From f3f5e0997ab2adcd2331ac901d6ca7df6e27f203 Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Mon, 17 Feb 2025 02:46:57 -0500 Subject: [PATCH] * Mon Feb 17 2025 Miroslav Rezanina - 24.4-3 - ci-Use-log_with_downgradable_level-for-user-password-wa.patch [RHEL-73667] - ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch [RHEL-79727] - Resolves: RHEL-73667 (Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10]) - Resolves: RHEL-79727 ([c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network) --- ...ngradable_level-for-user-password-wa.patch | 98 ++++++++++++ ...-not-remove-all-existing-settings-of.patch | 144 ++++++++++++++++++ cloud-init.spec | 14 +- 3 files changed, 255 insertions(+), 1 deletion(-) create mode 100644 ci-Use-log_with_downgradable_level-for-user-password-wa.patch create mode 100644 ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch diff --git a/ci-Use-log_with_downgradable_level-for-user-password-wa.patch b/ci-Use-log_with_downgradable_level-for-user-password-wa.patch new file mode 100644 index 0000000..75a2f16 --- /dev/null +++ b/ci-Use-log_with_downgradable_level-for-user-password-wa.patch @@ -0,0 +1,98 @@ +From d654256e2717706f684863c6a4c9e56bc668cebf Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Fri, 10 Jan 2025 23:32:52 +0530 +Subject: [PATCH 1/2] Use log_with_downgradable_level for user password + warnings (#5927) + +RH-Author: xiachen +RH-MergeRequest: 122: Use log_with_downgradable_level for user password warnings (#5927) +RH-Jira: RHEL-73667 +RH-Acked-by: Ani Sinha +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Cathy Avery +RH-Commit: [1/1] da0063558c217cafa87023e4ca3e62925a3a91ce (xiachen/cloud-init-centos) + +Introduction of new WARNING level logs could be problematic for stable +downstream distros. Customers using these distros would then see a new and +unexpected behavior change or a new WARNING log that can confuse them. So for +handling user account passwords, use log_with_downgradable_level() helper api +instead so that downstream distros can maintain stability while also making +progressive changes in upstream towards improved user experience. +Downstream distros can convert these logs to DEBUG level by setting +DEPRECATION_INFO_BOUNDARY to a value older than the cloud-init version at which +these logs were first introduced (24.3). Please see the documentation for +log_with_downgradable_level(). + +Signed-off-by: Ani Sinha +(cherry picked from commit 38acce473626dc749dfb8bf3602e294df554c781) +Signed-off-by: Amy Chen +--- + cloudinit/distros/__init__.py | 30 ++++++++++++++++++++---------- + 1 file changed, 20 insertions(+), 10 deletions(-) + +diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py +index 34c0836e8..020d2201d 100644 +--- a/cloudinit/distros/__init__.py ++++ b/cloudinit/distros/__init__.py +@@ -50,6 +50,7 @@ from cloudinit.distros.package_management.package_manager import PackageManager + from cloudinit.distros.package_management.utils import known_package_managers + from cloudinit.distros.parsers import hosts + from cloudinit.features import ALLOW_EC2_MIRRORS_ON_NON_AWS_INSTANCE_TYPES ++from cloudinit.lifecycle import log_with_downgradable_level + from cloudinit.net import activators, dhcp, renderers + from cloudinit.net.netops import NetOps + from cloudinit.net.network_state import parse_net_config_data +@@ -900,10 +901,13 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta): + password_key = "passwd" + # Only "plain_text_passwd" and "hashed_passwd" + # are valid for an existing user. +- LOG.warning( +- "'passwd' in user-data is ignored for existing " +- "user %s", +- name, ++ log_with_downgradable_level( ++ logger=LOG, ++ version="24.3", ++ requested_level=logging.WARNING, ++ msg="'passwd' in user-data is ignored " ++ "for existing user %s", ++ args=name, + ) + + # As no password specified for the existing user in user-data +@@ -941,20 +945,26 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta): + elif pre_existing_user: + # Pre-existing user with no existing password and none + # explicitly set in user-data. +- LOG.warning( +- "Not unlocking blank password for existing user %s." ++ log_with_downgradable_level( ++ logger=LOG, ++ version="24.3", ++ requested_level=logging.WARNING, ++ msg="Not unlocking blank password for existing user %s." + " 'lock_passwd: false' present in user-data but no existing" + " password set and no 'plain_text_passwd'/'hashed_passwd'" + " provided in user-data", +- name, ++ args=name, + ) + else: + # No password (whether blank or otherwise) explicitly set +- LOG.warning( +- "Not unlocking password for user %s. 'lock_passwd: false'" ++ log_with_downgradable_level( ++ logger=LOG, ++ version="24.3", ++ requested_level=logging.WARNING, ++ msg="Not unlocking password for user %s. 'lock_passwd: false'" + " present in user-data but no 'passwd'/'plain_text_passwd'/" + "'hashed_passwd' provided in user-data", +- name, ++ args=name, + ) + + # Configure doas access +-- +2.39.3 + diff --git a/ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch b/ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch new file mode 100644 index 0000000..75c5a48 --- /dev/null +++ b/ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch @@ -0,0 +1,144 @@ +From fc1aca512f20e1cd00720e3ae31709514b7c8964 Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Sat, 15 Feb 2025 01:54:31 +0530 +Subject: [PATCH 2/2] net/sysconfig: do not remove all existing settings of + /etc/sysconfig/network (#5991) + +RH-Author: Ani Sinha +RH-MergeRequest: 123: net/sysconfig: do not remove all existing settings of /etc/sysconfig/network (#5991) +RH-Jira: RHEL-79727 +RH-Acked-by: xiachen +RH-Acked-by: Miroslav Rezanina +RH-Commit: [1/1] 71abe4a85220193e2c9bfaf248d79ba4fa3b485b (anisinha/cloud-init) + +In some distros, /etc/sysconfig/network may have important configurations that +are necessary for the instance to come up. For example, centos based distros +write NOZEROCONF=yes in /etc/sysconfig/network for some instances that require +zeroconf to be disabled. Removing these customizations would prevent the +instance to come up. So leave the customizations in /etc/sysconfig/network +intact except those that we are interested in. + +Fixes GH-5990 +Signed-off-by: Ani Sinha +(cherry picked from commit fa331315d22f4bbe33320485e89a02bb2f695fbf) +--- + cloudinit/net/sysconfig.py | 18 +++++++ + tests/unittests/distros/test_netconfig.py | 62 ++++++++++++++++++++++- + 2 files changed, 78 insertions(+), 2 deletions(-) + +diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py +index 2151db3ab..bce307286 100644 +--- a/cloudinit/net/sysconfig.py ++++ b/cloudinit/net/sysconfig.py +@@ -1119,6 +1119,24 @@ class Renderer(renderer.Renderer): + if network_state.use_ipv6: + netcfg.append("NETWORKING_IPV6=yes") + netcfg.append("IPV6_AUTOCONF=no") ++ ++ # if sysconfig file exists and is not empty, append rest of the ++ # file content, do not remove the exsisting customizations. ++ if os.path.exists(sysconfig_path): ++ for line in util.load_text_file(sysconfig_path).splitlines(): ++ if ( ++ not any( ++ setting in line ++ for setting in [ ++ "NETWORKING", ++ "NETWORKING_IPV6", ++ "IPV6_AUTOCONF", ++ ] ++ ) ++ and line not in _make_header().splitlines() ++ ): ++ netcfg.append(line) ++ + util.write_file( + sysconfig_path, "\n".join(netcfg) + "\n", file_mode + ) +diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py +index 3768623f2..72887252d 100644 +--- a/tests/unittests/distros/test_netconfig.py ++++ b/tests/unittests/distros/test_netconfig.py +@@ -691,12 +691,16 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + return "/etc/sysconfig/network" + + def _apply_and_verify( +- self, apply_fn, config, expected_cfgs=None, bringup=False ++ self, ++ apply_fn, ++ config, ++ expected_cfgs=None, ++ bringup=False, ++ tmpd=None, + ): + if not expected_cfgs: + raise ValueError("expected_cfg must not be None") + +- tmpd = None + with mock.patch("cloudinit.net.sysconfig.available") as m_avail: + m_avail.return_value = True + with self.reRooted(tmpd) as tmpd: +@@ -789,6 +793,60 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase): + expected_cfgs=expected_cfgs.copy(), + ) + ++ def test_sysconfig_network_no_overwite_ipv6_rh(self): ++ expected_cfgs = { ++ self.ifcfg_path("eth0"): dedent( ++ """\ ++ AUTOCONNECT_PRIORITY=120 ++ BOOTPROTO=none ++ DEFROUTE=yes ++ DEVICE=eth0 ++ IPV6ADDR=2607:f0d0:1002:0011::2/64 ++ IPV6INIT=yes ++ IPV6_AUTOCONF=no ++ IPV6_DEFAULTGW=2607:f0d0:1002:0011::1 ++ IPV6_FORCE_ACCEPT_RA=no ++ ONBOOT=yes ++ TYPE=Ethernet ++ USERCTL=no ++ """ ++ ), ++ self.ifcfg_path("eth1"): dedent( ++ """\ ++ AUTOCONNECT_PRIORITY=120 ++ BOOTPROTO=dhcp ++ DEVICE=eth1 ++ ONBOOT=yes ++ TYPE=Ethernet ++ USERCTL=no ++ """ ++ ), ++ self.control_path(): dedent( ++ """\ ++ NETWORKING=yes ++ NETWORKING_IPV6=yes ++ IPV6_AUTOCONF=no ++ NOZEROCONF=yes ++ """ ++ ), ++ } ++ tmpdir = self.tmp_dir() ++ file_mode = 0o644 ++ # pre-existing config in /etc/sysconfig/network should not be removed ++ with self.reRooted(tmpdir) as tmpdir: ++ util.write_file( ++ self.control_path(), ++ "".join("NOZEROCONF=yes") + "\n", ++ file_mode, ++ ) ++ ++ self._apply_and_verify( ++ self.distro.apply_network_config, ++ V1_NET_CFG_IPV6, ++ expected_cfgs=expected_cfgs.copy(), ++ tmpd=tmpdir, ++ ) ++ + def test_vlan_render_unsupported(self): + """Render officially unsupported vlan names.""" + cfg = { +-- +2.39.3 + diff --git a/cloud-init.spec b/cloud-init.spec index 3430f23..9e042bd 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -6,7 +6,7 @@ Name: cloud-init Version: 24.4 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Cloud instance init scripts License: Apache-2.0 OR GPL-3.0-only URL: https://github.com/canonical/cloud-init @@ -20,6 +20,10 @@ Patch4: 0005-downstream-Revert-chore-eliminate-redundant-ordering.patch Patch5: 0006-downstream-remove-single-process-optimization.patch Patch6: 0007-fix-don-t-deadlock-when-starting-network-service-wit.patch Patch7: 0001-downstream-Created-.distro-directory.patch +# For RHEL-73667 - Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10] +Patch8: ci-Use-log_with_downgradable_level-for-user-password-wa.patch +# For RHEL-79727 - [c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network +Patch9: ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch BuildArch: noarch @@ -225,6 +229,14 @@ fi %changelog +* Mon Feb 17 2025 Miroslav Rezanina - 24.4-3 +- ci-Use-log_with_downgradable_level-for-user-password-wa.patch [RHEL-73667] +- ci-net-sysconfig-do-not-remove-all-existing-settings-of.patch [RHEL-79727] +- Resolves: RHEL-73667 + (Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [rhel-10]) +- Resolves: RHEL-79727 + ([c10s] cloud-init remove 'NOZEROCONF=yes' from /etc/sysconfig/network) + * Wed Feb 05 2025 Miroslav Rezanina - 24.4-2 - Fix config missed on rebase [RHEL-77206] - Resolves: RHEL-77206