f7be84a001
- ci-Use-log_with_downgradable_level-for-user-password-wa.patch [RHEL-71122] - ci-downstream-set-deprecation-boundary-version.patch [RHEL-71122] - Resolves: RHEL-71122 (Suggest to change some log messages from warning to info after rebase cloud-init-24.4 [RHEL-9.6] )
98 lines
4.5 KiB
Diff
98 lines
4.5 KiB
Diff
From 8a2e39a44ee0b6154fbb58eeb624d460b3489302 Mon Sep 17 00:00:00 2001
|
|
From: Ani Sinha <anisinha@redhat.com>
|
|
Date: Fri, 10 Jan 2025 23:32:52 +0530
|
|
Subject: [PATCH 1/2] Use log_with_downgradable_level for user password
|
|
warnings (#5927)
|
|
|
|
RH-Author: xiachen <xiachen@redhat.com>
|
|
RH-MergeRequest: 121: Use log_with_downgradable_level for user password warnings (#5927)
|
|
RH-Jira: RHEL-71122
|
|
RH-Acked-by: Ani Sinha <anisinha@redhat.com>
|
|
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
|
RH-Commit: [1/2] 313b086475c07865898c9a29991fa8bf5359fea6 (xiachen/cloud-init-centos)
|
|
|
|
Introduction of new WARNING level logs could be problematic for stable
|
|
downstream distros. Customers using these distros would then see a new and
|
|
unexpected behavior change or a new WARNING log that can confuse them. So for
|
|
handling user account passwords, use log_with_downgradable_level() helper api
|
|
instead so that downstream distros can maintain stability while also making
|
|
progressive changes in upstream towards improved user experience.
|
|
Downstream distros can convert these logs to DEBUG level by setting
|
|
DEPRECATION_INFO_BOUNDARY to a value older than the cloud-init version at which
|
|
these logs were first introduced (24.3). Please see the documentation for
|
|
log_with_downgradable_level().
|
|
|
|
Signed-off-by: Ani Sinha <anisinha@redhat.com>
|
|
(cherry picked from commit 38acce473626dc749dfb8bf3602e294df554c781)
|
|
Signed-off-by: Amy Chen <xiachen@redhat.com>
|
|
---
|
|
cloudinit/distros/__init__.py | 30 ++++++++++++++++++++----------
|
|
1 file changed, 20 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py
|
|
index 34c0836e8..020d2201d 100644
|
|
--- a/cloudinit/distros/__init__.py
|
|
+++ b/cloudinit/distros/__init__.py
|
|
@@ -50,6 +50,7 @@ from cloudinit.distros.package_management.package_manager import PackageManager
|
|
from cloudinit.distros.package_management.utils import known_package_managers
|
|
from cloudinit.distros.parsers import hosts
|
|
from cloudinit.features import ALLOW_EC2_MIRRORS_ON_NON_AWS_INSTANCE_TYPES
|
|
+from cloudinit.lifecycle import log_with_downgradable_level
|
|
from cloudinit.net import activators, dhcp, renderers
|
|
from cloudinit.net.netops import NetOps
|
|
from cloudinit.net.network_state import parse_net_config_data
|
|
@@ -900,10 +901,13 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta):
|
|
password_key = "passwd"
|
|
# Only "plain_text_passwd" and "hashed_passwd"
|
|
# are valid for an existing user.
|
|
- LOG.warning(
|
|
- "'passwd' in user-data is ignored for existing "
|
|
- "user %s",
|
|
- name,
|
|
+ log_with_downgradable_level(
|
|
+ logger=LOG,
|
|
+ version="24.3",
|
|
+ requested_level=logging.WARNING,
|
|
+ msg="'passwd' in user-data is ignored "
|
|
+ "for existing user %s",
|
|
+ args=name,
|
|
)
|
|
|
|
# As no password specified for the existing user in user-data
|
|
@@ -941,20 +945,26 @@ class Distro(persistence.CloudInitPickleMixin, metaclass=abc.ABCMeta):
|
|
elif pre_existing_user:
|
|
# Pre-existing user with no existing password and none
|
|
# explicitly set in user-data.
|
|
- LOG.warning(
|
|
- "Not unlocking blank password for existing user %s."
|
|
+ log_with_downgradable_level(
|
|
+ logger=LOG,
|
|
+ version="24.3",
|
|
+ requested_level=logging.WARNING,
|
|
+ msg="Not unlocking blank password for existing user %s."
|
|
" 'lock_passwd: false' present in user-data but no existing"
|
|
" password set and no 'plain_text_passwd'/'hashed_passwd'"
|
|
" provided in user-data",
|
|
- name,
|
|
+ args=name,
|
|
)
|
|
else:
|
|
# No password (whether blank or otherwise) explicitly set
|
|
- LOG.warning(
|
|
- "Not unlocking password for user %s. 'lock_passwd: false'"
|
|
+ log_with_downgradable_level(
|
|
+ logger=LOG,
|
|
+ version="24.3",
|
|
+ requested_level=logging.WARNING,
|
|
+ msg="Not unlocking password for user %s. 'lock_passwd: false'"
|
|
" present in user-data but no 'passwd'/'plain_text_passwd'/"
|
|
"'hashed_passwd' provided in user-data",
|
|
- name,
|
|
+ args=name,
|
|
)
|
|
|
|
# Configure doas access
|
|
--
|
|
2.48.1
|
|
|