* Mon Feb 17 2025 Miroslav Rezanina <mrezanin@redhat.com> - 24.4-3

- ci-Use-log_with_downgradable_level-for-user-password-wa.patch [RHEL-73667] - ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch [RHEL-79727] - Resolves: RHEL-73667 (Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10]) - Resolves: RHEL-79727 ([c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network)
2025-02-17 02:46:57 -05:00 · 2025-02-17 02:46:57 -05:00 · f3f5e0997a
commit f3f5e0997a
parent 2ddb1d0541
3 changed files with 255 additions and 1 deletions
--- a/ci-Use-log_with_downgradable_level-for-user-password-wa.patch
+++ b/ci-Use-log_with_downgradable_level-for-user-password-wa.patch
@ -0,0 +1,98 @@
+From d654256e2717706f684863c6a4c9e56bc668cebf Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Fri, 10 Jan 2025 23:32:52 +0530
+Subject: [PATCH 1/2] Use log_with_downgradable_level for user password
+ warnings (#5927)
+
+RH-Author: xiachen <xiachen@redhat.com>
+RH-MergeRequest: 122: Use log_with_downgradable_level for user password warnings (#5927)
+RH-Jira: RHEL-73667
+RH-Acked-by: Ani Sinha <anisinha@redhat.com>
+RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+RH-Acked-by: Cathy Avery <cavery@redhat.com>
+RH-Commit: [1/1] da0063558c217cafa87023e4ca3e62925a3a91ce (xiachen/cloud-init-centos)
+
+Introduction of new WARNING level logs could be problematic for stable
+downstream distros. Customers using these distros would then see a new and
+unexpected behavior change or a new WARNING log that can confuse them. So for
+handling user account passwords, use log_with_downgradable_level() helper api
+instead so that downstream distros can maintain stability while also making
+progressive changes in upstream towards improved user experience.
+Downstream distros can convert these logs to DEBUG level by setting
+DEPRECATION_INFO_BOUNDARY to a value older than the cloud-init version at which
+these logs were first introduced (24.3). Please see the documentation for
+log_with_downgradable_level().
+
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+(cherry picked from commit 38acce473626dc749dfb8bf3602e294df554c781)
+Signed-off-by: Amy Chen <xiachen@redhat.com>
+---
+ cloudinit/distros/__init__.py | 30 ++++++++++++++++++++----------
+ 1 file changed, 20 insertions(+), 10 deletions(-)
+
+diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py
+index 34c0836e8..020d2201d 100644
+--- a/cloudinit/distros/__init__.py
+++ b/cloudinit/distros/__init__.py
+@@ -50,6 +50,7 @@ from cloudinit.distros.package_management.package_manager import PackageManager
+ from cloudinit.distros.package_management.utils import known_package_managers
+ from cloudinit.distros.parsers import hosts
+ from cloudinit.features import ALLOW_EC2_MIRRORS_ON_NON_AWS_INSTANCE_TYPES
+from cloudinit.lifecycle import log_with_downgradable_level
+ from cloudinit.net import activators, dhcp, renderers
+ from cloudinit.net.netops import NetOps
+ from cloudinit.net.network_state import parse_net_config_data
+@@ -900,10 +901,13 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta):
+                     password_key = "passwd"
+                     # Only "plain_text_passwd" and "hashed_passwd"
+                     # are valid for an existing user.
+-                    LOG.warning(
+-                        "'passwd' in user-data is ignored for existing "
+-                        "user %s",
+-                        name,
+                    log_with_downgradable_level(
+                        logger=LOG,
+                        version="24.3",
+                        requested_level=logging.WARNING,
+                        msg="'passwd' in user-data is ignored "
+                        "for existing user %s",
+                        args=name,
+                     )
+ 
+                 # As no password specified for the existing user in user-data
+@@ -941,20 +945,26 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta):
+         elif pre_existing_user:
+             # Pre-existing user with no existing password and none
+             # explicitly set in user-data.
+-            LOG.warning(
+-                "Not unlocking blank password for existing user %s."
+            log_with_downgradable_level(
+                logger=LOG,
+                version="24.3",
+                requested_level=logging.WARNING,
+                msg="Not unlocking blank password for existing user %s."
+                 " 'lock_passwd: false' present in user-data but no existing"
+                 " password set and no 'plain_text_passwd'/'hashed_passwd'"
+                 " provided in user-data",
+-                name,
+                args=name,
+             )
+         else:
+             # No password (whether blank or otherwise) explicitly set
+-            LOG.warning(
+-                "Not unlocking password for user %s. 'lock_passwd: false'"
+            log_with_downgradable_level(
+                logger=LOG,
+                version="24.3",
+                requested_level=logging.WARNING,
+                msg="Not unlocking password for user %s. 'lock_passwd: false'"
+                 " present in user-data but no 'passwd'/'plain_text_passwd'/"
+                 "'hashed_passwd' provided in user-data",
+-                name,
+                args=name,
+             )
+ 
+         # Configure doas access
+-- 
+2.39.3
+
--- a/ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch
+++ b/ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch
@ -0,0 +1,144 @@
+From fc1aca512f20e1cd00720e3ae31709514b7c8964 Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Sat, 15 Feb 2025 01:54:31 +0530
+Subject: [PATCH 2/2] net/sysconfig: do not remove all existing settings of
+ /etc/sysconfig/network (#5991)
+
+RH-Author: Ani Sinha <anisinha@redhat.com>
+RH-MergeRequest: 123: net/sysconfig: do not remove all existing settings of /etc/sysconfig/network (#5991)
+RH-Jira: RHEL-79727
+RH-Acked-by: xiachen <xiachen@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+RH-Commit: [1/1] 71abe4a85220193e2c9bfaf248d79ba4fa3b485b (anisinha/cloud-init)
+
+In some distros, /etc/sysconfig/network may have important configurations that
+are necessary for the instance to come up. For example, centos based distros
+write NOZEROCONF=yes in /etc/sysconfig/network for some instances that require
+zeroconf to be disabled. Removing these customizations would prevent the
+instance to come up. So leave the customizations in /etc/sysconfig/network
+intact except those that we are interested in.
+
+Fixes GH-5990
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+(cherry picked from commit fa331315d22f4bbe33320485e89a02bb2f695fbf)
+---
+ cloudinit/net/sysconfig.py                | 18 +++++++
+ tests/unittests/distros/test_netconfig.py | 62 ++++++++++++++++++++++-
+ 2 files changed, 78 insertions(+), 2 deletions(-)
+
+diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
+index 2151db3ab..bce307286 100644
+--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
+@@ -1119,6 +1119,24 @@ class Renderer(renderer.Renderer):
+             if network_state.use_ipv6:
+                 netcfg.append("NETWORKING_IPV6=yes")
+                 netcfg.append("IPV6_AUTOCONF=no")
+
+            # if sysconfig file exists and is not empty, append rest of the
+            # file content, do not remove the exsisting customizations.
+            if os.path.exists(sysconfig_path):
+                for line in util.load_text_file(sysconfig_path).splitlines():
+                    if (
+                        not any(
+                            setting in line
+                            for setting in [
+                                "NETWORKING",
+                                "NETWORKING_IPV6",
+                                "IPV6_AUTOCONF",
+                            ]
+                        )
+                        and line not in _make_header().splitlines()
+                    ):
+                        netcfg.append(line)
+
+             util.write_file(
+                 sysconfig_path, "\n".join(netcfg) + "\n", file_mode
+             )
+diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
+index 3768623f2..72887252d 100644
+--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
+@@ -691,12 +691,16 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
+         return "/etc/sysconfig/network"
+ 
+     def _apply_and_verify(
+-        self, apply_fn, config, expected_cfgs=None, bringup=False
+        self,
+        apply_fn,
+        config,
+        expected_cfgs=None,
+        bringup=False,
+        tmpd=None,
+     ):
+         if not expected_cfgs:
+             raise ValueError("expected_cfg must not be None")
+ 
+-        tmpd = None
+         with mock.patch("cloudinit.net.sysconfig.available") as m_avail:
+             m_avail.return_value = True
+             with self.reRooted(tmpd) as tmpd:
+@@ -789,6 +793,60 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
+             expected_cfgs=expected_cfgs.copy(),
+         )
+ 
+    def test_sysconfig_network_no_overwite_ipv6_rh(self):
+        expected_cfgs = {
+            self.ifcfg_path("eth0"): dedent(
+                """\
+                AUTOCONNECT_PRIORITY=120
+                BOOTPROTO=none
+                DEFROUTE=yes
+                DEVICE=eth0
+                IPV6ADDR=2607:f0d0:1002:0011::2/64
+                IPV6INIT=yes
+                IPV6_AUTOCONF=no
+                IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
+                IPV6_FORCE_ACCEPT_RA=no
+                ONBOOT=yes
+                TYPE=Ethernet
+                USERCTL=no
+                """
+            ),
+            self.ifcfg_path("eth1"): dedent(
+                """\
+                AUTOCONNECT_PRIORITY=120
+                BOOTPROTO=dhcp
+                DEVICE=eth1
+                ONBOOT=yes
+                TYPE=Ethernet
+                USERCTL=no
+                """
+            ),
+            self.control_path(): dedent(
+                """\
+                NETWORKING=yes
+                NETWORKING_IPV6=yes
+                IPV6_AUTOCONF=no
+                NOZEROCONF=yes
+                """
+            ),
+        }
+        tmpdir = self.tmp_dir()
+        file_mode = 0o644
+        # pre-existing config in /etc/sysconfig/network should not be removed
+        with self.reRooted(tmpdir) as tmpdir:
+            util.write_file(
+                self.control_path(),
+                "".join("NOZEROCONF=yes") + "\n",
+                file_mode,
+            )
+
+        self._apply_and_verify(
+            self.distro.apply_network_config,
+            V1_NET_CFG_IPV6,
+            expected_cfgs=expected_cfgs.copy(),
+            tmpd=tmpdir,
+        )
+
+     def test_vlan_render_unsupported(self):
+         """Render officially unsupported vlan names."""
+         cfg = {
+-- 
+2.39.3
+
--- a/cloud-init.spec
+++ b/cloud-init.spec
@ -6,7 +6,7 @@

 Name:           cloud-init
 Version:        24.4
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Cloud instance init scripts
 License:        Apache-2.0 OR GPL-3.0-only
 URL:            https://github.com/canonical/cloud-init
@ -20,6 +20,10 @@ Patch4: 0005-downstream-Revert-chore-eliminate-redundant-ordering.patch
 Patch5: 0006-downstream-remove-single-process-optimization.patch
 Patch6: 0007-fix-don-t-deadlock-when-starting-network-service-wit.patch
 Patch7: 0001-downstream-Created-.distro-directory.patch
+# For RHEL-73667 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10]
+Patch8: ci-Use-log_with_downgradable_level-for-user-password-wa.patch
+# For RHEL-79727 - [c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network
+Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch

 BuildArch:      noarch

@ -225,6 +229,14 @@ fi


 %changelog
+* Mon Feb 17 2025 Miroslav Rezanina <mrezanin@redhat.com> - 24.4-3
+- ci-Use-log_with_downgradable_level-for-user-password-wa.patch [RHEL-73667]
+- ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch [RHEL-79727]
+- Resolves: RHEL-73667
+  (Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10])
+- Resolves: RHEL-79727
+  ([c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network)
+
 * Wed Feb 05 2025 Miroslav Rezanina <mrezanin@redhat.com> - 24.4-2
 - Fix config missed on rebase [RHEL-77206]
 - Resolves: RHEL-77206