!230 [sync] PR-228: backport upstream bugfix patches

From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen

backport-fix-azure-disable-use-dns-for-secondary-nics-5314.patch

@@ -0,0 +1,112 @@
+From 42930d8459b59b22cab3f76d85d170871174b479 Mon Sep 17 00:00:00 2001
+From: Alberto Contreras <alberto.contreras@canonical.com>
+Date: Wed, 29 May 2024 09:10:53 +0200
+Subject: [PATCH] fix(azure): disable use-dns for secondary nics (#5314)
+
+DNS resolution through secondary NICs is not supported on Azure. Disable
+it.
+
+Without this, we see seconds of delay resolving urls in cloud-init logs
+from Jammy+, see SF ticket.
+
+Per cjp256's comment, the first NIC under metadata.imds.network is
+ensured
+to be the primary one. We use this to determine primary NICs instead of
+relying on fragile driver and/or NIC names.
+
+Fixes: SF: #00380708
+
+Co-authored-by: Calvin Mwadime <calvin.mwadime@canonical.com>
+---
+ cloudinit/sources/DataSourceAzure.py  |  3 +++
+ tests/unittests/sources/test_azure.py | 20 +++++++++++++-------
+ 2 files changed, 16 insertions(+), 7 deletions(-)
+
+diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
+index 11c14e2..e384b32 100644
+--- a/cloudinit/sources/DataSourceAzure.py
++++ b/cloudinit/sources/DataSourceAzure.py
+@@ -1965,6 +1965,9 @@ def generate_network_config_from_instance_network_metadata(
+         # addresses.
+         nicname = "eth{idx}".format(idx=idx)
+         dhcp_override = {"route-metric": (idx + 1) * 100}
++        # DNS resolution through secondary NICs is not supported, disable it.
++        if idx > 0:
++            dhcp_override["use-dns"] = False
+         dev_config: Dict[str, Any] = {
+             "dhcp4": True,
+             "dhcp4-overrides": dhcp_override,
+diff --git a/tests/unittests/sources/test_azure.py b/tests/unittests/sources/test_azure.py
+index 2a477f8..3a36418 100644
+--- a/tests/unittests/sources/test_azure.py
++++ b/tests/unittests/sources/test_azure.py
+@@ -718,14 +718,20 @@ class TestGenerateNetworkConfig:
+                             "match": {"macaddress": "00:0d:3a:04:75:98"},
+                             "dhcp6": False,
+                             "dhcp4": True,
+-                            "dhcp4-overrides": {"route-metric": 200},
++                            "dhcp4-overrides": {
++                                "route-metric": 200,
++                                "use-dns": False,
++                            },
+                         },
+                         "eth2": {
+                             "set-name": "eth2",
+                             "match": {"macaddress": "00:0d:3a:04:75:98"},
+                             "dhcp6": False,
+                             "dhcp4": True,
+-                            "dhcp4-overrides": {"route-metric": 300},
++                            "dhcp4-overrides": {
++                                "route-metric": 300,
++                                "use-dns": False,
++                            },
+                         },
+                     },
+                     "version": 2,
+@@ -952,7 +958,7 @@ class TestNetworkConfig:
+                     "dhcp6": False,
+                     "match": {"macaddress": "00:0d:3a:04:75:98"},
+                     "set-name": "eth0",
+-                }
++                },
+             },
+             "version": 2,
+         }
+@@ -1534,7 +1540,7 @@ scbus-1 on xpt0 bus 0
+                     "dhcp6": False,
+                     "dhcp4": True,
+                     "dhcp4-overrides": {"route-metric": 100},
+-                }
++                },
+             },
+             "version": 2,
+         }
+@@ -1563,14 +1569,14 @@ scbus-1 on xpt0 bus 0
+                     "match": {"macaddress": "22:0d:3a:04:75:98"},
+                     "dhcp6": False,
+                     "dhcp4": True,
+-                    "dhcp4-overrides": {"route-metric": 200},
++                    "dhcp4-overrides": {"route-metric": 200, "use-dns": False},
+                 },
+                 "eth2": {
+                     "set-name": "eth2",
+                     "match": {"macaddress": "33:0d:3a:04:75:98"},
+                     "dhcp6": False,
+                     "dhcp4": True,
+-                    "dhcp4-overrides": {"route-metric": 300},
++                    "dhcp4-overrides": {"route-metric": 300, "use-dns": False},
+                 },
+             },
+             "version": 2,
+@@ -1603,7 +1609,7 @@ scbus-1 on xpt0 bus 0
+                     "dhcp6": False,
+                     "dhcp4": True,
+                     "dhcp4-overrides": {"route-metric": 100},
+-                }
++                },
+             },
+             "version": 2,
+         }
+-- 
+2.27.0
+

backport-fix-net-Make-duplicate-route-add-succeed.-5343.patch

@@ -0,0 +1,52 @@
+From e432a31d6ea4263027c327559bb08adf3a91ad6d Mon Sep 17 00:00:00 2001
+From: Brett Holman <brett.holman@canonical.com>
+Date: Wed, 29 May 2024 16:03:46 -0600
+Subject: [PATCH] fix(net): Make duplicate route add succeed. (#5343)
+
+This behaves the same but doesn't fail when adding an existing route.
+
+Fixes GH-3441
+Fixes GH-3595
+---
+ cloudinit/net/netops/iproute2.py | 2 +-
+ tests/unittests/net/test_init.py | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/cloudinit/net/netops/iproute2.py b/cloudinit/net/netops/iproute2.py
+index 08d79b1..25ccbc1 100644
+--- a/cloudinit/net/netops/iproute2.py
++++ b/cloudinit/net/netops/iproute2.py
+@@ -30,7 +30,7 @@ class Iproute2(netops.NetOps):
+         source_address: Optional[str] = None,
+     ):
+         subp.subp(
+-            ["ip", "-4", "route", "add", route]
++            ["ip", "-4", "route", "replace", route]
+             + (["via", gateway] if gateway and gateway != "0.0.0.0" else [])
+             + [
+                 "dev",
+diff --git a/tests/unittests/net/test_init.py b/tests/unittests/net/test_init.py
+index 51e54d0..16fe8e9 100644
+--- a/tests/unittests/net/test_init.py
++++ b/tests/unittests/net/test_init.py
+@@ -1084,7 +1084,7 @@ class TestEphemeralIPV4Network(CiTestCase):
+                     "ip",
+                     "-4",
+                     "route",
+-                    "add",
++                    "replace",
+                     "192.168.2.1",
+                     "dev",
+                     "eth0",
+@@ -1097,7 +1097,7 @@ class TestEphemeralIPV4Network(CiTestCase):
+                     "ip",
+                     "-4",
+                     "route",
+-                    "add",
++                    "replace",
+                     "default",
+                     "via",
+                     "192.168.2.1",
+-- 
+2.27.0
+

backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch

@@ -0,0 +1,56 @@
+From 2856f4c8a440eba1127ac09f2b411d436c62e777 Mon Sep 17 00:00:00 2001
+From: Brett Holman <brett.holman@canonical.com>
+Date: Wed, 29 May 2024 16:08:35 -0600
+Subject: [PATCH] fix(netplan): Fix predictable interface rename issue
+(#5339)
+
+When predictable naming is disabled, the following command may exit with
+a non-zero exit code.
+
+udevadm test-builtin net_setup_link
+
+This code only ran to check for udev rename races, which cannot happen
+when systemd renaming is disabled. Skip when disabled.
+
+Fixes GH-3950
+---
+ cloudinit/net/netplan.py    | 3 +++
+ tests/unittests/test_net.py | 5 ++++-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/cloudinit/net/netplan.py b/cloudinit/net/netplan.py
+index 0b8419a..aea8a67 100644
+--- a/cloudinit/net/netplan.py
++++ b/cloudinit/net/netplan.py
+@@ -329,6 +329,9 @@ class Renderer(renderer.Renderer):
+         if not run:
+             LOG.debug("netplan net_setup_link postcmd disabled")
+             return
++        elif "net.ifnames=0" in util.get_cmdline():
++            LOG.debug("Predictable interface names disabled.")
++            return
+         setup_lnk = ["udevadm", "test-builtin", "net_setup_link"]
+ 
+         # It's possible we can race a udev rename and attempt to run
+diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
+index 052b067..73a4c91 100644
+--- a/tests/unittests/test_net.py
++++ b/tests/unittests/test_net.py
+@@ -6782,10 +6782,13 @@ class TestNetplanPostcommands(CiTestCase):
+         mock_netplan_generate.assert_called_with(run=True, same_content=False)
+         mock_net_setup_link.assert_called_with(run=True)
+ 
++    @mock.patch("cloudinit.util.get_cmdline")
+     @mock.patch("cloudinit.util.SeLinuxGuard")
+     @mock.patch.object(netplan, "get_devicelist")
+     @mock.patch("cloudinit.subp.subp")
+-    def test_netplan_postcmds(self, mock_subp, mock_devlist, mock_sel):
++    def test_netplan_postcmds(
++        self, mock_subp, mock_devlist, mock_sel, m_get_cmdline
++    ):
+         mock_sel.__enter__ = mock.Mock(return_value=False)
+         mock_sel.__exit__ = mock.Mock()
+         mock_devlist.side_effect = [["lo"]]
+-- 
+2.27.0
+

cloud-init.spec

@@ -1,6 +1,6 @@
 Name: cloud-init
 Version: 23.4.1
-Release: 4
+Release: 5
 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
 License: ASL 2.0 or GPLv3
 URL: http://launchpad.net/cloud-init
@@ -23,6 +23,9 @@ Patch6005: backport-fix-Logging-sensitive-data.patch
 Patch6006: backport-fix-growpart-race-4618.patch
 Patch6007: backport-handle-error-when-log-file-is-empty-4859.patch
 Patch6008: backport-ec2-Do-not-enable-dhcp6-on-EC2.patch
+Patch6009: backport-fix-azure-disable-use-dns-for-secondary-nics-5314.patch
+Patch6010: backport-fix-net-Make-duplicate-route-add-succeed.-5343.patch
+Patch6011: backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch
 
 BuildRequires: pkgconfig(systemd) python3-devel python3-setuptools systemd
 BuildRequires: iproute python3-configobj python3-responses
@@ -153,6 +156,14 @@ fi
 %exclude /usr/share/doc/*
 
 %changelog
+* Tue Jun 11 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-5
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:disable use-dns for secondary nics
+       Make duplicate route add succeed
+       Fix predictable interface rename issue
+
 * Mon Jun 03 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-4
 - Type:bugfix
 - CVE:NA