- tests/unittests: add a new unit test for network manager net

activator
- rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
 in cloud.cfg
- net/nm: check for presence of ifcfg files when nm connection
 files are absent

SOURCES/0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch

@@ -0,0 +1,482 @@
+From 1eb69f434883ca685c5ee6136203f28231e18039 Mon Sep 17 00:00:00 2001
+From: Elkhan Mammadli <elkhan.mammadli@protonmail.com>
+Date: Tue, 10 Oct 2023 02:11:23 +0400
+Subject: [PATCH 1/1] Improvements for AlmaLinux OS and CloudLinux OS
+
+Add AlmaLinux OS and CloudLinux OS support to:
+
+Modules:
+- cc_ca_certs
+- cc_ntp
+- cc_resolv_conf
+
+Datasources:
+- Rbx Cloud Datasource
+
+Systemd services:
+- cloud-config.service
+- cloud-final.service
+- cloud-init-local.service
+- cloud-init.service
+
+Signed-off-by: Elkhan Mammadli <elkhan.mammadli@protonmail.com>
+---
+ cloudinit/config/cc_ca_certs.py         |  8 ++++
+ cloudinit/config/cc_ntp.py              | 11 ++---
+ cloudinit/config/cc_resolv_conf.py      |  2 +
+ cloudinit/settings.py                   |  2 +-
+ cloudinit/sources/DataSourceRbxCloud.py |  2 +-
+ systemd/cloud-config.service.tmpl       |  2 +-
+ systemd/cloud-final.service.tmpl        |  4 +-
+ systemd/cloud-init-local.service.tmpl   | 12 ++---
+ systemd/cloud-init.service.tmpl         |  4 +-
+ templates/chrony.conf.almalinux.tmpl    | 45 ++++++++++++++++++
+ templates/chrony.conf.cloudlinux.tmpl   | 45 ++++++++++++++++++
+ templates/ntp.conf.almalinux.tmpl       | 61 +++++++++++++++++++++++++
+ templates/ntp.conf.cloudlinux.tmpl      | 61 +++++++++++++++++++++++++
+ 13 files changed, 238 insertions(+), 21 deletions(-)
+ create mode 100644 templates/chrony.conf.almalinux.tmpl
+ create mode 100644 templates/chrony.conf.cloudlinux.tmpl
+ create mode 100644 templates/ntp.conf.almalinux.tmpl
+ create mode 100644 templates/ntp.conf.cloudlinux.tmpl
+
+diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
+index 4dc0868..1665d30 100644
+--- a/cloudinit/config/cc_ca_certs.py
++++ b/cloudinit/config/cc_ca_certs.py
+@@ -51,6 +51,12 @@ for distro in (
+ ):
+     DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"]
+ 
++for distro in (
++    "almalinux",
++    "cloudlinux",
++):
++    DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["rhel"]
++
+ MODULE_DESCRIPTION = """\
+ This module adds CA certificates to the system's CA store and updates any
+ related files using the appropriate OS-specific utility. The default CA
+@@ -66,6 +72,8 @@ configuration option ``remove_defaults``.
+     order to provide the ``update-ca-certificates`` command.
+ """
+ distros = [
++    "almalinux",
++    "cloudlinux",
+     "alpine",
+     "debian",
+     "rhel",
+diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py
+index b5620f3..eae4099 100644
+--- a/cloudinit/config/cc_ntp.py
++++ b/cloudinit/config/cc_ntp.py
+@@ -110,14 +110,6 @@ DISTRO_CLIENT_CONFIG = {
+             "service_name": "ntpd",
+         },
+     },
+-    "centos": {
+-        "ntp": {
+-            "service_name": "ntpd",
+-        },
+-        "chrony": {
+-            "service_name": "chronyd",
+-        },
+-    },
+     "cos": {
+         "chrony": {
+             "service_name": "chronyd",
+@@ -225,6 +217,9 @@ DISTRO_CLIENT_CONFIG = {
+ for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"):
+     DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["opensuse"]
+ 
++for distro in ("almalinux", "centos", "cloudlinux"):
++    DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"]
++
+ for distro in ("sle_hpc", "sle-micro"):
+     DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"]
+ 
+diff --git a/cloudinit/config/cc_resolv_conf.py b/cloudinit/config/cc_resolv_conf.py
+index 4629ca7..21057a1 100644
+--- a/cloudinit/config/cc_resolv_conf.py
++++ b/cloudinit/config/cc_resolv_conf.py
+@@ -58,7 +58,9 @@ meta: MetaSchema = {
+     "title": "Configure resolv.conf",
+     "description": MODULE_DESCRIPTION,
+     "distros": [
++        "almalinux",
+         "alpine",
++        "cloudlinux",
+         "fedora",
+         "mariner",
+         "opensuse",
+diff --git a/cloudinit/settings.py b/cloudinit/settings.py
+index a36c518..9f0a5f4 100644
+--- a/cloudinit/settings.py
++++ b/cloudinit/settings.py
+@@ -62,7 +62,7 @@ CFG_BUILTIN = {
+             "cloud_dir": "/var/lib/cloud",
+             "templates_dir": "/etc/cloud/templates/",
+         },
+-        "distro": "rhel",
++        "distro": "almalinux",
+         "network": {"renderers": None},
+     },
+     "vendor_data": {"enabled": True, "prefix": []},
+diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py
+index 6890562..0b3c80c 100644
+--- a/cloudinit/sources/DataSourceRbxCloud.py
++++ b/cloudinit/sources/DataSourceRbxCloud.py
+@@ -60,7 +60,7 @@ def _sub_arp(cmd):
+ 
+ def gratuitous_arp(items, distro):
+     source_param = "-S"
+-    if distro.name in ["fedora", "centos", "rhel"]:
++    if distro.name in ["almalinux", "fedora", "centos", "cloudlinux", "rhel"]:
+         source_param = "-s"
+     for item in items:
+         try:
+diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
+index d5568a6..a4d6038 100644
+--- a/systemd/cloud-config.service.tmpl
++++ b/systemd/cloud-config.service.tmpl
+@@ -4,7 +4,7 @@ Description=Apply the settings specified in cloud-config
+ After=network-online.target cloud-config.target
+ After=snapd.seeded.service
+ Wants=network-online.target cloud-config.target
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ ConditionKernelCommandLine=!cloud-init=disabled
+ {% endif %}
+diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
+index 85f423a..578c7f4 100644
+--- a/systemd/cloud-final.service.tmpl
++++ b/systemd/cloud-final.service.tmpl
+@@ -7,7 +7,7 @@ After=multi-user.target
+ Before=apt-daily.service
+ {% endif %}
+ Wants=network-online.target cloud-config.service
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ ConditionKernelCommandLine=!cloud-init=disabled
+ {% endif %}
+@@ -19,7 +19,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
+ RemainAfterExit=yes
+ TimeoutSec=0
+ KillMode=process
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ # Restart NetworkManager if it is present and running.
+ ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
+  out=$(systemctl show --property=SubState $u) || exit; \
+diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
+index 6f3f9d8..f5521c4 100644
+--- a/systemd/cloud-init-local.service.tmpl
++++ b/systemd/cloud-init-local.service.tmpl
+@@ -1,23 +1,23 @@
+ ## template:jinja
+ [Unit]
+ Description=Initial cloud-init job (pre-networking)
+-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
++{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel" ] %}
+ DefaultDependencies=no
+ {% endif %}
+ Wants=network-pre.target
+ After=hv_kvp_daemon.service
+ After=systemd-remount-fs.service
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ Requires=dbus.socket
+ After=dbus.socket
+ {% endif %}
+ Before=NetworkManager.service
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ Before=network.service
+ {% endif %}
+ Before=network-pre.target
+ Before=shutdown.target
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ Before=firewalld.target
+ Conflicts=shutdown.target
+ {% endif %}
+@@ -26,14 +26,14 @@ Before=sysinit.target
+ Conflicts=shutdown.target
+ {% endif %}
+ RequiresMountsFor=/var/lib/cloud
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ ConditionKernelCommandLine=!cloud-init=disabled
+ {% endif %}
+ 
+ [Service]
+ Type=oneshot
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ ExecStartPre=/bin/mkdir -p /run/cloud-init
+ ExecStartPre=/sbin/restorecon /run/cloud-init
+ ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
+diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
+index 1b1f9a8..875555d 100644
+--- a/systemd/cloud-init.service.tmpl
++++ b/systemd/cloud-init.service.tmpl
+@@ -1,7 +1,7 @@
+ ## template:jinja
+ [Unit]
+ Description=Initial cloud-init job (metadata service crawler)
+-{% if variant not in ["photon", "rhel"] %}
++{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %}
+ DefaultDependencies=no
+ {% endif %}
+ Wants=cloud-init-local.service
+@@ -39,7 +39,7 @@ Before=shutdown.target
+ Conflicts=shutdown.target
+ {% endif %}
+ Before=systemd-user-sessions.service
+-{% if variant == "rhel" %}
++{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
+ ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ ConditionKernelCommandLine=!cloud-init=disabled
+ {% endif %}
+diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl
+new file mode 100644
+index 0000000..5b3542e
+--- /dev/null
++++ b/templates/chrony.conf.almalinux.tmpl
+@@ -0,0 +1,45 @@
++## template:jinja
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++
++# Record the rate at which the system clock gains/losses time.
++driftfile /var/lib/chrony/drift
++
++# Allow the system clock to be stepped in the first three updates
++# if its offset is larger than 1 second.
++makestep 1.0 3
++
++# Enable kernel synchronization of the real-time clock (RTC).
++rtcsync
++
++# Enable hardware timestamping on all interfaces that support it.
++#hwtimestamp *
++
++# Increase the minimum number of selectable sources required to adjust
++# the system clock.
++#minsources 2
++
++# Allow NTP client access from local network.
++#allow 192.168.0.0/16
++
++# Serve time even if not synchronized to a time source.
++#local stratum 10
++
++# Specify file containing keys for NTP authentication.
++#keyfile /etc/chrony.keys
++
++# Specify directory for log files.
++logdir /var/log/chrony
++
++# Select which information is logged.
++#log measurements statistics tracking
+diff --git a/templates/chrony.conf.cloudlinux.tmpl b/templates/chrony.conf.cloudlinux.tmpl
+new file mode 100644
+index 0000000..5b3542e
+--- /dev/null
++++ b/templates/chrony.conf.cloudlinux.tmpl
+@@ -0,0 +1,45 @@
++## template:jinja
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++
++# Record the rate at which the system clock gains/losses time.
++driftfile /var/lib/chrony/drift
++
++# Allow the system clock to be stepped in the first three updates
++# if its offset is larger than 1 second.
++makestep 1.0 3
++
++# Enable kernel synchronization of the real-time clock (RTC).
++rtcsync
++
++# Enable hardware timestamping on all interfaces that support it.
++#hwtimestamp *
++
++# Increase the minimum number of selectable sources required to adjust
++# the system clock.
++#minsources 2
++
++# Allow NTP client access from local network.
++#allow 192.168.0.0/16
++
++# Serve time even if not synchronized to a time source.
++#local stratum 10
++
++# Specify file containing keys for NTP authentication.
++#keyfile /etc/chrony.keys
++
++# Specify directory for log files.
++logdir /var/log/chrony
++
++# Select which information is logged.
++#log measurements statistics tracking
+diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl
+new file mode 100644
+index 0000000..62b4776
+--- /dev/null
++++ b/templates/ntp.conf.almalinux.tmpl
+@@ -0,0 +1,61 @@
++## template:jinja
++
++# For more information about this file, see the man pages
++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
++
++driftfile /var/lib/ntp/drift
++
++# Permit time synchronization with our time source, but do not
++# permit the source to query or modify the service on this system.
++restrict default kod nomodify notrap nopeer noquery
++restrict -6 default kod nomodify notrap nopeer noquery
++
++# Permit all access over the loopback interface.  This could
++# be tightened as well, but to do so would effect some of
++# the administrative functions.
++restrict 127.0.0.1 
++restrict -6 ::1
++
++# Hosts on local network are less restricted.
++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
++
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++
++#broadcast 192.168.1.255 autokey	# broadcast server
++#broadcastclient			# broadcast client
++#broadcast 224.0.1.1 autokey		# multicast server
++#multicastclient 224.0.1.1		# multicast client
++#manycastserver 239.255.254.254		# manycast server
++#manycastclient 239.255.254.254 autokey # manycast client
++
++# Enable public key cryptography.
++#crypto
++
++includefile /etc/ntp/crypto/pw
++
++# Key file containing the keys and key identifiers used when operating
++# with symmetric key cryptography. 
++keys /etc/ntp/keys
++
++# Specify the key identifiers which are trusted.
++#trustedkey 4 8 42
++
++# Specify the key identifier to use with the ntpdc utility.
++#requestkey 8
++
++# Specify the key identifier to use with the ntpq utility.
++#controlkey 8
++
++# Enable writing of statistics records.
++#statistics clockstats cryptostats loopstats peerstats
+diff --git a/templates/ntp.conf.cloudlinux.tmpl b/templates/ntp.conf.cloudlinux.tmpl
+new file mode 100644
+index 0000000..62b4776
+--- /dev/null
++++ b/templates/ntp.conf.cloudlinux.tmpl
+@@ -0,0 +1,61 @@
++## template:jinja
++
++# For more information about this file, see the man pages
++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
++
++driftfile /var/lib/ntp/drift
++
++# Permit time synchronization with our time source, but do not
++# permit the source to query or modify the service on this system.
++restrict default kod nomodify notrap nopeer noquery
++restrict -6 default kod nomodify notrap nopeer noquery
++
++# Permit all access over the loopback interface.  This could
++# be tightened as well, but to do so would effect some of
++# the administrative functions.
++restrict 127.0.0.1 
++restrict -6 ::1
++
++# Hosts on local network are less restricted.
++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
++
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++
++#broadcast 192.168.1.255 autokey	# broadcast server
++#broadcastclient			# broadcast client
++#broadcast 224.0.1.1 autokey		# multicast server
++#multicastclient 224.0.1.1		# multicast client
++#manycastserver 239.255.254.254		# manycast server
++#manycastclient 239.255.254.254 autokey # manycast client
++
++# Enable public key cryptography.
++#crypto
++
++includefile /etc/ntp/crypto/pw
++
++# Key file containing the keys and key identifiers used when operating
++# with symmetric key cryptography. 
++keys /etc/ntp/keys
++
++# Specify the key identifiers which are trusted.
++#trustedkey 4 8 42
++
++# Specify the key identifier to use with the ntpdc utility.
++#requestkey 8
++
++# Specify the key identifier to use with the ntpq utility.
++#controlkey 8
++
++# Enable writing of statistics records.
++#statistics clockstats cryptostats loopstats peerstats
+-- 
+2.41.0
+

SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch

@@ -0,0 +1,60 @@
+From 5d6674508c6478fa2ca3d8c5d39b533a0bbb317a Mon Sep 17 00:00:00 2001
+From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+Date: Thu, 20 May 2021 08:53:55 +0200
+Subject: [PATCH] rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
+ in cloud.cfg
+
+RH-Author: Ani Sinha <None>
+RH-MergeRequest: 113: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
+RH-Jira: RHEL-16572
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+RH-Commit: [1/1] f506bf58dc5458f50624342ec33bcd390aa0b719 (anisinha/rhel-cloud-init)
+
+RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
+RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f
+RH-Bugzilla: 1957532
+RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
+RH-Acked-by: Cathy Avery <cavery@redhat.com>
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
+
+Currently genkeytypes in cloud.cfg is set to None, so together with
+ssh_deletekeys=1 cloudinit on first boot it will just delete the existing
+keys and not generate new ones.
+
+Just removing that property in cloud.cfg is not enough, because
+settings.py provides another empty default value that will be used
+instead, resulting to no key generated even when the property is not defined.
+
+Removing genkeytypes also in settings.py will default to GENERATE_KEY_NAMES,
+but since we want only 'rsa', 'ecdsa' and 'ed25519', add back genkeytypes in
+cloud.cfg with the above defaults.
+
+Also remove ssh_deletekeys in settings.py as we always need
+to 1 (and it also defaults to 1).
+
+Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+(cherry picked from commit b545a0cbabe8924d048b7172b30e7aad59ed32d5)
+(cherry picked from commit 855dec5dcc0892c0f7cedf06b025a794769a2a8d)
+---
+ cloudinit/settings.py | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/cloudinit/settings.py b/cloudinit/settings.py
+index a36c518d..859ad546 100644
+--- a/cloudinit/settings.py
++++ b/cloudinit/settings.py
+@@ -55,8 +55,6 @@ CFG_BUILTIN = {
+     "log_cfgs": [],
+     "syslog_fix_perms": [],
+     "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
+-    "ssh_deletekeys": False,
+-    "ssh_genkeytypes": [],
+     "system_info": {
+         "paths": {
+             "cloud_dir": "/var/lib/cloud",
+-- 
+2.41.0
+

SOURCES/net-nm-check-for-presence-of-ifcfg.patch

@@ -0,0 +1,112 @@
+From d1d5166895da471cff3606c70d4e8ab6eec1c006 Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Thu, 7 Dec 2023 02:39:51 +0530
+Subject: [PATCH] net/nm: check for presence of ifcfg files when nm connection
+ files are absent (#4645)
+
+On systems that use network manager to manage connections and activate network
+interfaces, they may also use ifcfg files for configuring
+interfaces using ifcfg-rh network manager plugin. When network manager is used
+as the activator, we need to also check for the presence of ifcfg interface
+config file when the network manager connection file is absent and if ifcfg-rh
+plugin is present.
+Hence, with this change, network manager activator first tries to use network
+manager connection files to bring up or bring down the interface. If the
+connection files are not present and if ifcfg-rh plugin is present, it tries to
+use ifcfg files for the interface. If the plugin or the ifcfg files are not
+present, the activator fails to activate or deactivate the interface and it
+bails out with warning log.
+
+Fixes: GH-4640
+
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+---
+ cloudinit/net/activators.py      |  7 +++++++
+ cloudinit/net/network_manager.py | 33 ++++++++++++++++++++++++++++++--
+ 2 files changed, 38 insertions(+), 2 deletions(-)
+
+diff --git a/cloudinit/net/activators.py b/cloudinit/net/activators.py
+index e69da40d371..dd85886212c 100644
+--- a/cloudinit/net/activators.py
++++ b/cloudinit/net/activators.py
+@@ -135,6 +135,13 @@ class NetworkManagerActivator(NetworkActivator):
+         from cloudinit.net.network_manager import conn_filename
+ 
+         filename = conn_filename(device_name)
++        if filename is None:
++            LOG.warning(
++                "Unable to find an interface config file. "
++                "Unable to bring up interface."
++            )
++            return False
++
+         cmd = ["nmcli", "connection", "load", filename]
+         if _alter_interface(cmd, device_name):
+             cmd = ["nmcli", "connection", "up", "filename", filename]
+diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
+index 8a99eb3a1c5..76a0ac15eaa 100644
+--- a/cloudinit/net/network_manager.py
++++ b/cloudinit/net/network_manager.py
+@@ -17,10 +17,12 @@ from cloudinit import log as logging
+ from cloudinit import subp, util
+ from cloudinit.net import is_ipv6_address, renderer, subnet_is_ipv6
+ from cloudinit.net.network_state import NetworkState
++from cloudinit.net.sysconfig import available_nm_ifcfg_rh
+ 
+ NM_RUN_DIR = "/etc/NetworkManager"
+ NM_LIB_DIR = "/usr/lib/NetworkManager"
+ NM_CFG_FILE = "/etc/NetworkManager/NetworkManager.conf"
++IFCFG_CFG_FILE = "/etc/sysconfig/network-scripts"
+ NM_IPV6_ADDR_GEN_CONF = """# This is generated by cloud-init. Do not edit.
+ #
+ [.config]
+@@ -374,7 +376,7 @@ class Renderer(renderer.Renderer):
+         for con_id, conn in self.connections.items():
+             if not conn.valid():
+                 continue
+-            name = conn_filename(con_id, target)
++            name = nm_conn_filename(con_id, target)
+             util.write_file(name, conn.dump(), 0o600)
+ 
+         # Select EUI64 to be used by default by NM for creating the address
+@@ -384,12 +386,39 @@ class Renderer(renderer.Renderer):
+         )
+ 
+ 
+-def conn_filename(con_id, target=None):
++def nm_conn_filename(con_id, target=None):
+     target_con_dir = subp.target_path(target, NM_RUN_DIR)
+     con_file = f"cloud-init-{con_id}.nmconnection"
+     return f"{target_con_dir}/system-connections/{con_file}"
+ 
+ 
++def sysconfig_conn_filename(devname, target=None):
++    target_con_dir = subp.target_path(target, IFCFG_CFG_FILE)
++    con_file = f"ifcfg-{devname}"
++    return f"{target_con_dir}/{con_file}"
++
++
++def conn_filename(devname):
++    """
++    This function returns the name of the interface config file.
++    It first checks for presence of network manager connection file.
++    If absent and ifcfg-rh plugin for network manager is available,
++    it returns the name of the ifcfg file if it is present. If the
++    plugin is not present or the plugin is present but ifcfg file is
++    not, it returns None.
++    This function is called from NetworkManagerActivator class in
++    activators.py.
++    """
++    conn_file = nm_conn_filename(devname)
++    # If the network manager connection file is absent, also check for
++    # presence of ifcfg files for the same interface (if nm-ifcfg-rh plugin is
++    # present, network manager can handle ifcfg files). If both network manager
++    # connection file and ifcfg files are absent, return None.
++    if not os.path.isfile(conn_file) and available_nm_ifcfg_rh():
++        conn_file = sysconfig_conn_filename(devname)
++    return conn_file if os.path.isfile(conn_file) else None
++
++
+ def cloud_init_nm_conf_filename(target=None):
+     target_con_dir = subp.target_path(target, NM_RUN_DIR)
+     conf_file = "30-cloud-init-ip6-addr-gen-mode.conf"

SOURCES/tests-unittests-add-a-new-unit-test.patch

@@ -0,0 +1,129 @@
+From bb474df78bfe45ea5f05907eb710e8d5de764fc8 Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Thu, 7 Dec 2023 21:03:13 +0530
+Subject: [PATCH] tests/unittests: add a new unit test for network manager net
+ activator (#4672)
+
+Some changes in behavior in network manager net activator was brought in with
+the commit
+d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent")
+
+This change adds some unit tests that exercizes network manager activator's
+bring_up_interface() method that tests failure scenarios as well as cases
+where an ifcfg file is used to bring the interface up.
+
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+---
+ tests/unittests/test_net_activators.py | 103 +++++++++++++++++++++++++
+ 1 file changed, 103 insertions(+)
+
+diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py
+index 2a363ec415b..d53701efafb 100644
+--- a/tests/unittests/test_net_activators.py
++++ b/tests/unittests/test_net_activators.py
+@@ -347,3 +347,105 @@ class TestActivatorsBringDown:
+         activator.bring_down_all_interfaces(network_state)
+         for call in m_subp.call_args_list:
+             assert call in expected_call_list
++
++class TestNetworkManagerActivatorBringUp:
++    @patch("cloudinit.subp.subp", return_value=("", ""))
++    @patch(
++        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
++        return_value=True,
++    )
++    @patch("os.path.isfile")
++    @patch("os.path.exists", return_value=True)
++    def test_bring_up_interface_no_nm_conn(
++        self, m_exists, m_isfile, m_plugin, m_subp
++    ):
++        """
++        There is no network manager connection file but ifcfg-rh plugin is
++        present and ifcfg interface config files are also present. In this
++        case, we should use ifcfg files.
++        """
++
++        def fake_isfile_no_nmconn(filename):
++            return False if filename.endswith(".nmconnection") else True
++
++        m_isfile.side_effect = fake_isfile_no_nmconn
++
++        expected_call_list = [
++            (
++                (
++                    [
++                        "nmcli",
++                        "connection",
++                        "load",
++                        "".join(
++                            [
++                                "/etc/sysconfig/network-scripts/ifcfg-eth0",
++                            ]
++                        ),
++                    ],
++                ),
++                {},
++            ),
++            (
++                (
++                    [
++                        "nmcli",
++                        "connection",
++                        "up",
++                        "filename",
++                        "".join(
++                            [
++                                "/etc/sysconfig/network-scripts/ifcfg-eth0",
++                            ]
++                        ),
++                    ],
++                ),
++                {},
++            ),
++        ]
++
++        index = 0
++        assert NetworkManagerActivator.bring_up_interface("eth0")
++        for call in m_subp.call_args_list:
++            assert call == expected_call_list[index]
++            index += 1
++
++    @patch("cloudinit.subp.subp", return_value=("", ""))
++    @patch(
++        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
++        return_value=False,
++    )
++    @patch("os.path.isfile")
++    @patch("os.path.exists", return_value=True)
++    def test_bring_up_interface_no_plugin_no_nm_conn(
++        self, m_exists, m_isfile, m_plugin, m_subp
++    ):
++        """
++        The ifcfg-rh plugin is absent and nmconnection file is also
++        not present. In this case, we can't use ifcfg file and the
++        interface bring up should fail.
++        """
++
++        def fake_isfile_no_nmconn(filename):
++            return False if filename.endswith(".nmconnection") else True
++
++        m_isfile.side_effect = fake_isfile_no_nmconn
++        assert not NetworkManagerActivator.bring_up_interface("eth0")
++
++    @patch("cloudinit.subp.subp", return_value=("", ""))
++    @patch(
++        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
++        return_value=True,
++    )
++    @patch("os.path.isfile", return_value=False)
++    @patch("os.path.exists", return_value=True)
++    def test_bring_up_interface_no_conn_file(
++        self, m_exists, m_isfile, m_plugin, m_subp
++    ):
++        """
++        Neither network manager connection files are present nor
++        ifcfg files are present. Even if ifcfg-rh plugin is present,
++        we can not bring up the interface. So bring_up_interface()
++        should fail.
++        """
++        assert not NetworkManagerActivator.bring_up_interface("eth0")

SPECS/cloud-init.spec

@@ -6,7 +6,7 @@
 
 Name:           cloud-init
 Version:        23.1.1
-Release:        10%{?dist}
+Release:        11%{?dist}.1.alma.1
 Summary:        Cloud instance init scripts
 
 Group:          System Environment/Base
@@ -55,6 +55,16 @@ Patch29: ci-DS-VMware-modify-a-few-log-level-4284.patch
 # For bz#2229460 - [rhel-8.9] [RFE] Configure "ipv6.addr-gen-mode=eui64' as default in NetworkManager
 Patch30: ci-NM-renderer-set-default-IPv6-addr-gen-mode-for-all-i.patch
 
+# Patches were taken from:
+# https://github.com/canonical/cloud-init/commit/d1d5166895da471cff3606c70d4e8ab6eec1c006
+Patch31: net-nm-check-for-presence-of-ifcfg.patch
+# https://gitlab.com/redhat/centos-stream/rpms/cloud-init/-/commit/46b71b3a2dd8fb9cff34dbc217f5f4a69bad08cb
+Patch32: ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
+# https://github.com/canonical/cloud-init/commit/bb474df78bfe45ea5f05907eb710e8d5de764fc8
+Patch33: tests-unittests-add-a-new-unit-test.patch
+
+# AlmaLinux OS patches
+Patch100: 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch
 
 BuildArch:      noarch
 
@@ -273,6 +283,17 @@ fi
 %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
 
 %changelog
+* Mon Jan 15 2024 Eduard Abdullin <eabdullin@almalinux.org> - 23.1.1-11.1.alma.1 
+- tests/unittests: add a new unit test for network manager net
+ activator
+- rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
+ in cloud.cfg
+- net/nm: check for presence of ifcfg files when nm connection
+ files are absent
+
+* Tue Oct 10 2023 Elkhan Mammadli <elkhan@almalinux.org> - 23.1.1-10.alma.1
+- 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch
+
 * Fri Aug 25 2023 Camilla Conte <cconte@redhat.com> - 23.1.1-10
 - Resolves: bz#2233047
   ([RHEL 8.9] Inform user when cloud-init generated config files are left during uninstalling)