packages/cloud-init
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:755d91c93169af333a51276970e99d22db666ab7
Branches Tags
packages:main
...
compare: packages:e49c97caf9a9b2ed6923f81fbc8d89e4b9d919a6
Branches Tags
packages:main

10 Commits
755d91c931 ... e49c97caf9

Author SHA1 Message Date
openeuler-ci-bot
e49c97caf9
!283 backport upstream patches 
From: @tong_1001 
Reviewed-by: @hubin95 
Signed-off-by: @hubin95
 2025-03-24 07:35:23 +00:00
shixuantong
7f7a3102c5 do not remove all existing settings of /etc/sysconfig/network and fix: typing for rsyslog, ubuntu_pro, power_state_change 2025-03-21 15:27:14 +08:00
openeuler-ci-bot
55091cf60d
!275 backport upstream patches 
From: @Linux_zhang2024 
Reviewed-by: @tong_1001, @dillon_chen 
Signed-off-by: @dillon_chen
 2025-03-05 03:04:24 +00:00
Linux_zhang
ed349e59f9 backport upstream patches 2025-03-05 09:30:32 +08:00
openeuler-ci-bot
db56d8e48f
!266 sync some patches 
From: @tong_1001 
Reviewed-by: @znzjugod 
Signed-off-by: @znzjugod
 2024-12-06 07:08:53 +00:00
shixuantong
318dfe57b6 sync some patches 2024-12-06 11:47:57 +08:00
openeuler-ci-bot
a1fcdd839b
!259 fix: properly handle blank lines in fstab 
From: @tong_1001 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-11-14 02:21:56 +00:00
shixuantong
d132da07de fix: properly handle blank lines in fstab 2024-11-14 09:13:54 +08:00
openeuler-ci-bot
1a02feb1c4
!249 Ensure random passwords contain multiple character types 
From: @tong_1001 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-11-05 06:31:29 +00:00
shixuantong
c5ad5566ab Ensure random passwords contain multiple character types 2024-11-04 17:40:06 +08:00
14 changed files with 955 additions and 38 deletions
Show Stats Expand all files Collapse all files

70
backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch Normal file
View File

@ -0,0 +1,70 @@
From eb1965a434360b3198768302f4196488d7c2511f Mon Sep 17 00:00:00 2001
From: Bryan Fraschetti <bryan.fraschetti@canonical.com>
Date: Mon, 3 Feb 2025 16:13:19 -0500
Subject: [PATCH] Fix: GCE _get_data crashes if DHCP lease fails (#5998)
This commit addresses issue #5997 which reported crashes in init-local
when cloud-init was examining GCELocal as a potential datasource. When
all NICs failed at DHCP discovery cloud-init attempts to log the events
by dereferencing a value that was never assigned.
This commit modifies the _get_data function of DataSourceGCE.py by
adding an empty dictionary definition for the ret variable at the
top level of the function and some debugging logs when a candidate NIC
fails to obtain a DHCP lease. At the same time, the commit replaces the
direct key access operator on ret with the safe lookup method get(). This
commit also adds a unit test that mocks the observed situation.
Reference:https://github.com/canonical/cloud-init/commit/eb1965a434360b3198768302f4196488d7c2511f
Conflict:not change test_gce.py (M_PATH and net.find_candidate_nics doesn't exist)
Fixes GH-5997
---
cloudinit/sources/DataSourceGCE.py | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/cloudinit/sources/DataSourceGCE.py b/cloudinit/sources/DataSourceGCE.py
index c730ae8..87dc4e0 100644
--- a/cloudinit/sources/DataSourceGCE.py
+++ b/cloudinit/sources/DataSourceGCE.py
@@ -88,6 +88,7 @@ class DataSourceGCE(sources.DataSource):
def _get_data(self):
url_params = self.get_url_params()
+ ret = {}
if self.perform_dhcp_setup:
candidate_nics = net.find_candidate_nics()
if DEFAULT_PRIMARY_INTERFACE in candidate_nics:
@@ -122,6 +123,9 @@ class DataSourceGCE(sources.DataSource):
)
continue
except NoDHCPLeaseError:
+ LOG.debug(
+ "Unable to obtain a DHCP lease for %s", candidate_nic
+ )
continue
if ret["success"]:
self._fallback_interface = candidate_nic
@@ -142,14 +146,14 @@ class DataSourceGCE(sources.DataSource):
},
)
- if not ret["success"]:
- if ret["platform_reports_gce"]:
- LOG.warning(ret["reason"])
+ if not ret.get("success"):
+ if ret.get("platform_reports_gce"):
+ LOG.warning(ret.get("reason"))
else:
- LOG.debug(ret["reason"])
+ LOG.debug(ret.get("reason"))
return False
- self.metadata = ret["meta-data"]
- self.userdata_raw = ret["user-data"]
+ self.metadata = ret.get("meta-data")
+ self.userdata_raw = ret.get("user-data")
return True
@property
--
2.33.0

30
backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch Normal file
View File

@ -0,0 +1,30 @@
From b3120f7fefbb772b8fd5f5e8d32ee5377d4aa5cf Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Wed, 13 Nov 2024 23:15:39 +0800
Subject: [PATCH] chore: set recursive=False for ensure_dir if parent path is
"/" (#5816)
---
cloudinit/util.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 8025f4d51..e2f04a402 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1884,7 +1884,11 @@ def ensure_dir(path, mode=None, user=None, group=None):
# Get non existed parent dir first before they are created.
non_existed_parent_dir = get_non_exist_parent_dir(path)
# Make the dir and adjust the mode
- with SeLinuxGuard(os.path.dirname(path), recursive=True):
+ dir_name = os.path.dirname(path)
+ selinux_recursive = True
+ if dir_name == "/":
+ selinux_recursive = False
+ with SeLinuxGuard(dir_name, recursive=selinux_recursive):
os.makedirs(path)
chmod(path, mode)
# Change the ownership
--
2.27.0

140
backport-feat-Ensure-random-passwords-contain-multiple-charac.patch Normal file
View File

@ -0,0 +1,140 @@
From 879945f56103d937a7fee84bfe7662dc2a5be708 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Thu, 17 Oct 2024 20:45:07 +0800
Subject: [PATCH] feat: Ensure random passwords contain multiple character
types (#5815)
Reference:https://github.com/canonical/cloud-init/commit/879945f56103d937a7fee84bfe7662dc2a5be708
Conflict:NA
The complexity of the random password generated by the
rand_user_password() method may not meet the security configuration
requirements of the system authentication module. This can cause
chpasswd to fail.
This commit ensures we generate a password using 4 different character
classes.
Fixes GH-5814
Co-authored-by: James Falcon <james.falcon@canonical.com>
---
cloudinit/config/cc_set_passwords.py | 33 +++++++++++++---
.../unittests/config/test_cc_set_passwords.py | 38 +++++++++++++++++++
2 files changed, 66 insertions(+), 5 deletions(-)
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
index 24d8267..d46c7f2 100644
--- a/cloudinit/config/cc_set_passwords.py
+++ b/cloudinit/config/cc_set_passwords.py
@@ -9,7 +9,8 @@
import logging
import re
-from string import ascii_letters, digits
+import random
+import string
from textwrap import dedent
from typing import List
@@ -89,9 +90,6 @@ __doc__ = get_meta_doc(meta)
LOG = logging.getLogger(__name__)
-# We are removing certain 'painful' letters/numbers
-PW_SET = "".join([x for x in ascii_letters + digits if x not in "loLOI01"])
-
def get_users_by_type(users_list: list, pw_type: str) -> list:
"""either password or type: RANDOM is required, user is always required"""
@@ -307,4 +305,29 @@ def handle(name: str, cfg: Config, cloud: Cloud, args: list) -> None:
def rand_user_password(pwlen=20):
- return util.rand_str(pwlen, select_from=PW_SET)
+ if pwlen < 4:
+ raise ValueError("Password length must be at least 4 characters.")
+
+ # There are often restrictions on the minimum number of character
+ # classes required in a password, so ensure we at least one character
+ # from each class.
+ res_rand_list = [
+ random.choice(string.digits),
+ random.choice(string.ascii_lowercase),
+ random.choice(string.ascii_uppercase),
+ random.choice(string.punctuation),
+ ]
+
+ res_rand_list.extend(
+ list(
+ util.rand_str(
+ pwlen - len(res_rand_list),
+ select_from=string.digits
+ + string.ascii_lowercase
+ + string.ascii_uppercase
+ + string.punctuation,
+ )
+ )
+ )
+ random.shuffle(res_rand_list)
+ return "".join(res_rand_list)
diff --git a/tests/unittests/config/test_cc_set_passwords.py b/tests/unittests/config/test_cc_set_passwords.py
index ef34a8c..b5d561c 100644
--- a/tests/unittests/config/test_cc_set_passwords.py
+++ b/tests/unittests/config/test_cc_set_passwords.py
@@ -1,6 +1,7 @@
# This file is part of cloud-init. See LICENSE file for license information.
import logging
+import string
from unittest import mock
import pytest
@@ -555,6 +556,43 @@ class TestExpire:
assert "Expired passwords" not in caplog.text
+class TestRandUserPassword:
+ def _get_str_class_num(self, str):
+ return sum(
+ [
+ any(c.islower() for c in str),
+ any(c.isupper() for c in str),
+ any(c.isupper() for c in str),
+ any(c in string.punctuation for c in str),
+ ]
+ )
+
+ @pytest.mark.parametrize(
+ "strlen, expected_result",
+ [
+ (1, ValueError),
+ (2, ValueError),
+ (3, ValueError),
+ (4, 4),
+ (5, 4),
+ (5, 4),
+ (6, 4),
+ (20, 4),
+ ],
+ )
+ def test_rand_user_password(self, strlen, expected_result):
+ if expected_result is ValueError:
+ with pytest.raises(
+ expected_result,
+ match="Password length must be at least 4 characters.",
+ ):
+ setpass.rand_user_password(strlen)
+ else:
+ rand_password = setpass.rand_user_password(strlen)
+ assert len(rand_password) == strlen
+ assert self._get_str_class_num(rand_password) == expected_result
+
+
class TestSetPasswordsSchema:
@pytest.mark.parametrize(
"config, expectation",
--
2.33.0

62
backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch Normal file
View File

@ -0,0 +1,62 @@
From b45d66a03659f8e4780b6b55e51edcbd2f6f012d Mon Sep 17 00:00:00 2001
From: MKhatibzadeh <32599707+masihkhatibzadeh99@users.noreply.github.com>
Date: Fri, 7 Feb 2025 18:13:43 +0330
Subject: [PATCH] fix: Ensure fqdn is treated as string in get_hostname_fqdn
(#5993)
Explicitly cast fqdn to a string before processing.
Reference:https://github.com/canonical/cloud-init/commit/b45d66a03659f8e4780b6b55e51edcbd2f6f012d
Conflict:not change .github-cla-signers
Fixes GH-5989
Co-authored-by: masih.khatibzdeh <masih.khatibzadeh@snapp.cab>
---
cloudinit/util.py | 2 +-
tests/unittests/test_util.py | 16 ++++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 20b6e2e9ef4..bfcc9c8edba 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1215,7 +1215,7 @@ def get_hostname_fqdn(cfg, cloud, metadata_only=False):
is_default = False
if "fqdn" in cfg:
# user specified a fqdn. Default hostname then is based off that
- fqdn = cfg["fqdn"]
+ fqdn = str(cfg["fqdn"])
hostname = get_cfg_option_str(cfg, "hostname", fqdn.split(".")[0])
else:
if "hostname" in cfg and cfg["hostname"].find(".") > 0:
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
index 8a107191b0e..7d2383f2dd6 100644
--- a/tests/unittests/test_util.py
+++ b/tests/unittests/test_util.py
@@ -799,6 +799,22 @@ def test_get_hostname_fqdn_from_without_fqdn_or_hostname(self):
mock.call(metadata_only=False),
] == cloud.get_hostname.call_args_list
+ def test_get_hostname_fqdn_from_numeric_fqdn(self):
+ """When cfg fqdn is numeric, ensure it is treated as a string."""
+ hostname, fqdn, _ = util.get_hostname_fqdn(
+ cfg={"fqdn": 12345}, cloud=None
+ )
+ self.assertEqual("12345", hostname)
+ self.assertEqual("12345", fqdn)
+
+ def test_get_hostname_fqdn_from_numeric_fqdn_with_domain(self):
+ """When cfg fqdn is numeric with a domain, ensure correct parsing."""
+ hostname, fqdn, _ = util.get_hostname_fqdn(
+ cfg={"fqdn": "12345.example.com"}, cloud=None
+ )
+ self.assertEqual("12345", hostname)
+ self.assertEqual("12345.example.com", fqdn)
+
def test_get_hostname_fqdn_from_passes_metadata_only_to_cloud(self):
"""Calls to cloud.get_hostname pass the metadata_only parameter."""
cloud = mock.MagicMock()
--
2.33.0

59
backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch Normal file
View File

@ -0,0 +1,59 @@
From 371b2362bbd78ce53cd1b8f69d55db5855434e61 Mon Sep 17 00:00:00 2001
From: Curt Moore <curt.moore@garmin.com>
Date: Tue, 4 Jun 2024 12:45:32 -0500
Subject: [PATCH] fix: Ensure properties for bonded interfaces are properly
translated (#5367)
There is a discrepancy between the properties key name formatting in
the OpenStack network_data.json and cloudinit network-config.json
specifications. Ensure `bond_` is translated to `bond-` when the
OpenStack configuration is parsed by cloudinit.
Fixes GH-5366
Co-authored-by: Alberto Contreras <alberto.contreras@canonical.com>
---
cloudinit/sources/helpers/openstack.py | 9 ++++++++-
tests/unittests/sources/helpers/test_openstack.py | 6 +++---
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index 69a35db72..70998dda2 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -672,7 +672,14 @@ def convert_net_json(network_json=None, known_macs=None):
if k == "bond_links":
continue
elif k.startswith("bond"):
- params.update({k: v})
+ # There is a difference in key name formatting for
+ # bond parameters in the cloudinit and OpenStack
+ # network schemas. The keys begin with 'bond-' in the
+ # cloudinit schema but 'bond_' in OpenStack
+ # network_data.json schema. Translate them to what
+ # is expected by cloudinit.
+ translated_key = "bond-{}".format(k.split("bond_", 1)[-1])
+ params.update({translated_key: v})
# openstack does not provide a name for the bond.
# they do provide an 'id', but that is possibly non-sensical.
diff --git a/tests/unittests/sources/helpers/test_openstack.py b/tests/unittests/sources/helpers/test_openstack.py
index 312d66a01..663f6c2db 100644
--- a/tests/unittests/sources/helpers/test_openstack.py
+++ b/tests/unittests/sources/helpers/test_openstack.py
@@ -192,9 +192,9 @@ class TestConvertNetJson:
"name": "bond0",
"mac_address": "xx:xx:xx:xx:xx:00",
"params": {
- "bond_miimon": 100,
- "bond_mode": "802.3ad",
- "bond_xmit_hash_policy": "layer3+4",
+ "bond-miimon": 100,
+ "bond-mode": "802.3ad",
+ "bond-xmit_hash_policy": "layer3+4",
},
"subnets": [],
"type": "bond",
--
2.27.0

64
backport-fix-Wait-for-udev-on-openstack-5947.patch Normal file
View File

@ -0,0 +1,64 @@
From 7f09102ad601cb5225fa0ffe280d77a75f435e93 Mon Sep 17 00:00:00 2001
From: Robert Schweikert <rjschwei@suse.com>
From 7f09102ad601cb5225fa0ffe280d77a75f435e93 Mon Sep 17 00:00:00 2001
From: Robert Schweikert <rjschwei@suse.com>
Date: Tue, 7 Jan 2025 15:59:26 -0500
Subject: [PATCH] fix: Wait for udev on openstack (#5947)
It is possible that we outrun udev and when we try to enumerate the macs
any given mac may not yet be present. If we detect the condition give
udev a chance to catch up and check the system macs again before
triggering an error.
Fixes GH-4125
---
cloudinit/sources/helpers/openstack.py | 6 +++++-
tests/unittests/sources/test_configdrive.py | 15 +++++++++------
2 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index 97ec18faf98..bea1a2ce29f 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -771,7 +771,11 @@ def convert_net_json(network_json=None, known_macs=None):
if not mac:
raise ValueError("No mac_address or name entry for %s" % d)
if mac not in known_macs:
- raise ValueError("Unable to find a system nic for %s" % d)
+ # Let's give udev a chance to catch up
+ util.udevadm_settle()
+ known_macs = net.get_interfaces_by_mac()
+ if mac not in known_macs:
+ raise ValueError("Unable to find a system nic for %s" % d)
d["name"] = known_macs[mac]
for cfg, key, fmt, targets in link_updates:
diff --git a/tests/unittests/sources/test_configdrive.py b/tests/unittests/sources/test_configdrive.py
index 70da4812aee..a724f7613a0 100644
--- a/tests/unittests/sources/test_configdrive.py
+++ b/tests/unittests/sources/test_configdrive.py
@@ -896,12 +896,15 @@ def test_convert_reads_system_prefers_name(self, get_interfaces_by_mac):
def test_convert_raises_value_error_on_missing_name(self):
macs = {"aa:aa:aa:aa:aa:00": "ens1"}
- self.assertRaises(
- ValueError,
- openstack.convert_net_json,
- NETWORK_DATA,
- known_macs=macs,
- )
+ with mock.patch(
+ "cloudinit.sources.helpers.openstack.util.udevadm_settle"
+ ):
+ self.assertRaises(
+ ValueError,
+ openstack.convert_net_json,
+ NETWORK_DATA,
+ known_macs=macs,
+ )
def test_conversion_with_route(self):
ncfg = openstack.convert_net_json(
--
2.33.0

56
backport-fix-correct-the-path-for-Chef-s-cache-5994.patch Normal file
View File

@ -0,0 +1,56 @@
From a0ebb8d35e41bae075a0762b7002bc4e6a2b6269 Mon Sep 17 00:00:00 2001
From: MostafaTarek124eru
<48182100+MostafaTarek124eru@users.noreply.github.com>
Date: Mon, 3 Feb 2025 22:03:51 +0200
Subject: [PATCH] fix: correct the path for Chef's cache (#5994)
Corrected the path for chef cache in cc_chef, schema-cloud-config-v1,
and test_cc_chef.
Reference:https://github.com/canonical/cloud-init/commit/a0ebb8d35e41bae075a0762b7002bc4e6a2b6269
Conflict:not change schema-cloud-config-v1.json and .github-cla-signers
Fixes GH-5090
---
cloudinit/config/cc_chef.py | 4 ++--
tests/unittests/config/test_cc_chef.py | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
index 6aa2836..58293a7 100644
--- a/cloudinit/config/cc_chef.py
+++ b/cloudinit/config/cc_chef.py
@@ -29,7 +29,7 @@ CHEF_DIRS = tuple(
"/etc/chef",
"/var/log/chef",
"/var/lib/chef",
- "/var/cache/chef",
+ "/var/chef/cache",
"/var/backups/chef",
"/var/run/chef",
]
@@ -58,7 +58,7 @@ CHEF_RB_TPL_DEFAULTS = {
"validation_cert": None,
"client_key": "/etc/chef/client.pem",
"json_attribs": CHEF_FB_PATH,
- "file_cache_path": "/var/cache/chef",
+ "file_cache_path": "/var/chef/cache",
"file_backup_path": "/var/backups/chef",
"pid_file": "/var/run/chef/client.pid",
"show_time": True,
diff --git a/tests/unittests/config/test_cc_chef.py b/tests/unittests/config/test_cc_chef.py
index 6fad6a7..f3e4ad9 100644
--- a/tests/unittests/config/test_cc_chef.py
+++ b/tests/unittests/config/test_cc_chef.py
@@ -150,7 +150,7 @@ class TestChef(FilesystemMockingTestCase):
environment "_default"
node_name "iid-datasource-none"
json_attribs "/etc/chef/firstboot.json"
- file_cache_path "/var/cache/chef"
+ file_cache_path "/var/chef/cache"
file_backup_path "/var/backups/chef"
pid_file "/var/run/chef/client.pid"
Chef::Log::Formatter.show_time = true
--
2.33.0

33
backport-fix-properly-handle-blank-lines-in-fstab-5643.patch Normal file
View File

@ -0,0 +1,33 @@
From 93f30bbfcb073fd8213c18c2e7eb7f857234fc8a Mon Sep 17 00:00:00 2001
From: James Falcon <james.falcon@canonical.com>
Date: Thu, 29 Aug 2024 18:22:23 -0400
Subject: [PATCH] fix: properly handle blank lines in fstab (#5643)
Reference:https://github.com/canonical/cloud-init/commit/93f30bbfcb073fd8213c18c2e7eb7f857234fc8a
Conflict:(1)not change test, the corresponding test case does not exist.
(2)change handle() not parse_fstab(), diff commit is d15a770.
---
cloudinit/config/cc_mounts.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/cloudinit/config/cc_mounts.py b/cloudinit/config/cc_mounts.py
index 4efa2a2..1cd53ef 100644
--- a/cloudinit/config/cc_mounts.py
+++ b/cloudinit/config/cc_mounts.py
@@ -459,8 +459,9 @@ def handle(name: str, cfg: Config, cloud: Cloud, args: list) -> None:
toks = WS.split(line)
except Exception:
pass
- fstab_devs[toks[0]] = line
- fstab_lines.append(line)
+ if toks:
+ fstab_devs[toks[0]] = line
+ fstab_lines.append(line)
device_aliases = cfg.get("device_aliases", {})
--
2.33.0

86
backport-fix-typing-for-rsyslog-power_state_change.patch Normal file
View File

@ -0,0 +1,86 @@
From 2b7d9636b303ad212d1a446ab59636c5cd75dd4a Mon Sep 17 00:00:00 2001
From: MostafaTarek124eru
<48182100+MostafaTarek124eru@users.noreply.github.com>
Date: Tue, 11 Feb 2025 00:54:01 +0200
Subject: [PATCH] fix: typing for rsyslog, ubuntu_pro, power_state_change
(#5985)
Reference:https://github.com/canonical/cloud-init/commit/2b7d9636b303ad212d1a446ab59636c5cd75dd4a
Conflict:not change cloudinit/config/cc_ubuntu_pro.py, pyproject.toml and tests/unittests/config/test_cc_ubuntu_pro.py
---
cloudinit/config/cc_power_state_change.py | 5 ++++-
cloudinit/config/cc_rsyslog.py | 5 +----
tests/unittests/config/test_cc_power_state_change.py | 2 +-
tests/unittests/config/test_cc_rsyslog.py | 4 ++--
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/cloudinit/config/cc_power_state_change.py b/cloudinit/config/cc_power_state_change.py
index 72e6634..90534ed 100644
--- a/cloudinit/config/cc_power_state_change.py
+++ b/cloudinit/config/cc_power_state_change.py
@@ -93,7 +93,10 @@ def givecmdline(pid):
(output, _err) = subp.subp(["procstat", "-c", str(pid)])
line = output.splitlines()[1]
m = re.search(r"\d+ (\w|\.|-)+\s+(/\w.+)", line)
- return m.group(2)
+ if m:
+ return m.group(2)
+ else:
+ return None
else:
return util.load_file("/proc/%s/cmdline" % pid)
except IOError:
diff --git a/cloudinit/config/cc_rsyslog.py b/cloudinit/config/cc_rsyslog.py
index a04595b..0087a16 100644
--- a/cloudinit/config/cc_rsyslog.py
+++ b/cloudinit/config/cc_rsyslog.py
@@ -307,10 +307,7 @@ class SyslogRemotesLine:
self.proto = proto
self.addr = addr
- if port:
- self.port = int(port)
- else:
- self.port = None
+ self.port = int(port) if port is not None else None
def validate(self):
if self.port:
diff --git a/tests/unittests/config/test_cc_power_state_change.py b/tests/unittests/config/test_cc_power_state_change.py
index 8a1886c..ce8d74b 100644
--- a/tests/unittests/config/test_cc_power_state_change.py
+++ b/tests/unittests/config/test_cc_power_state_change.py
@@ -47,7 +47,7 @@ class TestLoadPowerState(t_help.TestCase):
self.assertRaises(TypeError, psc.load_power_state, cfg, self.dist)
def test_valid_modes(self):
- cfg = {"power_state": {}}
+ cfg: dict = {"power_state": {}}
for mode in ("halt", "poweroff", "reboot"):
cfg["power_state"]["mode"] = mode
check_lps_ret(psc.load_power_state(cfg, self.dist), mode=mode)
diff --git a/tests/unittests/config/test_cc_rsyslog.py b/tests/unittests/config/test_cc_rsyslog.py
index b69f602..6e67668 100644
--- a/tests/unittests/config/test_cc_rsyslog.py
+++ b/tests/unittests/config/test_cc_rsyslog.py
@@ -340,7 +340,7 @@ class TestInstallRsyslog(TestCase):
with mock.patch.object(
cloud.distro, "install_packages"
) as m_install:
- handle("rsyslog", {"rsyslog": config}, cloud, None)
+ handle("rsyslog", {"rsyslog": config}, cloud, [])
m_which.assert_called_with(config["check_exe"])
m_install.assert_called_with(config["packages"])
@@ -356,6 +356,6 @@ class TestInstallRsyslog(TestCase):
m_isbsd.return_value = False
m_which.return_value = "/usr/sbin/rsyslogd"
with mock.patch.object(cloud.distro, "install_packages") as m_install:
- handle("rsyslog", {"rsyslog": config}, cloud, None)
+ handle("rsyslog", {"rsyslog": config}, cloud, [])
m_which.assert_called_with(config["check_exe"])
m_install.assert_not_called()
--
2.33.0

138
backport-net-sysconfig-do-not-remove-all-existing-settings-of.patch Normal file
View File

@ -0,0 +1,138 @@
From fa331315d22f4bbe33320485e89a02bb2f695fbf Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Sat, 15 Feb 2025 01:54:31 +0530
Subject: [PATCH] net/sysconfig: do not remove all existing settings of
/etc/sysconfig/network (#5991)
Reference:https://github.com/canonical/cloud-init/commit/fa331315d22f4bbe33320485e89a02bb2f695fbf
Conflict:use util.load_file not util.load_text_file in render_network_state().
In some distros, /etc/sysconfig/network may have important configurations that
are necessary for the instance to come up. For example, centos based distros
write NOZEROCONF=yes in /etc/sysconfig/network for some instances that require
zeroconf to be disabled. Removing these customizations would prevent the
instance to come up. So leave the customizations in /etc/sysconfig/network
intact except those that we are interested in.
Fixes GH-5990
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/sysconfig.py | 18 +++++++
tests/unittests/distros/test_netconfig.py | 60 ++++++++++++++++++++++-
2 files changed, 76 insertions(+), 2 deletions(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index ab241df..ce24f19 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -1035,6 +1035,24 @@ class Renderer(renderer.Renderer):
if network_state.use_ipv6:
netcfg.append("NETWORKING_IPV6=yes")
netcfg.append("IPV6_AUTOCONF=no")
+
+ # if sysconfig file exists and is not empty, append rest of the
+ # file content, do not remove the exsisting customizations.
+ if os.path.exists(sysconfig_path):
+ for line in util.load_file(sysconfig_path).splitlines():
+ if (
+ not any(
+ setting in line
+ for setting in [
+ "NETWORKING",
+ "NETWORKING_IPV6",
+ "IPV6_AUTOCONF",
+ ]
+ )
+ and line not in _make_header().splitlines()
+ ):
+ netcfg.append(line)
+
util.write_file(
sysconfig_path, "\n".join(netcfg) + "\n", file_mode
)
diff --git a/tests/unittests/distros/test_netconfig.py b/tests/unittests/distros/test_netconfig.py
index 962ff7f..27ac636 100644
--- a/tests/unittests/distros/test_netconfig.py
+++ b/tests/unittests/distros/test_netconfig.py
@@ -697,12 +697,16 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
return "/etc/sysconfig/network"
def _apply_and_verify(
- self, apply_fn, config, expected_cfgs=None, bringup=False
+ self,
+ apply_fn,
+ config,
+ expected_cfgs=None,
+ bringup=False,
+ tmpd=None,
):
if not expected_cfgs:
raise ValueError("expected_cfg must not be None")
- tmpd = None
with mock.patch("cloudinit.net.sysconfig.available") as m_avail:
m_avail.return_value = True
with self.reRooted(tmpd) as tmpd:
@@ -791,6 +795,58 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
expected_cfgs=expected_cfgs.copy(),
)
+ def test_sysconfig_network_no_overwite_ipv6_rh(self):
+ expected_cfgs = {
+ self.ifcfg_path("eth0"): dedent(
+ """\
+ BOOTPROTO=none
+ DEFROUTE=yes
+ DEVICE=eth0
+ IPV6ADDR=2607:f0d0:1002:0011::2/64
+ IPV6INIT=yes
+ IPV6_AUTOCONF=no
+ IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
+ IPV6_FORCE_ACCEPT_RA=no
+ ONBOOT=yes
+ TYPE=Ethernet
+ USERCTL=no
+ """
+ ),
+ self.ifcfg_path("eth1"): dedent(
+ """\
+ BOOTPROTO=dhcp
+ DEVICE=eth1
+ ONBOOT=yes
+ TYPE=Ethernet
+ USERCTL=no
+ """
+ ),
+ self.control_path(): dedent(
+ """\
+ NETWORKING=yes
+ NETWORKING_IPV6=yes
+ IPV6_AUTOCONF=no
+ NOZEROCONF=yes
+ """
+ ),
+ }
+ tmpdir = self.tmp_dir()
+ file_mode = 0o644
+ # pre-existing config in /etc/sysconfig/network should not be removed
+ with self.reRooted(tmpdir) as tmpdir:
+ util.write_file(
+ self.control_path(),
+ "".join("NOZEROCONF=yes") + "\n",
+ file_mode,
+ )
+
+ self._apply_and_verify(
+ self.distro.apply_network_config,
+ V1_NET_CFG_IPV6,
+ expected_cfgs=expected_cfgs.copy(),
+ tmpd=tmpdir,
+ )
+
def test_vlan_render_unsupported(self):
"""Render officially unsupported vlan names."""
cfg = {
--
2.33.0

31
backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch Normal file
View File

@ -0,0 +1,31 @@
From 4c156a80375c01433cdd00546c6278edb0bb6025 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Mon, 21 Oct 2024 23:40:25 +0800
Subject: [PATCH] test: Fix duplicate judgment conditions in password
generation (#5835)
Reference:https://github.com/canonical/cloud-init/commit/4c156a80375c01433cdd00546c6278edb0bb6025
Conflict:NA
The problem was introduced by commit 879945f
---
tests/unittests/config/test_cc_set_passwords.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/unittests/config/test_cc_set_passwords.py b/tests/unittests/config/test_cc_set_passwords.py
index 73cb3d490..c068f62d8 100644
--- a/tests/unittests/config/test_cc_set_passwords.py
+++ b/tests/unittests/config/test_cc_set_passwords.py
@@ -566,7 +566,7 @@ class TestRandUserPassword:
[
any(c.islower() for c in str),
any(c.isupper() for c in str),
- any(c.isupper() for c in str),
+ any(c.isdigit() for c in str),
any(c in string.punctuation for c in str),
]
)
--
2.33.0

140
backport-test-openstack-Test-bond-mac-address.patch Normal file
View File

@ -0,0 +1,140 @@
From f8f9d19409fcbda32e119a5514fd5185bcd88b79 Mon Sep 17 00:00:00 2001
From: Brett Holman <brett.holman@canonical.com>
Date: Thu, 27 Jun 2024 11:56:58 -0600
Subject: [PATCH] test(openstack): Test bond mac address (#5369)
---
.../sources/helpers/test_openstack.py | 120 ++++++++++++++++++
1 file changed, 120 insertions(+)
diff --git a/tests/unittests/sources/helpers/test_openstack.py b/tests/unittests/sources/helpers/test_openstack.py
index 4d85ec3c6..312d66a01 100644
--- a/tests/unittests/sources/helpers/test_openstack.py
+++ b/tests/unittests/sources/helpers/test_openstack.py
@@ -112,3 +112,123 @@ class TestConvertNetJson:
assert expected == openstack.convert_net_json(
network_json=net_json, known_macs=macs
)
+
+ def test_bond_mac(self):
+ """Verify the bond mac address is assigned correctly."""
+ network_json = {
+ "links": [
+ {
+ "id": "ens1f0np0",
+ "name": "ens1f0np0",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ },
+ {
+ "id": "ens1f1np1",
+ "name": "ens1f1np1",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ },
+ {
+ "id": "bond0",
+ "name": "bond0",
+ "type": "bond",
+ "bond_links": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ "bond_miimon": 100,
+ },
+ {
+ "id": "bond0.123",
+ "name": "bond0.123",
+ "type": "vlan",
+ "vlan_link": "bond0",
+ "vlan_id": 123,
+ "vlan_mac_address": "xx:xx:xx:xx:xx:00",
+ },
+ ],
+ "networks": [
+ {
+ "id": "publicnet-ipv4",
+ "type": "ipv4",
+ "link": "bond0.123",
+ "ip_address": "x.x.x.x",
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "network": "0.0.0.0",
+ "netmask": "0.0.0.0",
+ "gateway": "x.x.x.1",
+ }
+ ],
+ "network_id": "00000000-0000-0000-0000-000000000000",
+ }
+ ],
+ "services": [{"type": "dns", "address": "1.1.1.1"}],
+ }
+ expected = {
+ "config": [
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ "name": "ens1f0np0",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ "name": "ens1f1np1",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "bond_interfaces": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "name": "bond0",
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "params": {
+ "bond_miimon": 100,
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ },
+ "subnets": [],
+ "type": "bond",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "name": "bond0.123",
+ "subnets": [
+ {
+ "address": "x.x.x.x",
+ "ipv4": True,
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "gateway": "x.x.x.1",
+ "netmask": "0.0.0.0",
+ "network": "0.0.0.0",
+ }
+ ],
+ "type": "static",
+ }
+ ],
+ "type": "vlan",
+ "vlan_id": 123,
+ "vlan_link": "bond0",
+ },
+ {"address": "1.1.1.1", "type": "nameserver"},
+ ],
+ "version": 1,
+ }
+ macs = {
+ "xx:xx:xx:xx:xx:00": "ens1f0np0",
+ "xx:xx:xx:xx:xx:01": "ens1f1np1",
+ }
+ assert expected == openstack.convert_net_json(
+ network_json=network_json, known_macs=macs
+ )
--
2.27.0

36
cloud-init-22.1-no-override-default-network.patch
View File

@ -1,36 +0,0 @@
From 5514d5922cbc92278868bfea587c4207619d81fc Mon Sep 17 00:00:00 2001
From: Eduardo Otubo <otubo@redhat.com>
Date: Thu, 3 Dec 2020 12:34:01 +0100
Subject: [PATCH 3/3] Don't override default network configuration
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
---
cloudinit/net/sysconfig.py | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index d934f66..8a60c95 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -1025,7 +1025,17 @@ class Renderer(renderer.Renderer):
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
if sysconfig_path.endswith("network"):
util.ensure_dir(os.path.dirname(sysconfig_path))
- netcfg = [_make_header(), "NETWORKING=yes"]
+ # Make sure that existing lines, other than overriding ones, remain
+ netcfg = []
+ for line in util.load_file(sysconfig_path, quiet=True).split('\n'):
+ if 'cloud-init' in line:
+ break
+ if not line.startswith(('NETWORKING=',
+ 'IPV6_AUTOCONF=',
+ 'NETWORKING_IPV6=')):
+ netcfg.append(line)
+ # Now generate the cloud-init portion of sysconfig/network
+ netcfg.extend([_make_header(), 'NETWORKING=yes'])
if network_state.use_ipv6:
netcfg.append("NETWORKING_IPV6=yes")
netcfg.append("IPV6_AUTOCONF=no")
--
2.27.0

48
cloud-init.spec
View File

@ -1,6 +1,6 @@
Name: cloud-init
Version: 23.4.1
Release: 8
Release: 13
Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init
@ -8,7 +8,6 @@ Source0: https://launchpad.net/%{name}/trunk/%{version}/+download/%{name}-%{vers
Source1: cloud-init-tmpfiles.conf
Patch0: cloud-init-22.1-no-override-default-network.patch
Patch2: bugfix-sort-requirements.patch
Patch3: add-variable-to-forbid-tmp-dir.patch
Patch5: Do-not-write-NM_CONTROLLED-no-in-generated-interface-config.patch
@ -29,6 +28,18 @@ Patch6011: backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch
Patch6012: backport-fix-Fall-back-to-cached-local-ds-if-no-valid-ds-foun.patch
Patch6013: backport-fix-openstack-Fix-bond-mac_address-5369.patch
Patch6014: backport-fix-net-klibc-ipconfig-PROTO-compatibility-5437.patch
Patch6015: backport-feat-Ensure-random-passwords-contain-multiple-charac.patch
Patch6016: backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch
Patch6017: backport-fix-properly-handle-blank-lines-in-fstab-5643.patch
Patch6018: backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch
Patch6019: backport-test-openstack-Test-bond-mac-address.patch
Patch6020: backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch
Patch6021: backport-fix-Wait-for-udev-on-openstack-5947.patch
Patch6022: backport-fix-correct-the-path-for-Chef-s-cache-5994.patch
Patch6023: backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch
Patch6024: backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch
Patch6025: backport-net-sysconfig-do-not-remove-all-existing-settings-of.patch
Patch6026: backport-fix-typing-for-rsyslog-power_state_change.patch
Patch9000: do-not-generate-dsa.patch
@ -161,6 +172,39 @@ fi
%exclude /usr/share/doc/*
%changelog
* Fri Mar 21 2025 shixuantong <shixuantong1@huawei.com> - 23.4.1-13
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:net/sysconfig: do not remove all existing settings of /etc/sysconfig/network
fix: typing for rsyslog, ubuntu_pro, power_state_change
* Wed Mar 05 2025 Linux_zhang <zhangruifang@h-partners.com> - 23.4.1-12
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport upstream patches
* Fri Dec 06 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-11
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:chore: set recursive=False for ensure_dir if parent path is "/"
test(openstack): Test bond mac address
fix: Ensure properties for bonded interfaces are properly translated
* Thu Nov 14 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-10
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix: properly handle blank lines in fstab
* Mon Nov 04 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-9
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Ensure random passwords contain multiple character types
* Thu Sep 5 2024 dongyuzhen <dongyuzhen@h-partners.com> - 23.4.1-8
- Type:bugfix
- CVE:NA