Enabling DHCPv6 by default on EC2 leads to instance with broken IPv6
connectivity. AWS provides the IP address via DHCPv6 and SLAAC, but
router advertisements are not accepted if the instance has DHCPv6
configured. The accept_ra value is set to 0.
Removing the `dhcp` option from `ipv6.method` and simply using `auto`
(the default) allows the instance to pick up its IPv6 address and accept
router advertisements from the AWS network.
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2092459
Pagure: https://pagure.io/cloud-sig/issue/382
Upstream: https://bugs.launchpad.net/cloud-init/+bug/1976526?comments=all
Signed-off-by: Major Hayden <major@redhat.com>
Canonical switched to GitHub as their "canonical" source for cloud-init
and the forge macros make RPM maintenance a little simpler.
Signed-off-by: Major Hayden <major@redhat.com>
This lays down a file that sets `no-auto-default=*`, which
tells NetworkManager to not bring up any interfaces by default
without explicit configuration. This causes networking to not
be brought up at all if somehow no NM connection file got created.
This is the first step for rebasing cloud-init to 21.3. All patches are
rebased, old patches that are already on the release were deleted.
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
RHEL default configuration file was on the repo but not listed on the
SRPM. Adding it via patch referenced on the spec file.
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
This is the first step for rebasing cloud-init to 20.4. All patches are
rebased, old patches that are already on the release were deleted.
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
BZ: 1869757
commit 9e3ac98097ed1c7f49ec8975a40aec7229231aae
Author: Louis Bouchard <bouchard.louis@gmail.com>
Date: Wed Jan 29 16:55:09 2020 +0100
Scaleway: Fix DatasourceScaleway to avoid backtrace (#128)
Make sure network_config is created when self._network_config is unset.
Co-authored-by: Scott Moser <smoser@brickies.net>
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
Patch file references from commit 34fecf9a "Backport for CVE-2020-8631
and CVE-2020-8632" were missing on spec file.
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
This commit backports the upstream commits for the CVEs:
- CVE-2020-8632 cloud-init: Too short random password length in
cc_set_password in config/cc_set_passwords.py
<https://bugzilla.redhat.com/show_bug.cgi?id=1798729>
./cloud-init-19.4-cc_set_password-increase-random-pwlength-from-9-to-2.patch
- CVE-2020-8631 cloud-init: Use of random.choice when generating random
password
<https://bugzilla.redhat.com/show_bug.cgi?id=1798732>
./cloud-init-19.4-utils-use-SystemRandom-when-generating-random-passwo.patch
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
The following two files are now being delivered by cloud-init in
19.4. I looked at them and they look harmless enough so might as
well include them.
- /usr/bin/cloud-id
- /usr/share/bash-completion/completions/cloud-init
The unittests started failing because of upstream commit
7c07af2 where cloud-init can now support using `usermod` to
lock an account if `passwd` isn't installed. Since `passwd`
wasn't installed in our mock buildroot it was choosing to
use `usermod` and the unittests were failing.
See: https://github.com/canonical/cloud-init/commit/7c07af2
