From 8a2e39a44ee0b6154fbb58eeb624d460b3489302 Mon Sep 17 00:00:00 2001 From: Ani Sinha Date: Fri, 10 Jan 2025 23:32:52 +0530 Subject: [PATCH 1/2] Use log_with_downgradable_level for user password warnings (#5927) RH-Author: xiachen RH-MergeRequest: 121: Use log_with_downgradable_level for user password warnings (#5927) RH-Jira: RHEL-71122 RH-Acked-by: Ani Sinha RH-Acked-by: Emanuele Giuseppe Esposito RH-Commit: [1/2] 313b086475c07865898c9a29991fa8bf5359fea6 (xiachen/cloud-init-centos) Introduction of new WARNING level logs could be problematic for stable downstream distros. Customers using these distros would then see a new and unexpected behavior change or a new WARNING log that can confuse them. So for handling user account passwords, use log_with_downgradable_level() helper api instead so that downstream distros can maintain stability while also making progressive changes in upstream towards improved user experience. Downstream distros can convert these logs to DEBUG level by setting DEPRECATION_INFO_BOUNDARY to a value older than the cloud-init version at which these logs were first introduced (24.3). Please see the documentation for log_with_downgradable_level(). Signed-off-by: Ani Sinha (cherry picked from commit 38acce473626dc749dfb8bf3602e294df554c781) Signed-off-by: Amy Chen --- cloudinit/distros/__init__.py | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py index 34c0836e8..020d2201d 100644 --- a/cloudinit/distros/__init__.py +++ b/cloudinit/distros/__init__.py @@ -50,6 +50,7 @@ from cloudinit.distros.package_management.package_manager import PackageManager from cloudinit.distros.package_management.utils import known_package_managers from cloudinit.distros.parsers import hosts from cloudinit.features import ALLOW_EC2_MIRRORS_ON_NON_AWS_INSTANCE_TYPES +from cloudinit.lifecycle import log_with_downgradable_level from cloudinit.net import activators, dhcp, renderers from cloudinit.net.netops import NetOps from cloudinit.net.network_state import parse_net_config_data @@ -900,10 +901,13 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta): password_key = "passwd" # Only "plain_text_passwd" and "hashed_passwd" # are valid for an existing user. - LOG.warning( - "'passwd' in user-data is ignored for existing " - "user %s", - name, + log_with_downgradable_level( + logger=LOG, + version="24.3", + requested_level=logging.WARNING, + msg="'passwd' in user-data is ignored " + "for existing user %s", + args=name, ) # As no password specified for the existing user in user-data @@ -941,20 +945,26 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta): elif pre_existing_user: # Pre-existing user with no existing password and none # explicitly set in user-data. - LOG.warning( - "Not unlocking blank password for existing user %s." + log_with_downgradable_level( + logger=LOG, + version="24.3", + requested_level=logging.WARNING, + msg="Not unlocking blank password for existing user %s." " 'lock_passwd: false' present in user-data but no existing" " password set and no 'plain_text_passwd'/'hashed_passwd'" " provided in user-data", - name, + args=name, ) else: # No password (whether blank or otherwise) explicitly set - LOG.warning( - "Not unlocking password for user %s. 'lock_passwd: false'" + log_with_downgradable_level( + logger=LOG, + version="24.3", + requested_level=logging.WARNING, + msg="Not unlocking password for user %s. 'lock_passwd: false'" " present in user-data but no 'passwd'/'plain_text_passwd'/" "'hashed_passwd' provided in user-data", - name, + args=name, ) # Configure doas access -- 2.48.1