self):
+ return "/etc/udev/rules.d/70-persistent-net.rules"
+
def _apply_and_verify_eni(
- self, apply_fn, config, expected_cfgs=None, bringup=False
+ self,
+ apply_fn,
+ config,
+ expected_cfgs=None,
+ bringup=False,
+ previous_files=(),
):
if not expected_cfgs:
raise ValueError("expected_cfg must not be None")
@@ -467,7 +475,11 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
tmpd = None
with mock.patch("cloudinit.net.eni.available") as m_avail:
m_avail.return_value = True
+ path_modes = {}
with self.reRooted(tmpd) as tmpd:
+ for previous_path, content, mode in previous_files:
+ util.write_file(previous_path, content, mode=mode)
+ path_modes[previous_path] = mode
apply_fn(config, bringup)
results = dir2dict(tmpd)
@@ -478,7 +490,9 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
print(results[cfgpath])
print("----------")
self.assertEqual(expected, results[cfgpath])
- self.assertEqual(0o644, get_mode(cfgpath, tmpd))
+ self.assertEqual(
+ path_modes.get(cfgpath, 0o644), get_mode(cfgpath, tmpd)
+ )
def test_apply_network_config_and_bringup_filters_priority_eni_ub(self):
"""Network activator search priority can be overridden from config."""
@@ -527,11 +541,13 @@ class TestNetCfgDistroUbuntuEni(TestNetCfgDistroBase):
def test_apply_network_config_eni_ub(self):
expected_cfgs = {
self.eni_path(): V1_NET_CFG_OUTPUT,
+ self.rules_path(): "",
}
self._apply_and_verify_eni(
self.distro.apply_network_config,
V1_NET_CFG,
expected_cfgs=expected_cfgs.copy(),
+ previous_files=((self.rules_path(), "something", 0o660),),
)
def test_apply_network_config_ipv6_ub(self):

View File

@ -1,295 +0,0 @@
From d092efe0f437ad149f6d6e3a9f8b816c0f5c1c2a Mon Sep 17 00:00:00 2001
From: James Falcon <james.falcon@canonical.com>
Date: Wed, 26 Apr 2023 15:11:55 -0500
Subject: [PATCH] Make user/vendor data sensitive and remove log permissions
(#2144)
Because user data and vendor data may contain sensitive information,
this commit ensures that any user data or vendor data written to
instance-data.json gets redacted and is only available to root user.
Also, modify the permissions of cloud-init.log to be 640, so that
sensitive data leaked to the log isn't world readable.
Additionally, remove the logging of user data and vendor data to
cloud-init.log from the Vultr datasource.
LP: #2013967
CVE: CVE-2023-1786
(cherry picked from commit a378b7e4f47375458651c0972e7cd813f6fe0a6b)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/sources/DataSourceLXD.py | 9 ++++++---
cloudinit/sources/DataSourceVultr.py | 14 ++++++--------
cloudinit/sources/__init__.py | 28 +++++++++++++++++++++++++---
cloudinit/stages.py | 4 +++-
tests/unittests/sources/test_init.py | 27 ++++++++++++++++++++++++++-
tests/unittests/test_stages.py | 18 +++++++++++-------
6 files changed, 77 insertions(+), 23 deletions(-)
diff --git a/cloudinit/sources/DataSourceLXD.py b/cloudinit/sources/DataSourceLXD.py
index ab440cc8..e4cae91a 100644
--- a/cloudinit/sources/DataSourceLXD.py
+++ b/cloudinit/sources/DataSourceLXD.py
@@ -14,7 +14,7 @@ import stat
import time
from enum import Flag, auto
from json.decoder import JSONDecodeError
-from typing import Any, Dict, List, Optional, Union, cast
+from typing import Any, Dict, List, Optional, Tuple, Union, cast
import requests
from requests.adapters import HTTPAdapter
@@ -168,11 +168,14 @@ class DataSourceLXD(sources.DataSource):
_network_config: Union[Dict, str] = sources.UNSET
_crawled_metadata: Union[Dict, str] = sources.UNSET
- sensitive_metadata_keys = (
- "merged_cfg",
+ sensitive_metadata_keys: Tuple[
+ str, ...
+ ] = sources.DataSource.sensitive_metadata_keys + (
"user.meta-data",
"user.vendor-data",
"user.user-data",
+ "cloud-init.user-data",
+ "cloud-init.vendor-data",
)
skip_hotplug_detect = True
diff --git a/cloudinit/sources/DataSourceVultr.py b/cloudinit/sources/DataSourceVultr.py
index 9d7c84fb..660e9f14 100644
--- a/cloudinit/sources/DataSourceVultr.py
+++ b/cloudinit/sources/DataSourceVultr.py
@@ -5,6 +5,8 @@
# Vultr Metadata API:
# https://www.vultr.com/metadata/
+from typing import Tuple
+
import cloudinit.sources.helpers.vultr as vultr
from cloudinit import log as log
from cloudinit import sources, util, version
@@ -28,6 +30,10 @@ class DataSourceVultr(sources.DataSource):
dsname = "Vultr"
+ sensitive_metadata_keys: Tuple[
+ str, ...
+ ] = sources.DataSource.sensitive_metadata_keys + ("startup-script",)
+
def __init__(self, sys_cfg, distro, paths):
super(DataSourceVultr, self).__init__(sys_cfg, distro, paths)
self.ds_cfg = util.mergemanydict(
@@ -54,13 +60,8 @@ class DataSourceVultr(sources.DataSource):
self.get_datasource_data(self.metadata)
# Dump some data so diagnosing failures is manageable
- LOG.debug("Vultr Vendor Config:")
- LOG.debug(util.json_dumps(self.metadata["vendor-data"]))
LOG.debug("SUBID: %s", self.metadata["instance-id"])
LOG.debug("Hostname: %s", self.metadata["local-hostname"])
- if self.userdata_raw is not None:
- LOG.debug("User-Data:")
- LOG.debug(self.userdata_raw)
return True
@@ -146,7 +147,4 @@ if __name__ == "__main__":
config = md["vendor-data"]
sysinfo = vultr.get_sysinfo()
- print(util.json_dumps(sysinfo))
- print(util.json_dumps(config))
-
# vi: ts=4 expandtab
diff --git a/cloudinit/sources/__init__.py b/cloudinit/sources/__init__.py
index 565e1754..5c6ae8b1 100644
--- a/cloudinit/sources/__init__.py
+++ b/cloudinit/sources/__init__.py
@@ -110,7 +110,10 @@ def process_instance_metadata(metadata, key_path="", sensitive_keys=()):
sub_key_path = key_path + "/" + key
else:
sub_key_path = key
- if key in sensitive_keys or sub_key_path in sensitive_keys:
+ if (
+ key.lower() in sensitive_keys
+ or sub_key_path.lower() in sensitive_keys
+ ):
sens_keys.append(sub_key_path)
if isinstance(val, str) and val.startswith("ci-b64:"):
base64_encoded_keys.append(sub_key_path)
@@ -132,6 +135,12 @@ def redact_sensitive_keys(metadata, redact_value=REDACT_SENSITIVE_VALUE):
Replace any keys values listed in 'sensitive_keys' with redact_value.
"""
+ # While 'sensitive_keys' should already sanitized to only include what
+ # is in metadata, it is possible keys will overlap. For example, if
+ # "merged_cfg" and "merged_cfg/ds/userdata" both match, it's possible that
+ # "merged_cfg" will get replaced first, meaning "merged_cfg/ds/userdata"
+ # no longer represents a valid key.
+ # Thus, we still need to do membership checks in this function.
if not metadata.get("sensitive_keys", []):
return metadata
md_copy = copy.deepcopy(metadata)
@@ -139,9 +148,14 @@ def redact_sensitive_keys(metadata, redact_value=REDACT_SENSITIVE_VALUE):
path_parts = key_path.split("/")
obj = md_copy
for path in path_parts:
- if isinstance(obj[path], dict) and path != path_parts[-1]:
+ if (
+ path in obj
+ and isinstance(obj[path], dict)
+ and path != path_parts[-1]
+ ):
obj = obj[path]
- obj[path] = redact_value
+ if path in obj:
+ obj[path] = redact_value
return md_copy
@@ -249,6 +263,14 @@ class DataSource(CloudInitPickleMixin, metaclass=abc.ABCMeta):
sensitive_metadata_keys: Tuple[str, ...] = (
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ # Provide ds/vendor_data to avoid redacting top-level
+ # "vendor_data": {enabled: True}
+ "ds/vendor_data",
)
# True on datasources that may not see hotplugged devices reflected
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index a624a6fb..1326d205 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -204,7 +204,9 @@ class Init:
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode")
if log_file:
- util.ensure_file(log_file, mode=0o640, preserve_mode=True)
+ # At this point the log file should have already been created
+ # in the setupLogging function of log.py
+ util.ensure_file(log_file, mode=0o640, preserve_mode=False)
perms = self.cfg.get("syslog_fix_perms")
if not perms:
perms = {}
diff --git a/tests/unittests/sources/test_init.py b/tests/unittests/sources/test_init.py
index 0447e02c..eb27198f 100644
--- a/tests/unittests/sources/test_init.py
+++ b/tests/unittests/sources/test_init.py
@@ -458,12 +458,24 @@ class TestDataSource(CiTestCase):
"cred2": "othersekret",
}
},
+ "someother": {
+ "nested": {
+ "userData": "HIDE ME",
+ }
+ },
+ "VENDOR-DAta": "HIDE ME TOO",
},
)
self.assertCountEqual(
(
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ "ds/vendor_data",
),
datasource.sensitive_metadata_keys,
)
@@ -490,7 +502,9 @@ class TestDataSource(CiTestCase):
"base64_encoded_keys": [],
"merged_cfg": REDACT_SENSITIVE_VALUE,
"sensitive_keys": [
+ "ds/meta_data/VENDOR-DAta",
"ds/meta_data/some/security-credentials",
+ "ds/meta_data/someother/nested/userData",
"merged_cfg",
],
"sys_info": sys_info,
@@ -500,6 +514,7 @@ class TestDataSource(CiTestCase):
"availability_zone": "myaz",
"cloud-name": "subclasscloudname",
"cloud_name": "subclasscloudname",
+ "cloud_id": "subclasscloudname",
"distro": "ubuntu",
"distro_release": "focal",
"distro_version": "20.04",
@@ -522,14 +537,18 @@ class TestDataSource(CiTestCase):
"ds": {
"_doc": EXPERIMENTAL_TEXT,
"meta_data": {
+ "VENDOR-DAta": REDACT_SENSITIVE_VALUE,
"availability_zone": "myaz",
"local-hostname": "test-subclass-hostname",
"region": "myregion",
"some": {"security-credentials": REDACT_SENSITIVE_VALUE},
+ "someother": {
+ "nested": {"userData": REDACT_SENSITIVE_VALUE}
+ },
},
},
}
- self.assertCountEqual(expected, redacted)
+ self.assertEqual(expected, redacted)
file_stat = os.stat(json_file)
self.assertEqual(0o644, stat.S_IMODE(file_stat.st_mode))
@@ -574,6 +593,12 @@ class TestDataSource(CiTestCase):
(
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ "ds/vendor_data",
),
datasource.sensitive_metadata_keys,
)
diff --git a/tests/unittests/test_stages.py b/tests/unittests/test_stages.py
index 15a7e973..a61f9df9 100644
--- a/tests/unittests/test_stages.py
+++ b/tests/unittests/test_stages.py
@@ -606,19 +606,23 @@ class TestInit_InitializeFilesystem:
# Assert we create it 0o640 by default if it doesn't already exist
assert 0o640 == stat.S_IMODE(log_file.stat().mode)
- def test_existing_file_permissions_are_not_modified(self, init, tmpdir):
- """If the log file already exists, we should not modify its permissions
+ def test_existing_file_permissions(self, init, tmpdir):
+ """Test file permissions are set as expected.
+
+ CIS Hardening requires 640 permissions. These permissions are
+ currently hardcoded on every boot, but if there's ever a reason
+ to change this, we need to then ensure that they
+ are *not* set every boot.
See https://bugs.launchpad.net/cloud-init/+bug/1900837.
"""
- # Use a mode that will never be made the default so this test will
- # always be valid
- mode = 0o606
log_file = tmpdir.join("cloud-init.log")
log_file.ensure()
- log_file.chmod(mode)
+ # Use a mode that will never be made the default so this test will
+ # always be valid
+ log_file.chmod(0o606)
init._cfg = {"def_log_file": str(log_file)}
init._initialize_filesystem()
- assert mode == stat.S_IMODE(log_file.stat().mode)
+ assert 0o640 == stat.S_IMODE(log_file.stat().mode)

View File

@ -1,206 +0,0 @@
From 6bf6ceab79df97eb1c90b4df61f654bc0b2f598c Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 2 May 2023 20:35:45 +0530
Subject: [PATCH] Do not generate dsa and ed25519 key types when crypto FIPS
mode is enabled (#2142)
DSA and ED25519 key types are not supported when FIPS is enabled in crypto.
Check if FIPS has been enabled on the system and if so, do not generate those
key types. Presently the check is only available on Linux systems.
LP: 2017761
RHBZ: 2187164
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit c53f04aeb2acf9526a2ebf3d3320f149ac46caa6)
---
cloudinit/config/cc_ssh.py | 21 +++++++++++++++-
cloudinit/util.py | 12 +++++++++
tests/unittests/config/test_cc_ssh.py | 36 +++++++++++++++++++++------
tests/unittests/test_util.py | 25 +++++++++++++++++++
4 files changed, 85 insertions(+), 9 deletions(-)
diff --git a/cloudinit/config/cc_ssh.py b/cloudinit/config/cc_ssh.py
index 1ec889f3..5578654a 100644
--- a/cloudinit/config/cc_ssh.py
+++ b/cloudinit/config/cc_ssh.py
@@ -172,6 +172,8 @@ meta: MetaSchema = {
__doc__ = get_meta_doc(meta)
GENERATE_KEY_NAMES = ["rsa", "dsa", "ecdsa", "ed25519"]
+FIPS_UNSUPPORTED_KEY_NAMES = ["dsa", "ed25519"]
+
pattern_unsupported_config_keys = re.compile(
"^(ecdsa-sk|ed25519-sk)_(private|public|certificate)$"
)
@@ -259,9 +261,26 @@ def handle(
genkeys = util.get_cfg_option_list(
cfg, "ssh_genkeytypes", GENERATE_KEY_NAMES
)
+ # remove keys that are not supported in fips mode if its enabled
+ key_names = (
+ genkeys
+ if not util.fips_enabled()
+ else [
+ names
+ for names in genkeys
+ if names not in FIPS_UNSUPPORTED_KEY_NAMES
+ ]
+ )
+ skipped_keys = set(genkeys).difference(key_names)
+ if skipped_keys:
+ log.debug(
+ "skipping keys that are not supported in fips mode: %s",
+ ",".join(skipped_keys),
+ )
+
lang_c = os.environ.copy()
lang_c["LANG"] = "C"
- for keytype in genkeys:
+ for keytype in key_names:
keyfile = KEY_FILE_TPL % (keytype)
if os.path.exists(keyfile):
continue
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 8ba3e2b6..4a8e3d3b 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1577,6 +1577,18 @@ def get_cmdline():
return _get_cmdline()
+def fips_enabled() -> bool:
+ fips_proc = "/proc/sys/crypto/fips_enabled"
+ try:
+ contents = load_file(fips_proc).strip()
+ return contents == "1"
+ except (IOError, OSError):
+ # for BSD systems and Linux systems where the proc entry is not
+ # available, we assume FIPS is disabled to retain the old behavior
+ # for now.
+ return False
+
+
def pipe_in_out(in_fh, out_fh, chunk_size=1024, chunk_cb=None):
bytes_piped = 0
while True:
diff --git a/tests/unittests/config/test_cc_ssh.py b/tests/unittests/config/test_cc_ssh.py
index 66368d0f..72941a95 100644
--- a/tests/unittests/config/test_cc_ssh.py
+++ b/tests/unittests/config/test_cc_ssh.py
@@ -101,11 +101,16 @@ class TestHandleSsh:
expected_calls = [mock.call(set(keys), user)] + expected_calls
assert expected_calls == m_setup_keys.call_args_list
+ @pytest.mark.parametrize("fips_enabled", (True, False))
@mock.patch(MODPATH + "glob.glob")
@mock.patch(MODPATH + "ug_util.normalize_users_groups")
@mock.patch(MODPATH + "os.path.exists")
- def test_handle_no_cfg(self, m_path_exists, m_nug, m_glob, m_setup_keys):
+ @mock.patch(MODPATH + "util.fips_enabled")
+ def test_handle_no_cfg(
+ self, m_fips, m_path_exists, m_nug, m_glob, m_setup_keys, fips_enabled
+ ):
"""Test handle with no config ignores generating existing keyfiles."""
+ m_fips.return_value = fips_enabled
cfg = {}
keys = ["key1"]
m_glob.return_value = [] # Return no matching keys to prevent removal
@@ -118,12 +123,22 @@ class TestHandleSsh:
options = ssh_util.DISABLE_USER_OPTS.replace("$USER", "NONE")
options = options.replace("$DISABLE_USER", "root")
m_glob.assert_called_once_with("/etc/ssh/ssh_host_*key*")
- assert [
- mock.call("/etc/ssh/ssh_host_rsa_key"),
- mock.call("/etc/ssh/ssh_host_dsa_key"),
- mock.call("/etc/ssh/ssh_host_ecdsa_key"),
- mock.call("/etc/ssh/ssh_host_ed25519_key"),
- ] in m_path_exists.call_args_list
+ m_fips.assert_called_once()
+
+ if not m_fips():
+ expected_calls = [
+ mock.call("/etc/ssh/ssh_host_rsa_key"),
+ mock.call("/etc/ssh/ssh_host_dsa_key"),
+ mock.call("/etc/ssh/ssh_host_ecdsa_key"),
+ mock.call("/etc/ssh/ssh_host_ed25519_key"),
+ ]
+ else:
+ # Enabled fips doesn't generate dsa or ed25519
+ expected_calls = [
+ mock.call("/etc/ssh/ssh_host_rsa_key"),
+ mock.call("/etc/ssh/ssh_host_ecdsa_key"),
+ ]
+ assert expected_calls in m_path_exists.call_args_list
assert [
mock.call(set(keys), "root", options=options)
] == m_setup_keys.call_args_list
@@ -131,8 +146,9 @@ class TestHandleSsh:
@mock.patch(MODPATH + "glob.glob")
@mock.patch(MODPATH + "ug_util.normalize_users_groups")
@mock.patch(MODPATH + "os.path.exists")
+ @mock.patch(MODPATH + "util.fips_enabled", return_value=False)
def test_dont_allow_public_ssh_keys(
- self, m_path_exists, m_nug, m_glob, m_setup_keys
+ self, m_fips, m_path_exists, m_nug, m_glob, m_setup_keys
):
"""Test allow_public_ssh_keys=False ignores ssh public keys from
platform.
@@ -176,8 +192,10 @@ class TestHandleSsh:
@mock.patch(MODPATH + "glob.glob")
@mock.patch(MODPATH + "ug_util.normalize_users_groups")
@mock.patch(MODPATH + "os.path.exists")
+ @mock.patch(MODPATH + "util.fips_enabled", return_value=False)
def test_handle_default_root(
self,
+ m_fips,
m_path_exists,
m_nug,
m_glob,
@@ -241,8 +259,10 @@ class TestHandleSsh:
@mock.patch(MODPATH + "glob.glob")
@mock.patch(MODPATH + "ug_util.normalize_users_groups")
@mock.patch(MODPATH + "os.path.exists")
+ @mock.patch(MODPATH + "util.fips_enabled", return_value=False)
def test_handle_publish_hostkeys(
self,
+ m_fips,
m_path_exists,
m_nug,
m_glob,
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
index 07142a86..17182d06 100644
--- a/tests/unittests/test_util.py
+++ b/tests/unittests/test_util.py
@@ -1945,6 +1945,31 @@ class TestGetCmdline(helpers.TestCase):
self.assertEqual("abcd 123", ret)
+class TestFipsEnabled:
+ @pytest.mark.parametrize(
+ "fips_enabled_content,expected",
+ (
+ pytest.param(None, False, id="false_when_no_fips_enabled_file"),
+ pytest.param("0\n", False, id="false_when_fips_disabled"),
+ pytest.param("1\n", True, id="true_when_fips_enabled"),
+ pytest.param("1", True, id="true_when_fips_enabled_no_newline"),
+ ),
+ )
+ @mock.patch(M_PATH + "load_file")
+ def test_fips_enabled_based_on_proc_crypto(
+ self, load_file, fips_enabled_content, expected, tmpdir
+ ):
+ def fake_load_file(path):
+ assert path == "/proc/sys/crypto/fips_enabled"
+ if fips_enabled_content is None:
+ raise IOError("No file exists Bob")
+ return fips_enabled_content
+
+ load_file.side_effect = fake_load_file
+
+ assert expected is util.fips_enabled()
+
+
class TestLoadYaml(helpers.CiTestCase):
mydefault = "7b03a8ebace993d806255121073fed52"
with_logs = True

View File

@ -1,93 +0,0 @@
From 0b0632f6c084a8ce95b53cb5125dc0f4107e6968 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 4 May 2023 15:34:43 +0530
Subject: [PATCH] Revert "Manual revert "Use Network-Manager and Netplan as
default renderers for RHEL and Fedora (#1465)""
This reverts commit ecae81f98ce230266eb99671b74534a4ede660f0.
This is patch 1 of the two patches that re-enables NM renderer. This change
can be ignored while rebasing to latest upstream.
X-downstream-only: true
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/renderers.py | 1 +
config/cloud.cfg.tmpl | 3 +++
doc/rtd/reference/network-config.rst | 16 ++++++++++++++--
3 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/cloudinit/net/renderers.py b/cloudinit/net/renderers.py
index c92b9dcf..022ff938 100644
--- a/cloudinit/net/renderers.py
+++ b/cloudinit/net/renderers.py
@@ -28,6 +28,7 @@ DEFAULT_PRIORITY = [
"eni",
"sysconfig",
"netplan",
+ "network-manager",
"freebsd",
"netbsd",
"openbsd",
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index 12f32c51..7238c102 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -381,6 +381,9 @@ system_info:
{% elif variant in ["dragonfly"] %}
network:
renderers: ['freebsd']
+{% elif variant in ["fedora"] or is_rhel %}
+ network:
+ renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']
diff --git a/doc/rtd/reference/network-config.rst b/doc/rtd/reference/network-config.rst
index bc52afa5..ea331f1c 100644
--- a/doc/rtd/reference/network-config.rst
+++ b/doc/rtd/reference/network-config.rst
@@ -176,6 +176,16 @@ this state, ``cloud-init`` delegates rendering of the configuration to
distro-supported formats. The following ``renderers`` are supported in
``cloud-init``:
+NetworkManager
+--------------
+
+`NetworkManager`_ is the standard Linux network configuration tool suite. It
+supports a wide range of networking setups. Configuration is typically stored
+in :file:`/etc/NetworkManager`.
+
+It is the default for a number of Linux distributions; notably Fedora,
+CentOS/RHEL, and their derivatives.
+
ENI
---
@@ -213,6 +223,7 @@ preference) is as follows:
- ENI
- Sysconfig
- Netplan
+- NetworkManager
- FreeBSD
- NetBSD
- OpenBSD
@@ -223,6 +234,7 @@ preference) is as follows:
- **ENI**: using ``ifup``, ``ifdown`` to manage device setup/teardown
- **Netplan**: using ``netplan apply`` to manage device setup/teardown
+- **NetworkManager**: using ``nmcli`` to manage device setup/teardown
- **Networkd**: using ``ip`` to manage device setup/teardown
When applying the policy, ``cloud-init`` checks if the current instance has the
@@ -232,8 +244,8 @@ supplying an updated configuration in cloud-config. ::
system_info:
network:
- renderers: ['netplan', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
- activators: ['eni', 'netplan', 'networkd']
+ renderers: ['netplan', 'network-manager', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
+ activators: ['eni', 'netplan', 'network-manager', 'networkd']
Network configuration tools
===========================

File diff suppressed because it is too large Load Diff

View File

@ -1,33 +0,0 @@
From 0a2c6b6118ffaf29694b3a51aff3a33298419c50 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Mon, 15 May 2023 19:15:12 +0530
Subject: [PATCH] net/sysconfig: do not use the highest autoconnect priority
Using the highest priority is a very big hammer that we may not want to use. We
may want users to override the cloud init generated ifcfg files for custom
configuration of interfaces. If cloud init uses the highest priority, nothing
can beat it. Hence lower the priority to 120 allowing values from 121 to 999
to be used by users if they want to use a custom interface nm keyfile.
X-downstream-only: true
Suggested-by: thaller@redhat.com
fixes: c589da20eb92231 ("Setting highest autoconnect priority for network-scripts")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/sysconfig.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index b8786fb7..1fe82412 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -317,7 +317,7 @@ class Renderer(renderer.Renderer):
"ONBOOT": True,
"USERCTL": False,
"BOOTPROTO": "none",
- "AUTOCONNECT_PRIORITY": 999
+ "AUTOCONNECT_PRIORITY": 120,
},
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
}

View File

@ -1,43 +0,0 @@
From 603ad38bca7735eeb72217b4f169a4b4c42ac092 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 16 May 2023 16:08:21 +0530
Subject: [PATCH] net/sysconfig: cosmetic - fix tox formatting
recommended cloud-init code formatting was not enforced with an older downstream
only change. This change fixes the formatting issue so that tox -e do_format
does not complain. Changes are cosmetic.
X-downstream-only: true
fixes: b3b96bff187e9d ("Do not write NM_CONTROLLED=no in generated interface config files")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/sysconfig.py | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index 1fe82412..fcce3e99 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -1025,15 +1025,15 @@ class Renderer(renderer.Renderer):
if sysconfig_path.endswith("network"):
util.ensure_dir(os.path.dirname(sysconfig_path))
netcfg = []
- for line in util.load_file(sysconfig_path, quiet=True).split('\n'):
- if 'cloud-init' in line:
+ for line in util.load_file(sysconfig_path, quiet=True).split("\n"):
+ if "cloud-init" in line:
break
- if not line.startswith(('NETWORKING=',
- 'IPV6_AUTOCONF=',
- 'NETWORKING_IPV6=')):
+ if not line.startswith(
+ ("NETWORKING=", "IPV6_AUTOCONF=", "NETWORKING_IPV6=")
+ ):
netcfg.append(line)
# Now generate the cloud-init portion of sysconfig/network
- netcfg.extend([_make_header(), 'NETWORKING=yes'])
+ netcfg.extend([_make_header(), "NETWORKING=yes"])
if network_state.use_ipv6:
netcfg.append("NETWORKING_IPV6=yes")
netcfg.append("IPV6_AUTOCONF=no")

View File

@ -1,49 +0,0 @@
From 58d7574bca2b00d05d090c180f1345a2408cc700 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Mon, 22 May 2023 21:30:01 +0530
Subject: [PATCH] nm: generate ipv6 stateful dhcp config at par with sysconfig
(#4115)
The sysconfig renderer sets the following in the ifcfg file for IPV6 stateful
DHCP configuration:
BOOTPROTO = "dhcp"
DHCPV6C = True
IPV6INIT = True
IPV6_AUTOCONF = False
This should result in
[ipv6]
method=dhcp
in the network manager generated keyfile as DHCPV6C is set and
IPV6_AUTOCONF is not set. Unfortunately the network manager renderer
deviates from this and generates:
[ipv6]
method=auto
in it's rendered keyfile. This change fixes this deviation and sets the
IPV6 dhcp stateful configuration in alignment with what is generated by the
sysconfig renderer.
RHBZ: 2207716
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit ea573ba6fc25fe49a6a1a322eeb5259b6238d78b)
---
cloudinit/net/network_manager.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index 53763d15..744c0cbb 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -72,7 +72,7 @@ class NMConnection:
"dhcp6": "auto",
"ipv6_slaac": "auto",
"ipv6_dhcpv6-stateless": "auto",
- "ipv6_dhcpv6-stateful": "auto",
+ "ipv6_dhcpv6-stateful": "dhcp",
"dhcp4": "auto",
"dhcp": "auto",
}

View File

@ -1,31 +0,0 @@
From 018aa09f049791755dd746b533abb2464b08a92d Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Mon, 22 May 2023 21:33:53 +0530
Subject: [PATCH] network_manager: add a method for ipv6 static IP
configuration (#4127)
The static IP configuration for IPv6 in the method_map is missing for
network manager renderer. This is causing cloud-init to generate a keyfile with
IPv6 method as "auto" instead of "manual". This fixes this issue.
fixes: #4126
RHBZ: 2196284
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit 5d440856cb6d2b4c908015fe4eb7227615c17c8b)
---
cloudinit/net/network_manager.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index 744c0cbb..2752f52f 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -69,6 +69,7 @@ class NMConnection:
method_map = {
"static": "manual",
+ "static6": "manual",
"dhcp6": "auto",
"ipv6_slaac": "auto",
"ipv6_dhcpv6-stateless": "auto",

View File

@ -1,62 +0,0 @@
From 19adc5a0939fc1804b180333af5486e69d6af0ac Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Mon, 22 May 2023 22:06:28 +0530
Subject: [PATCH] net/sysconfig: enable sysconfig renderer if network manager
has ifcfg-rh plugin (#4132)
Some distributions like RHEL does not have ifup and ifdown
scripts that traditionally handled ifcfg-eth* files. Instead RHEL
uses network manager with ifcfg-rh plugin to handle ifcfg
scripts. Therefore, the sysconfig should check for the
existence of ifcfg-rh plugin in addition to checking for the
existence of ifup and ifdown scripts in order to determine if it
can handle ifcfg files. If either the plugin or ifup/ifdown scripts
are present, sysconfig renderer can be enabled.
fixes: #4131
RHBZ: 2194050
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit 009dbf85a72a9077b2267d377b2ff46639fb3def)
---
cloudinit/net/sysconfig.py | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index fcce3e99..f2c7c92c 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -1,6 +1,7 @@
# This file is part of cloud-init. See LICENSE file for license information.
import copy
+import glob
import io
import os
import re
@@ -1059,7 +1060,25 @@ def _supported_vlan_names(rdev, vid):
def available(target=None):
if not util.system_info()["variant"] in KNOWN_DISTROS:
return False
+ if available_sysconfig(target):
+ return True
+ if available_nm_ifcfg_rh(target):
+ return True
+ return False
+
+
+def available_nm_ifcfg_rh(target=None):
+ # The ifcfg-rh plugin of NetworkManager is installed.
+ # NetworkManager can handle the ifcfg files.
+ return glob.glob(
+ subp.target_path(
+ target,
+ "usr/lib*/NetworkManager/*/libnm-settings-plugin-ifcfg-rh.so",
+ )
+ )
+
+def available_sysconfig(target=None):
expected = ["ifup", "ifdown"]
search = ["/sbin", "/usr/sbin"]
for p in expected:

View File

@ -1,401 +0,0 @@
From f0cf9e52fd084c23f0552456e3b780b5c9c3313a Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 23 May 2023 20:38:31 +0530
Subject: [PATCH] network-manager: Set higher autoconnect priority for nm
keyfiles (#3671)
cloud init generated keyfiles by network manager renderer for network
interfaces can sometimes conflict with existing keyfiles that are left as an
artifact of an upgrade process or are old user generated keyfiles. When two
such keyfiles are present, the existing keyfile can take precedence over the
cloud init generated keyfile making the later ineffective. Removing the old
keyfile blindly by cloud init would also not be correct since there would be
no way to enforce a different interface configuration if one needs it.
This change adds an autoconnect-priority value for cloud init generated keyfile
so that the cloud init configuration takes precedence over the existing old
keyfile configuration in the default case. The priority values range from 0
to 999. We set a value of 120 so that it would be high enough in the default
case and result in cloud init keyfile to take precedence but not too high so
that if the user generated keyfile needs to take precedence, the user can do
so by using a higher value than the one used by cloud init key file, between
the values 121 and 999.
RHBZ: 2196231
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit f663e94ac50bc518e694cbd167fdab216fcff029)
---
cloudinit/net/network_manager.py | 1 +
tests/unittests/cmd/devel/test_net_convert.py | 1 +
.../cloud-init-encc000.2653.nmconnection | 1 +
.../cloud-init-encc000.nmconnection | 1 +
.../cloud-init-zz-all-en.nmconnection | 1 +
.../cloud-init-zz-all-eth.nmconnection | 1 +
tests/unittests/test_net.py | 36 +++++++++++++++++++
7 files changed, 42 insertions(+)
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index 2752f52f..ca216928 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -43,6 +43,7 @@ class NMConnection:
self.config["connection"] = {
"id": f"cloud-init {con_id}",
"uuid": str(uuid.uuid5(CI_NM_UUID, con_id)),
+ "autoconnect-priority": "120",
}
# This is not actually used anywhere, but may be useful in future
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index 100aa8de..71654750 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -74,6 +74,7 @@ SAMPLE_NETWORK_MANAGER_CONTENT = """\
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+autoconnect-priority=120
type=ethernet
interface-name=eth0
diff --git a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.2653.nmconnection b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.2653.nmconnection
index 80483d4f..f44485d2 100644
--- a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.2653.nmconnection
+++ b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.2653.nmconnection
@@ -3,6 +3,7 @@
[connection]
id=cloud-init encc000.2653
uuid=116aaf19-aabc-50ea-b480-e9aee18bda59
+autoconnect-priority=120
type=vlan
interface-name=encc000.2653
diff --git a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.nmconnection b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.nmconnection
index 3368388d..fbdfbc65 100644
--- a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.nmconnection
+++ b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-encc000.nmconnection
@@ -3,6 +3,7 @@
[connection]
id=cloud-init encc000
uuid=f869ebd3-f175-5747-bf02-d0d44d687248
+autoconnect-priority=120
type=ethernet
interface-name=encc000
diff --git a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-en.nmconnection b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-en.nmconnection
index 16120bc1..dce56c7d 100644
--- a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-en.nmconnection
+++ b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-en.nmconnection
@@ -3,6 +3,7 @@
[connection]
id=cloud-init zz-all-en
uuid=159daec9-cba3-5101-85e7-46d831857f43
+autoconnect-priority=120
type=ethernet
interface-name=zz-all-en
diff --git a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-eth.nmconnection b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-eth.nmconnection
index df44d546..ee436bf2 100644
--- a/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-eth.nmconnection
+++ b/tests/unittests/net/artifacts/no_matching_mac/etc/NetworkManager/system-connections/cloud-init-zz-all-eth.nmconnection
@@ -3,6 +3,7 @@
[connection]
id=cloud-init zz-all-eth
uuid=23a83d8a-d7db-5133-a77b-e68a6ac61ec9
+autoconnect-priority=120
type=ethernet
interface-name=zz-all-eth
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 0f523ff8..7abe61b9 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -631,6 +631,7 @@ dns = none
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+autoconnect-priority=120
type=ethernet
[user]
@@ -1118,6 +1119,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init eth1
uuid=3c50eb47-7260-5a6d-801d-bd4f587d6b58
+ autoconnect-priority=120
type=ethernet
[user]
@@ -1135,6 +1137,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init eth99
uuid=b1b88000-1f03-5360-8377-1a2205efffb4
+ autoconnect-priority=120
type=ethernet
[user]
@@ -1234,6 +1237,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1364,6 +1368,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1404,6 +1409,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1504,6 +1510,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1734,6 +1741,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1845,6 +1853,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -1967,6 +1976,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -2043,6 +2053,7 @@ NETWORK_CONFIGS = {
[connection]
id=cloud-init iface0
uuid=8ddfba48-857c-5e86-ac09-1b43eae0bf70
+ autoconnect-priority=120
type=ethernet
interface-name=iface0
@@ -2507,6 +2518,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth3
uuid=b7e95dda-7746-5bf8-bf33-6e5f3c926790
+ autoconnect-priority=120
type=ethernet
slave-type=bridge
master=dee46ce4-af7a-5e7c-aa08-b25533ae9213
@@ -2526,6 +2538,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth5
uuid=5fda13c7-9942-5e90-a41b-1d043bd725dc
+ autoconnect-priority=120
type=ethernet
[user]
@@ -2547,6 +2560,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init ib0
uuid=11a1dda7-78b4-5529-beba-d9b5f549ad7b
+ autoconnect-priority=120
type=infiniband
[user]
@@ -2571,6 +2585,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init bond0.200
uuid=88984a9c-ff22-5233-9267-86315e0acaa7
+ autoconnect-priority=120
type=vlan
interface-name=bond0.200
@@ -2594,6 +2609,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+ autoconnect-priority=120
type=ethernet
[user]
@@ -2611,6 +2627,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth4
uuid=e27e4959-fb50-5580-b9a4-2073554627b9
+ autoconnect-priority=120
type=ethernet
slave-type=bridge
master=dee46ce4-af7a-5e7c-aa08-b25533ae9213
@@ -2630,6 +2647,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth1
uuid=3c50eb47-7260-5a6d-801d-bd4f587d6b58
+ autoconnect-priority=120
type=ethernet
slave-type=bond
master=54317911-f840-516b-a10d-82cb4c1f075c
@@ -2649,6 +2667,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init br0
uuid=dee46ce4-af7a-5e7c-aa08-b25533ae9213
+ autoconnect-priority=120
type=bridge
interface-name=br0
@@ -2680,6 +2699,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth0.101
uuid=b5acec5e-db80-5935-8b02-0d5619fc42bf
+ autoconnect-priority=120
type=vlan
interface-name=eth0.101
@@ -2708,6 +2728,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init bond0
uuid=54317911-f840-516b-a10d-82cb4c1f075c
+ autoconnect-priority=120
type=bond
interface-name=bond0
@@ -2732,6 +2753,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
[connection]
id=cloud-init eth2
uuid=5559a242-3421-5fdd-896e-9cb8313d5804
+ autoconnect-priority=120
type=ethernet
slave-type=bond
master=54317911-f840-516b-a10d-82cb4c1f075c
@@ -3257,6 +3279,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init bond0s0
uuid=09d0b5b9-67e7-5577-a1af-74d1cf17a71e
+ autoconnect-priority=120
type=ethernet
slave-type=bond
master=54317911-f840-516b-a10d-82cb4c1f075c
@@ -3276,6 +3299,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init bond0s1
uuid=4d9aca96-b515-5630-ad83-d13daac7f9d0
+ autoconnect-priority=120
type=ethernet
slave-type=bond
master=54317911-f840-516b-a10d-82cb4c1f075c
@@ -3295,6 +3319,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init bond0
uuid=54317911-f840-516b-a10d-82cb4c1f075c
+ autoconnect-priority=120
type=bond
interface-name=bond0
@@ -3421,6 +3446,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init en0.99
uuid=f594e2ed-f107-51df-b225-1dc530a5356b
+ autoconnect-priority=120
type=vlan
interface-name=en0.99
@@ -3453,6 +3479,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init en0
uuid=e0ca478b-8d84-52ab-8fae-628482c629b5
+ autoconnect-priority=120
type=ethernet
[user]
@@ -3580,6 +3607,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init br0
uuid=dee46ce4-af7a-5e7c-aa08-b25533ae9213
+ autoconnect-priority=120
type=bridge
interface-name=br0
@@ -3604,6 +3632,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+ autoconnect-priority=120
type=ethernet
slave-type=bridge
master=dee46ce4-af7a-5e7c-aa08-b25533ae9213
@@ -3628,6 +3657,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init eth1
uuid=3c50eb47-7260-5a6d-801d-bd4f587d6b58
+ autoconnect-priority=120
type=ethernet
slave-type=bridge
master=dee46ce4-af7a-5e7c-aa08-b25533ae9213
@@ -3782,6 +3812,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+ autoconnect-priority=120
type=ethernet
[user]
@@ -3804,6 +3835,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init eth1
uuid=3c50eb47-7260-5a6d-801d-bd4f587d6b58
+ autoconnect-priority=120
type=ethernet
[user]
@@ -3826,6 +3858,7 @@ iface bond0 inet6 static
[connection]
id=cloud-init eth2
uuid=5559a242-3421-5fdd-896e-9cb8313d5804
+ autoconnect-priority=120
type=ethernet
[user]
@@ -5688,6 +5721,7 @@ class TestNetworkManagerRendering(CiTestCase):
[connection]
id=cloud-init eth1000
uuid=8c517500-0c95-5308-9c8a-3092eebc44eb
+ autoconnect-priority=120
type=ethernet
[user]
@@ -5742,6 +5776,7 @@ class TestNetworkManagerRendering(CiTestCase):
[connection]
id=cloud-init interface0
uuid=8b6862ed-dbd6-5830-93f7-a91451c13828
+ autoconnect-priority=120
type=ethernet
[user]
@@ -5778,6 +5813,7 @@ class TestNetworkManagerRendering(CiTestCase):
[connection]
id=cloud-init eth0
uuid=1dd9a779-d327-56e1-8454-c65e2556c12c
+ autoconnect-priority=120
type=ethernet
interface-name=eth0

View File

@ -1,42 +0,0 @@
From 5394e28e896e9d18db6d359190bfb58dcbdb2646 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 23 May 2023 21:15:30 +0530
Subject: [PATCH] Set default renderer as sysconfig for c9s/RHEL 9
Currently, network manager is disabled on c9s and RHEL 9 and therefore
sysconfig is used as the primary renderer for network configuration on those
distribution flavors. We do not want to change this for c9s or RHEL 9 even when
network-manager renderer is re-enabled. NM was re-enabled with the following
commit:
5822f72230a58d ("Revert "Revert "Add native NetworkManager support (#1224)""")
This change bumps up the priority for sysconfig renderer so that it is used as
the primary renderer on c9s/RHEL 9 and other downstream distributions derived
from them. For c10s or RHEL 10, we might revert this change so that
network-manager again becomes the primary renderer for those distributions.
X-downstream-only: true
fixes: 0b0632f6c0 ("Revert "Manual revert "Use Network-Manager and Netplan as default renderers for RHEL and Fedora (#1465)")
fixes: 7703aa98b89 ("Use Network-Manager and Netplan as default renderers for RHEL and Fedora (#1465)")
RHBZ:2209349
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
config/cloud.cfg.tmpl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index 7238c102..22c6654c 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -383,7 +383,7 @@ system_info:
renderers: ['freebsd']
{% elif variant in ["fedora"] or is_rhel %}
network:
- renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
+ renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd']
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']

View File

@ -1,25 +0,0 @@
From 86dd9b0e215a40e60a6c48401a9c04215e10cdea Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 8 Jun 2023 10:19:49 +0530
Subject: [PATCH] Revert "Set default renderer as sysconfig for c9s/RHEL 9"
This reverts commit 5394e28e896e9d18db6d359190bfb58dcbdb2646.
Revert this downstream-only patch and replace it with the upstream patch.
---
config/cloud.cfg.tmpl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index 22c6654c..7238c102 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -383,7 +383,7 @@ system_info:
renderers: ['freebsd']
{% elif variant in ["fedora"] or is_rhel %}
network:
- renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd']
+ renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']

View File

@ -1,35 +0,0 @@
From fd4f6d94e09ed97a4dd6aba3284d9156c16c483b Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 8 Jun 2023 03:29:13 +0530
Subject: [PATCH] Set default renderer as sysconfig for centos/rhel (#4165)
Currently, network manager is disabled on c9s and therefore sysconfig is used as the primary renderer for network configuration. We do not want to change this for c9s even when network-manager renderer is re-enabled as it would mean a big behaviour change for cloud-init in the centos 9 stream.
This change bumps up the priority for sysconfig renderer so that it is used as the primary renderer on c9s and other downstream distributions derived from it. In the next major centos stream release, we may use network manager as the default renderer and make changes accordingly.
RHBZ: 2209349
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit a1f375095bd0ac8628c4fdc79538dc177bb9ff99)
---
config/cloud.cfg.tmpl | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index 7238c102..020340f9 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -381,9 +381,12 @@ system_info:
{% elif variant in ["dragonfly"] %}
network:
renderers: ['freebsd']
-{% elif variant in ["fedora"] or is_rhel %}
+{% elif variant in ["fedora"] %}
network:
renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
+{% elif is_rhel %}
+ network:
+ renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd' ]
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']

View File

@ -1,283 +0,0 @@
From 9eb7ef217eb03131904fb6e0c692130126334f52 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 16:54:24 +0530
Subject: [PATCH] test fixes: remove NM_CONTROLLED=no from tests
X-downstream-only: true
fixes: b3b96bff187e9 ("Do not write NM_CONTROLLED=no in generated interface config files")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/cmd/devel/test_net_convert.py | 1 -
tests/unittests/distros/test_netconfig.py | 8 -------
tests/unittests/test_net.py | 23 -------------------
3 files changed, 32 deletions(-)
diff --git a/tests/unittests/cmd/devel/test_net_convert.py b/tests/unittests/cmd/devel/test_net_convert.py
index 43e879f7..082e9656 100644
--- a/tests/unittests/cmd/devel/test_net_convert.py
+++ b/tests/unittests/cmd/devel/test_net_convert.py
@@ -63,7 +63,6 @@ SAMPLE_SYSCONFIG_CONTENT = """\
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index eaf723c8..7ac8182a 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -724,7 +724,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
GATEWAY=192.168.1.254
IPADDR=192.168.1.5
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -735,7 +734,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -767,7 +765,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -778,7 +775,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=eth1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -826,7 +822,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
HWADDR=00:16:3e:60:7c:df
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -839,7 +834,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=infra0
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
@@ -876,7 +870,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0
IPADDR=192.10.1.2
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -889,7 +882,6 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
DEVICE=eth0.1001
IPADDR=10.0.1.2
NETMASK=255.255.0.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eth0
USERCTL=no
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 1261840b..fd656a57 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -1502,7 +1502,6 @@ NETWORK_CONFIGS = {
DHCPV6C=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1594,7 +1593,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1671,7 +1669,6 @@ NETWORK_CONFIGS = {
IPV6INIT=yes
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1736,7 +1733,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1792,7 +1788,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1850,7 +1845,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=yes
IPV6INIT=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1933,7 +1927,6 @@ NETWORK_CONFIGS = {
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -1975,7 +1968,6 @@ NETWORK_CONFIGS = {
AUTOCONNECT_PRIORITY=120
BOOTPROTO=dhcp
DEVICE=iface0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2053,7 +2045,6 @@ NETWORK_CONFIGS = {
BOOTPROTO=dhcp
DEVICE=iface0
ETHTOOL_OPTS="wol g"
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -2530,7 +2521,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
IPADDR=192.168.200.7
MTU=9000
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=InfiniBand
USERCTL=no"""
@@ -3609,7 +3599,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -3626,7 +3615,6 @@ iface bond0 inet6 static
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_FORCE_ACCEPT_RA=no
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -3920,7 +3908,6 @@ iface bond0 inet6 static
BOOTPROTO=none
DEVICE=eth0
HWADDR=cf:d6:af:48:e8:80
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no"""
@@ -4759,7 +4746,6 @@ HWADDR=fa:16:3e:25:b4:59
IPADDR=51.68.89.122
MTU=1500
NETMASK=255.255.240.0
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -4774,7 +4760,6 @@ DEVICE=eth1
DHCLIENT_SET_DEFAULT_ROUTE=no
HWADDR=fa:16:3e:b1:ca:29
MTU=9000
-NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5027,7 +5012,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
IPV6_DEFAULTGW=2001:db8::1
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5060,7 +5044,6 @@ USERCTL=no
AUTOCONNECT_PRIORITY=120
BOOTPROTO=none
DEVICE=eno1
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5074,7 +5057,6 @@ USERCTL=no
IPADDR=192.6.1.9
MTU=1495
NETMASK=255.255.255.0
- NM_CONTROLLED=no
ONBOOT=yes
PHYSDEV=eno1
USERCTL=no
@@ -5111,7 +5093,6 @@ USERCTL=no
IPADDR=10.101.8.65
MTU=1334
NETMASK=255.255.255.192
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Bond
USERCTL=no
@@ -5124,7 +5105,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s0
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5138,7 +5118,6 @@ USERCTL=no
BOOTPROTO=none
DEVICE=enp0s1
MASTER=bond0
- NM_CONTROLLED=no
ONBOOT=yes
SLAVE=yes
TYPE=Bond
@@ -5170,7 +5149,6 @@ USERCTL=no
DEVICE=eno1
HWADDR=07-1c-c6-75-a4-be
METRIC=100
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
@@ -5262,7 +5240,6 @@ USERCTL=no
IPV6_FORCE_ACCEPT_RA=no
MTU=1400
NETMASK=255.255.248.0
- NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no

View File

@ -1,58 +0,0 @@
From d39cd4de3ce41b1a1727185f2e57ec27190c23cb Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Tue, 4 Jul 2023 13:58:27 +0530
Subject: [PATCH] Revert "limit permissions on def_log_file"
This reverts commit dfff374f66904e84fb07ca157ba010fac6b5f1de.
This commit seems useless and does not effectively change permission of the
log file. Remove it.
---
cloudinit/settings.py | 1 -
cloudinit/stages.py | 1 -
doc/examples/cloud-config.txt | 4 ----
3 files changed, 6 deletions(-)
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index 3d541141..edbb217d 100644
--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
@@ -52,7 +52,6 @@ CFG_BUILTIN = {
"None",
],
"def_log_file": "/var/log/cloud-init.log",
- "def_log_file_mode": 0o600,
"log_cfgs": [],
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
"syslog_fix_perms": [],
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index 1326d205..21f30a1f 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -202,7 +202,6 @@ class Init:
def _initialize_filesystem(self):
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
- log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode")
if log_file:
# At this point the log file should have already been created
# in the setupLogging function of log.py
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index b6d16c9c..15d788f3 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -383,14 +383,10 @@ timezone: US/Eastern
# if syslog_fix_perms is a list, it will iterate through and use the
# first pair that does not raise error.
#
-# 'def_log_file' will be created with mode 'def_log_file_mode', which
-# is specified as a numeric value and defaults to 0600.
-#
# the default values are '/var/log/cloud-init.log' and 'syslog:adm'
# the value of 'def_log_file' should match what is configured in logging
# if either is empty, then no change of ownership will be done
def_log_file: /var/log/my-logging-file.log
-def_log_file_mode: 0600
syslog_fix_perms: syslog:root
# you can set passwords for a user or multiple users

View File

@ -1,43 +0,0 @@
From f1ccdbdb6c662ce67b4af74e0433a59f099d784a Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 23 Jun 2023 17:54:04 +0530
Subject: [PATCH] test fixes: changes to apply RHEL specific config settings to
tests
X-downstream-only: true
fixes: c4d66915520554adedff9b ("Add initial redhat changes")
fixes: dfff374f66904e84fb07ca ("limit permissions on def_log_file")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/cmd/test_main.py | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/tests/unittests/cmd/test_main.py b/tests/unittests/cmd/test_main.py
index e9ad0bb8..5d61aa2c 100644
--- a/tests/unittests/cmd/test_main.py
+++ b/tests/unittests/cmd/test_main.py
@@ -119,14 +119,17 @@ class TestMain(FilesystemMockingTestCase):
{
"def_log_file": "/var/log/cloud-init.log",
"log_cfgs": [],
- "syslog_fix_perms": [
- "syslog:adm",
- "root:adm",
- "root:wheel",
- "root:root",
- ],
"vendor_data": {"enabled": True, "prefix": []},
"vendor_data2": {"enabled": True, "prefix": []},
+ "syslog_fix_perms": [],
+ "mount_default_fields": [
+ None,
+ None,
+ "auto",
+ "defaults,nofail",
+ "0",
+ "2",
+ ],
}
)
updated_cfg.pop("system_info")

View File

@ -1,90 +0,0 @@
From 7a530e186e791858bf70accd2fab80dd9b43ee7e Mon Sep 17 00:00:00 2001
From: Robert Schweikert <rjschwei@suse.com>
Date: Thu, 23 Feb 2023 16:43:56 -0500
Subject: [PATCH] Enable SUSE based distros for ca handling (#2036)
CA handling in the configuration module was previously not supported
for SUSE based distros. Enable this functionality by creating the
necessary configuration settings.
Secondly update the test such that it does not bleed through to the
test system.
(cherry picked from commit 46fcd03187d70f405c748f7a6cfdb02ecb8c6ee7)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/config/cc_ca_certs.py | 31 +++++++++++++++++++++-
tests/unittests/config/test_cc_ca_certs.py | 2 ++
2 files changed, 32 insertions(+), 1 deletion(-)
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
index 169b0e18..51b8577c 100644
--- a/cloudinit/config/cc_ca_certs.py
+++ b/cloudinit/config/cc_ca_certs.py
@@ -32,8 +32,25 @@ DISTRO_OVERRIDES = {
"ca_cert_config": None,
"ca_cert_update_cmd": ["update-ca-trust"],
},
+ "opensuse": {
+ "ca_cert_path": "/etc/pki/trust/",
+ "ca_cert_local_path": "/usr/share/pki/trust/",
+ "ca_cert_filename": "anchors/cloud-init-ca-cert-{cert_index}.crt",
+ "ca_cert_config": None,
+ "ca_cert_update_cmd": ["update-ca-certificates"],
+ },
}
+for distro in (
+ "opensuse-microos",
+ "opensuse-tumbleweed",
+ "opensuse-leap",
+ "sle_hpc",
+ "sle-micro",
+ "sles",
+):
+ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"]
+
MODULE_DESCRIPTION = """\
This module adds CA certificates to the system's CA store and updates any
related files using the appropriate OS-specific utility. The default CA
@@ -48,7 +65,19 @@ configuration option ``remove_defaults``.
Alpine Linux requires the ca-certificates package to be installed in
order to provide the ``update-ca-certificates`` command.
"""
-distros = ["alpine", "debian", "rhel", "ubuntu"]
+distros = [
+ "alpine",
+ "debian",
+ "rhel",
+ "opensuse",
+ "opensuse-microos",
+ "opensuse-tumbleweed",
+ "opensuse-leap",
+ "sle_hpc",
+ "sle-micro",
+ "sles",
+ "ubuntu",
+]
meta: MetaSchema = {
"id": "cc_ca_certs",
diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py
index 19e5d422..6db17485 100644
--- a/tests/unittests/config/test_cc_ca_certs.py
+++ b/tests/unittests/config/test_cc_ca_certs.py
@@ -311,6 +311,7 @@ class TestRemoveDefaultCaCerts(TestCase):
"cloud_dir": tmpdir,
}
)
+ self.add_patch("cloudinit.config.cc_ca_certs.os.stat", "m_stat")
def test_commands(self):
ca_certs_content = "# line1\nline2\nline3\n"
@@ -318,6 +319,7 @@ class TestRemoveDefaultCaCerts(TestCase):
"# line1\n# Modified by cloud-init to deselect certs due to"
" user-data\n!line2\n!line3\n"
)
+ self.m_stat.return_value.st_size = 1
for distro_name in cc_ca_certs.distros:
conf = cc_ca_certs._distro_ca_certs_configs(distro_name)

View File

@ -1,85 +0,0 @@
From add770c442088c0915bdefad2a7438f9a38596c5 Mon Sep 17 00:00:00 2001
From: Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com>
Date: Fri, 17 Mar 2023 03:01:22 +0530
Subject: [PATCH] Handle non existent ca-cert-config situation (#2073)
Currently if a cert file doesn't exist, cc_ca_certs module crashes
This fix makes it possible to handle it gracefully.
Also, out_lines variable may not be available if os.stat returns 0.
This issue is also taken care of.
Added tests for the same.
(cherry picked from commit 3634678465e7b8f8608bcb9a1f5773ae7837cbe9)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/config/cc_ca_certs.py | 19 +++++++++++++------
tests/unittests/config/test_cc_ca_certs.py | 12 ++++++++++++
2 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
index 51b8577c..4dc08681 100644
--- a/cloudinit/config/cc_ca_certs.py
+++ b/cloudinit/config/cc_ca_certs.py
@@ -177,14 +177,20 @@ def disable_system_ca_certs(distro_cfg):
@param distro_cfg: A hash providing _distro_ca_certs_configs function.
"""
- if distro_cfg["ca_cert_config"] is None:
+
+ ca_cert_cfg_fn = distro_cfg["ca_cert_config"]
+
+ if not ca_cert_cfg_fn or not os.path.exists(ca_cert_cfg_fn):
return
+
header_comment = (
"# Modified by cloud-init to deselect certs due to user-data"
)
+
added_header = False
- if os.stat(distro_cfg["ca_cert_config"]).st_size != 0:
- orig = util.load_file(distro_cfg["ca_cert_config"])
+
+ if os.stat(ca_cert_cfg_fn).st_size:
+ orig = util.load_file(ca_cert_cfg_fn)
out_lines = []
for line in orig.splitlines():
if line == header_comment:
@@ -197,9 +203,10 @@ def disable_system_ca_certs(distro_cfg):
out_lines.append(header_comment)
added_header = True
out_lines.append("!" + line)
- util.write_file(
- distro_cfg["ca_cert_config"], "\n".join(out_lines) + "\n", omode="wb"
- )
+
+ util.write_file(
+ ca_cert_cfg_fn, "\n".join(out_lines) + "\n", omode="wb"
+ )
def remove_default_ca_certs(distro_cfg):
diff --git a/tests/unittests/config/test_cc_ca_certs.py b/tests/unittests/config/test_cc_ca_certs.py
index 6db17485..5f1894e7 100644
--- a/tests/unittests/config/test_cc_ca_certs.py
+++ b/tests/unittests/config/test_cc_ca_certs.py
@@ -365,6 +365,18 @@ class TestRemoveDefaultCaCerts(TestCase):
else:
assert mock_subp.call_count == 0
+ def test_non_existent_cert_cfg(self):
+ self.m_stat.return_value.st_size = 0
+
+ for distro_name in cc_ca_certs.distros:
+ conf = cc_ca_certs._distro_ca_certs_configs(distro_name)
+ with ExitStack() as mocks:
+ mocks.enter_context(
+ mock.patch.object(util, "delete_dir_contents")
+ )
+ mocks.enter_context(mock.patch.object(subp, "subp"))
+ cc_ca_certs.disable_default_ca_certs(distro_name, conf)
+
class TestCACertsSchema:
"""Directly test schema rather than through handle."""

View File

@ -1,172 +0,0 @@
From 1cecfe4bc3d7e4806d1890615a119e478decd5fd Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 20 Jul 2023 23:56:01 +0530
Subject: [PATCH] logging: keep current file mode of log file if its stricter
than the new mode (#4250)
By default, the cloud init log file is created with mode 0o644 with
`preserve_mode` parameter of `write_file()` set to False. This means that when
an existing log file is found, its mode will be unconditionally reset to the
mode 0o644. It is possible that this might cause the change of the mode of the
log file from the current more stricter mode to a less strict mode
(when the new mode 0o644 is less strict than the existing mode of the file).
In order to mitigate the above issue, check the current mode of the log file
and if the current mode is stricter than the default new mode 0o644, then
preserve the current mode of the file.
Fixes GH-4243
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit a0e4ec15a1adffabd1c539879514eae4807c834c)
Conflicts:
tests/unittests/test_util.py
---
cloudinit/stages.py | 15 ++++++++++++++-
cloudinit/util.py | 23 +++++++++++++++++++++++
tests/unittests/test_stages.py | 23 ++++++++++++++++-------
tests/unittests/test_util.py | 24 ++++++++++++++++++++++++
4 files changed, 77 insertions(+), 8 deletions(-)
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
index 21f30a1f..979179af 100644
--- a/cloudinit/stages.py
+++ b/cloudinit/stages.py
@@ -200,12 +200,25 @@ class Init:
self._initialize_filesystem()
def _initialize_filesystem(self):
+ mode = 0o640
+ fmode = None
+
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
if log_file:
# At this point the log file should have already been created
# in the setupLogging function of log.py
- util.ensure_file(log_file, mode=0o640, preserve_mode=False)
+
+ try:
+ fmode = util.get_permissions(log_file)
+ except OSError:
+ pass
+
+ # if existing file mode fmode is stricter, do not change it.
+ if fmode and util.compare_permission(fmode, mode) < 0:
+ mode = fmode
+
+ util.ensure_file(log_file, mode, preserve_mode=False)
perms = self.cfg.get("syslog_fix_perms")
if not perms:
perms = {}
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 4a8e3d3b..af617e73 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -2099,6 +2099,29 @@ def safe_int(possible_int):
return None
+def compare_permission(mode1, mode2):
+ """Compare two file modes in octal.
+
+ If mode1 is less restrictive than mode2 return 1
+ If mode1 is more restrictive than mode2 return -1
+ If mode1 is same as mode2, return 0
+
+ The comparison starts from the permission of the
+ set of users in "others" and then works up to the
+ permission of "user" set.
+ """
+ # Convert modes to octal and reverse the last 3 digits
+ # so 0o640 would be become 0o046
+ mode1_oct = oct(mode1)[2:].rjust(3, "0")
+ mode2_oct = oct(mode2)[2:].rjust(3, "0")
+ m1 = int(mode1_oct[:-3] + mode1_oct[-3:][::-1], 8)
+ m2 = int(mode2_oct[:-3] + mode2_oct[-3:][::-1], 8)
+
+ # Then do a traditional cmp()
+ # https://docs.python.org/3.0/whatsnew/3.0.html#ordering-comparisons
+ return (m1 > m2) - (m1 < m2)
+
+
def chmod(path, mode):
real_mode = safe_int(mode)
if path and real_mode:
diff --git a/tests/unittests/test_stages.py b/tests/unittests/test_stages.py
index a61f9df9..831ea9f2 100644
--- a/tests/unittests/test_stages.py
+++ b/tests/unittests/test_stages.py
@@ -606,13 +606,22 @@ class TestInit_InitializeFilesystem:
# Assert we create it 0o640 by default if it doesn't already exist
assert 0o640 == stat.S_IMODE(log_file.stat().mode)
- def test_existing_file_permissions(self, init, tmpdir):
+ @pytest.mark.parametrize(
+ "set_perms,expected_perms",
+ [
+ (0o640, 0o640),
+ (0o606, 0o640),
+ (0o600, 0o600),
+ ],
+ )
+ def test_existing_file_permissions(
+ self, init, tmpdir, set_perms, expected_perms
+ ):
"""Test file permissions are set as expected.
- CIS Hardening requires 640 permissions. These permissions are
- currently hardcoded on every boot, but if there's ever a reason
- to change this, we need to then ensure that they
- are *not* set every boot.
+ CIS Hardening requires 640 permissions. If the file has looser
+ permissions, then hard code 640. If the file has tighter
+ permissions, then leave them as they are
See https://bugs.launchpad.net/cloud-init/+bug/1900837.
"""
@@ -620,9 +629,9 @@ class TestInit_InitializeFilesystem:
log_file.ensure()
# Use a mode that will never be made the default so this test will
# always be valid
- log_file.chmod(0o606)
+ log_file.chmod(set_perms)
init._cfg = {"def_log_file": str(log_file)}
init._initialize_filesystem()
- assert 0o640 == stat.S_IMODE(log_file.stat().mode)
+ assert expected_perms == stat.S_IMODE(log_file.stat().mode)
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
index 17182d06..289a4234 100644
--- a/tests/unittests/test_util.py
+++ b/tests/unittests/test_util.py
@@ -3051,3 +3051,27 @@ class TestVersion:
)
def test_from_str(self, str_ver, cls_ver):
assert util.Version.from_str(str_ver) == cls_ver
+
+
+class TestComparePermissions:
+ @pytest.mark.parametrize(
+ "perm1,perm2,expected",
+ [
+ (0o777, 0o777, 0),
+ (0o000, 0o000, 0),
+ (0o421, 0o421, 0),
+ (0o1640, 0o1640, 0),
+ (0o1407, 0o1600, 1),
+ (0o1600, 0o1407, -1),
+ (0o407, 0o600, 1),
+ (0o600, 0o407, -1),
+ (0o007, 0o700, 1),
+ (0o700, 0o007, -1),
+ (0o077, 0o100, 1),
+ (0o644, 0o640, 1),
+ (0o640, 0o600, 1),
+ (0o600, 0o400, 1),
+ ],
+ )
+ def test_compare_permissions(self, perm1, perm2, expected):
+ assert util.compare_permission(perm1, perm2) == expected

View File

@ -1,62 +0,0 @@
From 25ac8bb44af554a040f0dfa9b52e9241a33a4845 Mon Sep 17 00:00:00 2001
From: PengpengSun <40026211+PengpengSun@users.noreply.github.com>
Date: Tue, 25 Jul 2023 05:21:46 +0800
Subject: [PATCH] DS VMware: modify a few log level (#4284)
Multiple ip addresses are common scenario for modern Linux, so set
debug log level for such cases.
(cherry picked from commit 4a6a9d3f6c8fe213c51f6c1336f1dd378bf4bdca)
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/sources/DataSourceVMware.py | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/cloudinit/sources/DataSourceVMware.py b/cloudinit/sources/DataSourceVMware.py
index 07a80222..bc3b5a5f 100644
--- a/cloudinit/sources/DataSourceVMware.py
+++ b/cloudinit/sources/DataSourceVMware.py
@@ -1,6 +1,6 @@
# Cloud-Init DataSource for VMware
#
-# Copyright (c) 2018-2022 VMware, Inc. All Rights Reserved.
+# Copyright (c) 2018-2023 VMware, Inc. All Rights Reserved.
#
# Authors: Anish Swaminathan <anishs@vmware.com>
# Andrew Kutz <akutz@vmware.com>
@@ -719,7 +719,7 @@ def get_default_ip_addrs():
af_inet4 = addr4_fams.get(netifaces.AF_INET)
if af_inet4:
if len(af_inet4) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv4 address: %s",
dev4,
af_inet4,
@@ -737,7 +737,7 @@ def get_default_ip_addrs():
af_inet6 = addr6_fams.get(netifaces.AF_INET6)
if af_inet6:
if len(af_inet6) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv6 address: %s",
dev6,
af_inet6,
@@ -752,7 +752,7 @@ def get_default_ip_addrs():
af_inet6 = addr4_fams.get(netifaces.AF_INET6)
if af_inet6:
if len(af_inet6) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv6 address: %s",
dev4,
af_inet6,
@@ -767,7 +767,7 @@ def get_default_ip_addrs():
af_inet4 = addr6_fams.get(netifaces.AF_INET)
if af_inet4:
if len(af_inet4) > 1:
- LOG.warning(
+ LOG.debug(
"device %s has more than one ipv4 address: %s",
dev6,
af_inet4,

View File

@ -1,283 +0,0 @@
From c720ab9703752535767691a31e4720e11674bb1f Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Fri, 4 Aug 2023 08:58:26 +0530
Subject: [PATCH] NM renderer: set default IPv6 addr-gen-mode for all
interfaces to eui64 (#4291)
By default, NetworkManager renderer in cloud-init does not set any specific
method for IPV6 addr-gen-mode in the keyfiles it writes. Hence, implicitly the
mode is set to `eui64` in the absence of any global addr-gen-mode option in
NetworkManager configuration.
Later when other interfaces get added via D-Bus API or by using nmcli commands
without explictly setting an addr-gen-mode, NM auto generates new profiles for
those interfaces with addr-gen-mode set to `stable-privacy`. This introduces
inconsistency of configurations between interfaces based on how they were
added. This can cause problems for the customers.
In this change, cloud-init overrides NetworkManager's preferred default of
`stable-privacy` to use EUI64 using a drop in NetworkManager configuration
file. This setting can be overriden by using global-connection-defaults
setting in /etc/NetworkManager/NetworkManager.conf file.
RHBZ: 2188388
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit d41264cb4297a4b143a23f3677d33b81fbfc6e8e)
Conflicts:
tests/unittests/test_net.py
---
cloudinit/net/network_manager.py | 21 ++++++++
tests/unittests/test_net.py | 91 +++++++++++++++++++++++++-------
2 files changed, 94 insertions(+), 18 deletions(-)
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index ca216928..8047f796 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -21,6 +21,15 @@ from cloudinit.net.network_state import NetworkState
NM_RUN_DIR = "/etc/NetworkManager"
NM_LIB_DIR = "/usr/lib/NetworkManager"
NM_CFG_FILE = "/etc/NetworkManager/NetworkManager.conf"
+NM_IPV6_ADDR_GEN_CONF = """# This is generated by cloud-init. Do not edit.
+#
+[.config]
+ enable=nm-version-min:1.40
+[connection.30-cloud-init-ip6-addr-gen-mode]
+ # Select EUI64 to be used if the profile does not specify it.
+ ipv6.addr-gen-mode=0
+
+"""
LOG = logging.getLogger(__name__)
@@ -368,6 +377,12 @@ class Renderer(renderer.Renderer):
name = conn_filename(con_id, target)
util.write_file(name, conn.dump(), 0o600)
+ # Select EUI64 to be used by default by NM for creating the address
+ # for use with RFC4862 IPv6 Stateless Address Autoconfiguration.
+ util.write_file(
+ cloud_init_nm_conf_filename(target), NM_IPV6_ADDR_GEN_CONF, 0o600
+ )
+
def conn_filename(con_id, target=None):
target_con_dir = subp.target_path(target, NM_RUN_DIR)
@@ -375,6 +390,12 @@ def conn_filename(con_id, target=None):
return f"{target_con_dir}/system-connections/{con_file}"
+def cloud_init_nm_conf_filename(target=None):
+ target_con_dir = subp.target_path(target, NM_RUN_DIR)
+ conf_file = "30-cloud-init-ip6-addr-gen-mode.conf"
+ return f"{target_con_dir}/conf.d/{conf_file}"
+
+
def available(target=None):
# TODO: Move `uses_systemd` to a more appropriate location
# It is imported here to avoid circular import
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index fd656a57..d49da696 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -5679,9 +5679,25 @@ class TestNetworkManagerRendering(CiTestCase):
with_logs = True
scripts_dir = "/etc/NetworkManager/system-connections"
+ conf_dir = "/etc/NetworkManager/conf.d"
expected_name = "expected_network_manager"
+ expected_conf_d = {
+ "30-cloud-init-ip6-addr-gen-mode.conf": textwrap.dedent(
+ """\
+ # This is generated by cloud-init. Do not edit.
+ #
+ [.config]
+ enable=nm-version-min:1.40
+ [connection.30-cloud-init-ip6-addr-gen-mode]
+ # Select EUI64 to be used if the profile does not specify it.
+ ipv6.addr-gen-mode=0
+
+ """
+ ),
+ }
+
def _get_renderer(self):
return network_manager.Renderer()
@@ -5700,11 +5716,19 @@ class TestNetworkManagerRendering(CiTestCase):
renderer.render_network_state(ns, target=dir)
return dir2dict(dir)
- def _compare_files_to_expected(self, expected, found):
+ def _compare_files_to_expected(
+ self, expected_scripts, expected_conf, found
+ ):
orig_maxdiff = self.maxDiff
- expected_d = dict(
- (os.path.join(self.scripts_dir, k), v) for k, v in expected.items()
+ conf_d = dict(
+ (os.path.join(self.conf_dir, k), v)
+ for k, v in expected_conf.items()
+ )
+ scripts_d = dict(
+ (os.path.join(self.scripts_dir, k), v)
+ for k, v in expected_scripts.items()
)
+ expected_d = {**conf_d, **scripts_d}
try:
self.maxDiff = None
@@ -5765,6 +5789,7 @@ class TestNetworkManagerRendering(CiTestCase):
"""
),
},
+ self.expected_conf_d,
found,
)
@@ -5820,8 +5845,9 @@ class TestNetworkManagerRendering(CiTestCase):
gateway=10.0.2.2
"""
- ),
+ )
},
+ self.expected_conf_d,
found,
)
@@ -5857,33 +5883,44 @@ class TestNetworkManagerRendering(CiTestCase):
"""
),
},
+ self.expected_conf_d,
found,
)
def test_bond_config(self):
entry = NETWORK_CONFIGS["bond"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_vlan_config(self):
entry = NETWORK_CONFIGS["vlan"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_bridge_config(self):
entry = NETWORK_CONFIGS["bridge"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_manual_config(self):
entry = NETWORK_CONFIGS["manual"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_all_config(self):
entry = NETWORK_CONFIGS["all"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
self.assertNotIn(
"WARNING: Network config: ignoring eth0.101 device-level mtu",
self.logs.getvalue(),
@@ -5892,12 +5929,16 @@ class TestNetworkManagerRendering(CiTestCase):
def test_small_config(self):
entry = NETWORK_CONFIGS["small"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_v4_and_v6_static_config(self):
entry = NETWORK_CONFIGS["v4_and_v6_static"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
expected_msg = (
"WARNING: Network config: ignoring iface0 device-level mtu:8999"
" because ipv4 subnet-level mtu:9000 provided."
@@ -5907,41 +5948,55 @@ class TestNetworkManagerRendering(CiTestCase):
def test_dhcpv6_only_config(self):
entry = NETWORK_CONFIGS["dhcpv6_only"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_simple_render_ipv6_slaac(self):
entry = NETWORK_CONFIGS["ipv6_slaac"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_dhcpv6_stateless_config(self):
entry = NETWORK_CONFIGS["dhcpv6_stateless"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_wakeonlan_disabled_config_v2(self):
entry = NETWORK_CONFIGS["wakeonlan_disabled"]
found = self._render_and_read(
network_config=yaml.load(entry["yaml_v2"])
)
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_wakeonlan_enabled_config_v2(self):
entry = NETWORK_CONFIGS["wakeonlan_enabled"]
found = self._render_and_read(
network_config=yaml.load(entry["yaml_v2"])
)
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_render_v4_and_v6(self):
entry = NETWORK_CONFIGS["v4_and_v6"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
def test_render_v6_and_v4(self):
entry = NETWORK_CONFIGS["v6_and_v4"]
found = self._render_and_read(network_config=yaml.load(entry["yaml"]))
- self._compare_files_to_expected(entry[self.expected_name], found)
+ self._compare_files_to_expected(
+ entry[self.expected_name], self.expected_conf_d, found
+ )
@mock.patch(

View File

@ -1,121 +0,0 @@
From 53625ea5705ced07738fdb7c23d7f8952a62f2da Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 7 Sep 2023 02:36:52 +0530
Subject: [PATCH] net: fix ipv6_dhcpv6_stateful/stateless/slaac configuration
for rhel (#4395)
When network type is ipv6_dhcpv6-stateful/stateless/slaac, cloud-init seems to
enable dhcp for both ipv4 and ipv6. Network manager prefers dhcp over ipv4 and
hence dhcp6 is not used to obtain the IP address. This is incorrect.
For only ipv6_dhcpv6-stateful/stateless/slaac networks, we should set:
ipv4.method = disabled // disables all ipv4 dhcp
For ifcfg files (sysconfig renderer), the corresponding changes should be:
BOOTPROTO = none // instead of dhcp so that dhcp4 is disabled.
Additionally, for only ipv6_dhcpv6_stateful, we should set:
ipv6.may-fail = no // dhcp6 must succeed.
which translates to the following ifcfg setting:
IPV6_FAILURE_FATAL = yes // so that dhcp6 should succeed.
This patch fixes this for rhel. The patch has been tested by Red Hat QE.
RHBZ: 2046491
fixes: f550c8765ca03d3 ("Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL (#685)")
Signed-off-by: Ani Sinha <anisinha@redhat.com>
(cherry picked from commit fd214a1243011275c5dffb92b481c235e4c7a1bf)
---
cloudinit/net/network_manager.py | 9 +++++++++
cloudinit/net/sysconfig.py | 6 +++---
tests/unittests/test_net.py | 9 ++++++++-
3 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index 8047f796..7a32691e 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -105,6 +105,14 @@ class NMConnection:
if self.config[family]["method"] == "auto" and method == "manual":
return
+ if (
+ subnet_type == "ipv6_dhcpv6-stateful"
+ or subnet_type == "ipv6_dhcpv6-stateless"
+ or subnet_type == "ipv6_slaac"
+ ):
+ # set ipv4 method to 'disabled' to align with sysconfig renderer.
+ self._set_default("ipv4", "method", "disabled")
+
self.config[family]["method"] = method
self._set_default(family, "may-fail", "false")
@@ -342,6 +350,7 @@ class Renderer(renderer.Renderer):
def __init__(self, config=None):
self.connections = {}
+ self.config = config
def get_conn(self, con_id):
return self.connections[con_id]
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index f2c7c92c..af746599 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -436,13 +436,13 @@ class Renderer(renderer.Renderer):
iface_cfg["BOOTPROTO"] = "dhcp6"
iface_cfg["DHCLIENT6_MODE"] = "managed"
# only if rhel AND dhcpv6 stateful
- elif (
- flavor == "rhel" and subnet_type == "ipv6_dhcpv6-stateful"
+ elif flavor == "rhel" and (
+ subnet_type == "ipv6_dhcpv6-stateful"
):
- iface_cfg["BOOTPROTO"] = "dhcp"
iface_cfg["DHCPV6C"] = True
iface_cfg["IPV6INIT"] = True
iface_cfg["IPV6_AUTOCONF"] = False
+ iface_cfg["IPV6_FAILURE_FATAL"] = True
else:
iface_cfg["IPV6INIT"] = True
# Configure network settings using DHCPv6
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index d49da696..e1cd53c2 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -1760,6 +1760,9 @@ NETWORK_CONFIGS = {
method=auto
may-fail=false
+ [ipv4]
+ method=disabled
+
"""
),
},
@@ -1872,6 +1875,9 @@ NETWORK_CONFIGS = {
method=auto
may-fail=false
+ [ipv4]
+ method=disabled
+
"""
),
},
@@ -1920,11 +1926,12 @@ NETWORK_CONFIGS = {
"ifcfg-iface0": textwrap.dedent(
"""\
AUTOCONNECT_PRIORITY=120
- BOOTPROTO=dhcp
+ BOOTPROTO=none
DEVICE=iface0
DHCPV6C=yes
IPV6INIT=yes
IPV6_AUTOCONF=no
+ IPV6_FAILURE_FATAL=yes
IPV6_FORCE_ACCEPT_RA=yes
DEVICE=iface0
ONBOOT=yes

View File

@ -1,6 +1,6 @@
Name: cloud-init Name: cloud-init
Version: 23.1.1 Version: 23.4
Release: 12%{?dist} Release: 2%{?dist}
Summary: Cloud instance init scripts Summary: Cloud instance init scripts
License: ASL 2.0 or GPLv3 License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init URL: http://launchpad.net/cloud-init
@ -10,35 +10,7 @@ Source1: cloud-init-tmpfiles.conf
# Source-git patches # Source-git patches
Patch1: 0001-Add-initial-redhat-changes.patch Patch1: 0001-Add-initial-redhat-changes.patch
Patch2: 0002-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch Patch2: 0002-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch
Patch3: 0003-Setting-highest-autoconnect-priority-for-network-scr.patch Patch3: 0003-Setting-autoconnect-priority-setting-for-network-scr.patch
Patch4: 0004-limit-permissions-on-def_log_file.patch
Patch5: 0005-Manual-revert-Use-Network-Manager-and-Netplan-as-def.patch
Patch6: 0006-Revert-Add-native-NetworkManager-support-1224.patch
Patch7: 0007-rhel-make-sure-previous-hostname-file-ends-with-a-ne.patch
Patch8: 0008-Don-t-change-permissions-of-netrules-target-2076.patch
Patch9: 0009-Make-user-vendor-data-sensitive-and-remove-log-permi.patch
Patch10: 0010-Do-not-generate-dsa-and-ed25519-key-types-when-crypt.patch
Patch11: 0011-Revert-Manual-revert-Use-Network-Manager-and-Netplan.patch
Patch12: 0012-Revert-Revert-Add-native-NetworkManager-support-1224.patch
Patch13: 0013-net-sysconfig-do-not-use-the-highest-autoconnect-pri.patch
Patch14: 0014-net-sysconfig-cosmetic-fix-tox-formatting.patch
Patch15: 0015-nm-generate-ipv6-stateful-dhcp-config-at-par-with-sy.patch
Patch16: 0016-network_manager-add-a-method-for-ipv6-static-IP-conf.patch
Patch17: 0017-net-sysconfig-enable-sysconfig-renderer-if-network-m.patch
Patch18: 0018-network-manager-Set-higher-autoconnect-priority-for-.patch
Patch19: 0019-Set-default-renderer-as-sysconfig-for-c9s-RHEL-9.patch
Patch20: 0020-Revert-Set-default-renderer-as-sysconfig-for-c9s-RHE.patch
Patch21: 0021-Set-default-renderer-as-sysconfig-for-centos-rhel-41.patch
Patch22: 0022-test-fixes-update-tests-to-reflect-AUTOCONNECT_PRIOR.patch
Patch23: 0023-test-fixes-remove-NM_CONTROLLED-no-from-tests.patch
Patch24: 0024-Revert-limit-permissions-on-def_log_file.patch
Patch25: 0025-test-fixes-changes-to-apply-RHEL-specific-config-set.patch
Patch26: 0026-Enable-SUSE-based-distros-for-ca-handling-2036.patch
Patch27: 0027-Handle-non-existent-ca-cert-config-situation-2073.patch
Patch28: 0028-logging-keep-current-file-mode-of-log-file-if-its-st.patch
Patch29: 0029-DS-VMware-modify-a-few-log-level-4284.patch
Patch30: 0030-NM-renderer-set-default-IPv6-addr-gen-mode-for-all-i.patch
Patch31: 0031-net-fix-ipv6_dhcpv6_stateful-stateless-slaac-configu.patch
BuildArch: noarch BuildArch: noarch
@ -114,7 +86,7 @@ sed -i -e 's|#!/usr/bin/env python|#!/usr/bin/env python3|' \
%py3_install -- %py3_install --
%if 0%{?fedora} %if 0%{?fedora}
python3 tools/render-cloudcfg --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg python3 tools/render-template --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg
%endif %endif
sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $RPM_BUILD_ROOT/%{python3_sitelib}/cloudinit/version.py sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $RPM_BUILD_ROOT/%{python3_sitelib}/cloudinit/version.py
@ -129,12 +101,8 @@ cp -p %{SOURCE1} $RPM_BUILD_ROOT/%{_tmpfilesdir}/%{name}.conf
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d
cp -p tools/21-cloudinit.conf $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf cp -p tools/21-cloudinit.conf $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf
# Make installed NetworkManager hook name less generic
mv $RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/hook-network-manager \
$RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
[ ! -d $RPM_BUILD_ROOT%{_systemdgeneratordir} ] && mkdir -p $RPM_BUILD_ROOT%{_systemdgeneratordir} [ ! -d $RPM_BUILD_ROOT%{_systemdgeneratordir} ] && mkdir -p $RPM_BUILD_ROOT%{_systemdgeneratordir}
python3 tools/render-cloudcfg --variant rhel systemd/cloud-init-generator.tmpl > $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator python3 tools/render-template --variant rhel systemd/cloud-init-generator.tmpl > $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator
chmod 755 $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator chmod 755 $RPM_BUILD_ROOT%{_systemdgeneratordir}/cloud-init-generator
# installing man pages # installing man pages
@ -250,8 +218,6 @@ fi
%{_mandir}/man1/* %{_mandir}/man1/*
%dir %verify(not mode) /run/cloud-init %dir %verify(not mode) /run/cloud-init
%dir /var/lib/cloud %dir /var/lib/cloud
/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
/etc/dhcp/dhclient-exit-hooks.d/hook-dhclient
%{_udevrulesdir}/66-azure-ephemeral.rules %{_udevrulesdir}/66-azure-ephemeral.rules
%{_datadir}/bash-completion/completions/cloud-init %{_datadir}/bash-completion/completions/cloud-init
%{_bindir}/cloud-id %{_bindir}/cloud-id
@ -262,6 +228,10 @@ fi
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
%changelog %changelog
* Wed Jan 10 2024 Camilla Conte <cconte@redhat.com> - 23.4-2
- 0003-Setting-autoconnect-priority-setting-for-network-scr.patch [RHEL-18313]
- Resolves: RHEL-18313
* Fri Sep 15 2023 Camilla Conte <cconte@redhat.com> - 23.1.1-12 * Fri Sep 15 2023 Camilla Conte <cconte@redhat.com> - 23.1.1-12
- Resolves: RHEL-2323 - Resolves: RHEL-2323
- 0031-net-fix-ipv6_dhcpv6_stateful-stateless-slaac-configu.patch [bz#2227767] - 0031-net-fix-ipv6_dhcpv6_stateful-stateless-slaac-configu.patch [bz#2227767]

View File

@ -1 +1 @@
SHA512 (23.1.1.tar.gz) = 387d11d09e4c6443125216617893d72c9a060bbd086316a3101076206409f315e50ba580eb445e125179fbcf7bd97c264d3c3b7ebe970d9c536e71f3362e1c66 SHA512 (23.4.tar.gz) = e425a957cb38f2be2fcb83693696d0177ad84150f8a55759226d8696344ddd75e33e23a7230c492087784ef96ddd71305bc3462479e2c1a3ed0e704ac0f2d879