packages/cloud-init
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:ab12f717b621f179c6f91bc94d51786bd3fc4c47
Branches Tags
packages:main
...
compare: packages:7c318072dea310151ca7b248baa74b622c66df7f
Branches Tags
packages:main

10 Commits
ab12f717b6 ... 7c318072de

Author SHA1 Message Date
openeuler-ci-bot
7c318072de
!285 [sync] PR-282: backport upstream patches 
From: @openeuler-sync-bot 
Reviewed-by: @hubin95 
Signed-off-by: @hubin95
 2025-03-24 08:58:28 +00:00
Linux_zhang
ba62202f37 backport upstream patches 
(cherry picked from commit 5bed85e0936d1fd9f105d1e2db114efb057b7daf)
 2025-03-24 15:45:50 +08:00
openeuler-ci-bot
62b77b231b
!281 [sync] PR-277: backport upstream patches 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2025-03-06 01:26:12 +00:00
Linux_zhang
d6e192cf20 backport upstream patches 
(cherry picked from commit 5044bad5379cdcd016715e0b9f48781465c8ce31)
 2025-03-05 11:06:22 +08:00
openeuler-ci-bot
5979562c69
!268 [sync] PR-265: sync some patches 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-12-06 08:08:10 +00:00
shixuantong
ca270fa091 sync some patches 
details:
chore: set recursive=False for ensure_dir if parent path is "/"
test(openstack): Test bond mac address
fix: Ensure properties for bonded interfaces are properly translated

(cherry picked from commit 0d2653ae183527e1e92b2b5bbd8dc0679aeada1e)
 2024-12-06 15:08:33 +08:00
openeuler-ci-bot
8696d69127
!262 [sync] PR-258: fix: properly handle blank lines in fstab 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-11-14 03:00:38 +00:00
shixuantong
9d5ff509e1 fix: properly handle blank lines in fstab 
(cherry picked from commit d675a298a11b0e2fc7f2772d3a2a7c8ca91699fe)
 2024-11-14 10:21:42 +08:00
openeuler-ci-bot
b566107f0e
!254 [sync] PR-248: Ensure random passwords contain multiple character types 
From: @openeuler-sync-bot 
Reviewed-by: @znzjugod 
Signed-off-by: @znzjugod
 2024-11-06 07:05:33 +00:00
shixuantong
5b50eb6746 Ensure random passwords contain multiple character types 
(cherry picked from commit 121f546b99037f606ba9f3a4de0f91beb5a6141b)
 2024-11-06 12:01:49 +08:00
14 changed files with 970 additions and 39 deletions
Show Stats Expand all files Collapse all files

59
backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch Normal file
View File

@ -0,0 +1,59 @@
From eb1965a434360b3198768302f4196488d7c2511f Mon Sep 17 00:00:00 2001
From: Bryan Fraschetti <bryan.fraschetti@canonical.com>
Date: Mon, 3 Feb 2025 16:13:19 -0500
Subject: [PATCH] Fix: GCE _get_data crashes if DHCP lease fails (#5998)
This commit addresses issue #5997 which reported crashes in init-local
when cloud-init was examining GCELocal as a potential datasource. When
all NICs failed at DHCP discovery cloud-init attempts to log the events
by dereferencing a value that was never assigned.
This commit modifies the _get_data function of DataSourceGCE.py by
adding an empty dictionary definition for the ret variable at the
top level of the function and some debugging logs when a candidate NIC
fails to obtain a DHCP lease. At the same time, the commit replaces the
direct key access operator on ret with the safe lookup method get(). This
commit also adds a unit test that mocks the observed situation.
Reference:https://github.com/canonical/cloud-init/commit/eb1965a434360b3198768302f4196488d7c2511f
Conflict:not change test_gce.py (M_PATH and net.find_candidate_nics doesn't exist)
Fixes GH-5997
---
cloudinit/sources/DataSourceGCE.py | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/cloudinit/sources/DataSourceGCE.py b/cloudinit/sources/DataSourceGCE.py
index 9f838bd..53b686f 100644
--- a/cloudinit/sources/DataSourceGCE.py
+++ b/cloudinit/sources/DataSourceGCE.py
@@ -73,19 +73,20 @@ class DataSourceGCE(sources.DataSource):
def _get_data(self):
url_params = self.get_url_params()
+ ret = {}
ret = util.log_time(
LOG.debug, 'Crawl of GCE metadata service',
read_md, kwargs={'address': self.metadata_address,
'url_params': url_params})
- if not ret['success']:
- if ret['platform_reports_gce']:
- LOG.warning(ret['reason'])
+ if not ret.get("success"):
+ if ret.get("platform_reports_gce"):
+ LOG.warning(ret.get("reason"))
else:
- LOG.debug(ret['reason'])
+ LOG.debug(ret.get("reason"))
return False
- self.metadata = ret['meta-data']
- self.userdata_raw = ret['user-data']
+ self.metadata = ret.get("meta-data")
+ self.userdata_raw = ret.get("user-data")
return True
@property
--
2.33.0

33
backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch Normal file
View File

@ -0,0 +1,33 @@
From b3120f7fefbb772b8fd5f5e8d32ee5377d4aa5cf Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Wed, 13 Nov 2024 23:15:39 +0800
Subject: [PATCH] chore: set recursive=False for ensure_dir if parent path is
"/" (#5816)
Reference:https://github.com/canonical/cloud-init/commit/b3120f7fefbb772b8fd5f5e8d32ee5377d4aa5cf
Conflict:NA
---
cloudinit/util.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 8025f4d51..e2f04a402 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1884,7 +1884,11 @@ def ensure_dir(path, mode=None, user=None, group=None):
# Get non existed parent dir first before they are created.
non_existed_parent_dir = get_non_exist_parent_dir(path)
# Make the dir and adjust the mode
- with SeLinuxGuard(os.path.dirname(path), recursive=True):
+ dir_name = os.path.dirname(path)
+ selinux_recursive = True
+ if dir_name == "/":
+ selinux_recursive = False
+ with SeLinuxGuard(dir_name, recursive=selinux_recursive):
os.makedirs(path)
chmod(path, mode)
# Change the ownership
--
2.33.0

147
backport-feat-Ensure-random-passwords-contain-multiple-charac.patch Normal file
View File

@ -0,0 +1,147 @@
From 879945f56103d937a7fee84bfe7662dc2a5be708 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Thu, 17 Oct 2024 20:45:07 +0800
Subject: [PATCH] feat: Ensure random passwords contain multiple character
types (#5815)
Reference:https://github.com/canonical/cloud-init/commit/879945f56103d937a7fee84bfe7662dc2a5be708
Conflict:(1)change cloudinit/config/tests/test_set_passwords.py not tests/unittests/config/test_cc_set_passwords.py
(2)add "import pytest" for test_set_passwords.py
The complexity of the random password generated by the
rand_user_password() method may not meet the security configuration
requirements of the system authentication module. This can cause
chpasswd to fail.
This commit ensures we generate a password using 4 different character
classes.
Fixes GH-5814
Co-authored-by: James Falcon <james.falcon@canonical.com>
---
cloudinit/config/cc_set_passwords.py | 35 +++++++++++++----
cloudinit/config/tests/test_set_passwords.py | 40 ++++++++++++++++++++
2 files changed, 68 insertions(+), 7 deletions(-)
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
index 3843aaf..6fe2ba3 100755
--- a/cloudinit/config/cc_set_passwords.py
+++ b/cloudinit/config/cc_set_passwords.py
@@ -78,6 +78,8 @@ password.
"""
import re
+import random
+import string
from cloudinit.distros import ug_util
from cloudinit import log as logging
@@ -85,14 +87,8 @@ from cloudinit.ssh_util import update_ssh_config
from cloudinit import subp
from cloudinit import util
-from string import ascii_letters, digits
-
LOG = logging.getLogger(__name__)
-# We are removing certain 'painful' letters/numbers
-PW_SET = (''.join([x for x in ascii_letters + digits
- if x not in 'loLOI01']))
-
def handle_ssh_pwauth(pw_auth, distro):
"""Apply sshd PasswordAuthentication changes.
@@ -230,7 +226,32 @@ def handle(_name, cfg, cloud, log, args):
def rand_user_password(pwlen=20):
- return util.rand_str(pwlen, select_from=PW_SET)
+ if pwlen < 4:
+ raise ValueError("Password length must be at least 4 characters.")
+
+ # There are often restrictions on the minimum number of character
+ # classes required in a password, so ensure we at least one character
+ # from each class.
+ res_rand_list = [
+ random.choice(string.digits),
+ random.choice(string.ascii_lowercase),
+ random.choice(string.ascii_uppercase),
+ random.choice(string.punctuation),
+ ]
+
+ res_rand_list.extend(
+ list(
+ util.rand_str(
+ pwlen - len(res_rand_list),
+ select_from=string.digits
+ + string.ascii_lowercase
+ + string.ascii_uppercase
+ + string.punctuation,
+ )
+ )
+ )
+ random.shuffle(res_rand_list)
+ return "".join(res_rand_list)
def chpasswd(distro, plist_in, hashed=False):
diff --git a/cloudinit/config/tests/test_set_passwords.py b/cloudinit/config/tests/test_set_passwords.py
index 79118a1..9703a4b 100644
--- a/cloudinit/config/tests/test_set_passwords.py
+++ b/cloudinit/config/tests/test_set_passwords.py
@@ -1,5 +1,8 @@
# This file is part of cloud-init. See LICENSE file for license information.
+import string
+import pytest
+
from unittest import mock
from cloudinit.config import cc_set_passwords as setpass
@@ -167,4 +170,41 @@ class TestSetPasswordsHandle(CiTestCase):
self.fail("Password not emitted to console")
+class TestRandUserPassword:
+ def _get_str_class_num(self, str):
+ return sum(
+ [
+ any(c.islower() for c in str),
+ any(c.isupper() for c in str),
+ any(c.isupper() for c in str),
+ any(c in string.punctuation for c in str),
+ ]
+ )
+
+ @pytest.mark.parametrize(
+ "strlen, expected_result",
+ [
+ (1, ValueError),
+ (2, ValueError),
+ (3, ValueError),
+ (4, 4),
+ (5, 4),
+ (5, 4),
+ (6, 4),
+ (20, 4),
+ ],
+ )
+ def test_rand_user_password(self, strlen, expected_result):
+ if expected_result is ValueError:
+ with pytest.raises(
+ expected_result,
+ match="Password length must be at least 4 characters.",
+ ):
+ setpass.rand_user_password(strlen)
+ else:
+ rand_password = setpass.rand_user_password(strlen)
+ assert len(rand_password) == strlen
+ assert self._get_str_class_num(rand_password) == expected_result
+
+
# vi: ts=4 expandtab
--
2.33.0

64
backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch Normal file
View File

@ -0,0 +1,64 @@
From b45d66a03659f8e4780b6b55e51edcbd2f6f012d Mon Sep 17 00:00:00 2001
From: MKhatibzadeh <32599707+masihkhatibzadeh99@users.noreply.github.com>
Date: Fri, 7 Feb 2025 18:13:43 +0330
Subject: [PATCH] fix: Ensure fqdn is treated as string in get_hostname_fqdn
(#5993)
Explicitly cast fqdn to a string before processing.
Reference:https://github.com/canonical/cloud-init/commit/b45d66a03659f8e4780b6b55e51edcbd2f6f012d
Conflict:(1)delete ", _" for util.get_hostname_fqdn() result in new test, refer to commit 74e4349
(2)not change .github-cla-signers
(3)change cloudinit/tests/test_util.py not tests/unittests/test_util.py
Fixes GH-5989
Co-authored-by: masih.khatibzdeh <masih.khatibzadeh@snapp.cab>
---
cloudinit/util.py | 2 +-
cloudinit/tests/test_util.py | 16 ++++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/cloudinit/util.py b/cloudinit/util.py
index e380848..70e0b76 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1027,7 +1027,7 @@ def get_hostname_fqdn(cfg, cloud, metadata_only=False):
"""
if "fqdn" in cfg:
# user specified a fqdn. Default hostname then is based off that
- fqdn = cfg['fqdn']
+ fqdn = str(cfg["fqdn"])
hostname = get_cfg_option_str(cfg, "hostname", fqdn.split('.')[0])
else:
if "hostname" in cfg and cfg['hostname'].find('.') > 0:
diff --git a/cloudinit/tests/test_util.py b/cloudinit/tests/test_util.py
index 5fb2508..a51de4d 100644
--- a/cloudinit/tests/test_util.py
+++ b/cloudinit/tests/test_util.py
@@ -448,6 +448,22 @@ class TestGetHostnameFqdn(CiTestCase):
[{'fqdn': True, 'metadata_only': False},
{'metadata_only': False}], mycloud.calls)
+ def test_get_hostname_fqdn_from_numeric_fqdn(self):
+ """When cfg fqdn is numeric, ensure it is treated as a string."""
+ hostname, fqdn = util.get_hostname_fqdn(
+ cfg={"fqdn": 12345}, cloud=None
+ )
+ self.assertEqual("12345", hostname)
+ self.assertEqual("12345", fqdn)
+
+ def test_get_hostname_fqdn_from_numeric_fqdn_with_domain(self):
+ """When cfg fqdn is numeric with a domain, ensure correct parsing."""
+ hostname, fqdn = util.get_hostname_fqdn(
+ cfg={"fqdn": "12345.example.com"}, cloud=None
+ )
+ self.assertEqual("12345", hostname)
+ self.assertEqual("12345.example.com", fqdn)
+
def test_get_hostname_fqdn_from_passes_metadata_only_to_cloud(self):
"""Calls to cloud.get_hostname pass the metadata_only parameter."""
mycloud = FakeCloud('cloudhost', 'cloudhost.mycloud.com')
--
2.33.0

64
backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch Normal file
View File

@ -0,0 +1,64 @@
From 371b2362bbd78ce53cd1b8f69d55db5855434e61 Mon Sep 17 00:00:00 2001
From: Curt Moore <curt.moore@garmin.com>
Date: Tue, 4 Jun 2024 12:45:32 -0500
Subject: [PATCH] fix: Ensure properties for bonded interfaces are properly
translated (#5367)
Reference:https://github.com/canonical/cloud-init/commit/371b2362bbd78ce53cd1b8f69d55db5855434e61
Conflict:test_openstack.py in cloudinit/sources/helpers/tests dir not
tests/unittests/sources/helpers.
There is a discrepancy between the properties key name formatting in
the OpenStack network_data.json and cloudinit network-config.json
specifications. Ensure `bond_` is translated to `bond-` when the
OpenStack configuration is parsed by cloudinit.
Fixes GH-5366
Co-authored-by: Alberto Contreras <alberto.contreras@canonical.com>
---
cloudinit/sources/helpers/openstack.py | 9 ++++++++-
cloudinit/sources/helpers/tests/test_openstack.py | 6 +++---
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index bd5714f..51e491f 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -637,7 +637,14 @@ def convert_net_json(network_json=None, known_macs=None):
if k == 'bond_links':
continue
elif k.startswith('bond'):
- params.update({k: v})
+ # There is a difference in key name formatting for
+ # bond parameters in the cloudinit and OpenStack
+ # network schemas. The keys begin with 'bond-' in the
+ # cloudinit schema but 'bond_' in OpenStack
+ # network_data.json schema. Translate them to what
+ # is expected by cloudinit.
+ translated_key = "bond-{}".format(k.split("bond_", 1)[-1])
+ params.update({translated_key: v})
# openstack does not provide a name for the bond.
# they do provide an 'id', but that is possibly non-sensical.
diff --git a/cloudinit/sources/helpers/tests/test_openstack.py b/cloudinit/sources/helpers/tests/test_openstack.py
index 8468cc3..2dfab85 100644
--- a/cloudinit/sources/helpers/tests/test_openstack.py
+++ b/cloudinit/sources/helpers/tests/test_openstack.py
@@ -128,9 +128,9 @@ class TestConvertNetJson(test_helpers.CiTestCase):
"name": "bond0",
"mac_address": "xx:xx:xx:xx:xx:00",
"params": {
- "bond_miimon": 100,
- "bond_mode": "802.3ad",
- "bond_xmit_hash_policy": "layer3+4",
+ "bond-miimon": 100,
+ "bond-mode": "802.3ad",
+ "bond-xmit_hash_policy": "layer3+4",
},
"subnets": [],
"type": "bond",
--
2.33.0

57
backport-fix-Wait-for-udev-on-openstack-5947.patch Normal file
View File

@ -0,0 +1,57 @@
From 7f09102ad601cb5225fa0ffe280d77a75f435e93 Mon Sep 17 00:00:00 2001
From: Robert Schweikert <rjschwei@suse.com>
Date: Tue, 7 Jan 2025 15:59:26 -0500
Subject: [PATCH] fix: Wait for udev on openstack (#5947)
It is possible that we outrun udev and when we try to enumerate the macs
any given mac may not yet be present. If we detect the condition give
udev a chance to catch up and check the system macs again before
triggering an error.
Reference:https://github.com/canonical/cloud-init/commit/7f09102ad601cb5225fa0ffe280d77a75f435e93
Conflict:test format diff.
Fixes GH-4125
---
cloudinit/sources/helpers/openstack.py | 6 +++++-
tests/unittests/test_datasource/test_configdrive.py | 7 +++++--
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index 51e491f..2adbf5f 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -702,7 +702,11 @@ def convert_net_json(network_json=None, known_macs=None):
if not mac:
raise ValueError("No mac_address or name entry for %s" % d)
if mac not in known_macs:
- raise ValueError("Unable to find a system nic for %s" % d)
+ # Let's give udev a chance to catch up
+ util.udevadm_settle()
+ known_macs = net.get_interfaces_by_mac()
+ if mac not in known_macs:
+ raise ValueError("Unable to find a system nic for %s" % d)
d['name'] = known_macs[mac]
for cfg, key, fmt, targets in link_updates:
diff --git a/tests/unittests/test_datasource/test_configdrive.py b/tests/unittests/test_datasource/test_configdrive.py
index 5109723..f6ef537 100644
--- a/tests/unittests/test_datasource/test_configdrive.py
+++ b/tests/unittests/test_datasource/test_configdrive.py
@@ -694,8 +694,11 @@ class TestConvertNetworkData(CiTestCase):
def test_convert_raises_value_error_on_missing_name(self):
macs = {'aa:aa:aa:aa:aa:00': 'ens1'}
- self.assertRaises(ValueError, openstack.convert_net_json,
- NETWORK_DATA, known_macs=macs)
+ with mock.patch(
+ "cloudinit.sources.helpers.openstack.util.udevadm_settle"
+ ):
+ self.assertRaises(ValueError, openstack.convert_net_json,
+ NETWORK_DATA, known_macs=macs)
def test_conversion_with_route(self):
ncfg = openstack.convert_net_json(NETWORK_DATA_2,
--
2.33.0

57
backport-fix-correct-the-path-for-Chef-s-cache-5994.patch Normal file
View File

@ -0,0 +1,57 @@
From a0ebb8d35e41bae075a0762b7002bc4e6a2b6269 Mon Sep 17 00:00:00 2001
From: MostafaTarek124eru
<48182100+MostafaTarek124eru@users.noreply.github.com>
Date: Mon, 3 Feb 2025 22:03:51 +0200
Subject: [PATCH] fix: correct the path for Chef's cache (#5994)
Corrected the path for chef cache in cc_chef, schema-cloud-config-v1,
and test_cc_chef.
Reference:https://github.com/canonical/cloud-init/commit/a0ebb8d35e41bae075a0762b7002bc4e6a2b6269
Conflict:(1)not change schema-cloud-config-v1.json and .github-cla-signers
(2)change test_handler_chef.py not test_cc_chef.py for test
Fixes GH-5090
---
cloudinit/config/cc_chef.py | 4 ++--
tests/unittests/test_handler/test_handler_chef.py | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
index cb9fe12..21c87e9 100644
--- a/cloudinit/config/cc_chef.py
+++ b/cloudinit/config/cc_chef.py
@@ -29,7 +29,7 @@ CHEF_DIRS = tuple([
'/etc/chef',
'/var/log/chef',
'/var/lib/chef',
- '/var/cache/chef',
+ '/var/chef/cache',
'/var/backups/chef',
'/var/run/chef',
])
@@ -55,7 +55,7 @@ CHEF_RB_TPL_DEFAULTS = {
'validation_cert': None,
'client_key': '/etc/chef/client.pem',
'json_attribs': CHEF_FB_PATH,
- 'file_cache_path': '/var/cache/chef',
+ 'file_cache_path': '/var/chef/cache',
'file_backup_path': '/var/backups/chef',
'pid_file': '/var/run/chef/client.pid',
'show_time': True,
diff --git a/tests/unittests/test_handler/test_handler_chef.py b/tests/unittests/test_handler/test_handler_chef.py
index 0672ceb..b1d7ff9 100644
--- a/tests/unittests/test_handler/test_handler_chef.py
+++ b/tests/unittests/test_handler/test_handler_chef.py
@@ -132,7 +132,7 @@ class TestChef(FilesystemMockingTestCase):
environment "_default"
node_name "iid-datasource-none"
json_attribs "/etc/chef/firstboot.json"
- file_cache_path "/var/cache/chef"
+ file_cache_path "/var/chef/cache"
file_backup_path "/var/backups/chef"
pid_file "/var/run/chef/client.pid"
Chef::Log::Formatter.show_time = true
--
2.33.0

32
backport-fix-properly-handle-blank-lines-in-fstab-5643.patch Normal file
View File

@ -0,0 +1,32 @@
From 93f30bbfcb073fd8213c18c2e7eb7f857234fc8a Mon Sep 17 00:00:00 2001
From: James Falcon <james.falcon@canonical.com>
Date: Thu, 29 Aug 2024 18:22:23 -0400
Subject: [PATCH] fix: properly handle blank lines in fstab (#5643)
Reference:https://github.com/canonical/cloud-init/commit/93f30bbfcb073fd8213c18c2e7eb7f857234fc8a
Conflict:(1)not change test, the corresponding test case does not exist.
(2)change handle() not parse_fstab(), diff commit is d15a770.
---
cloudinit/config/cc_mounts.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/cloudinit/config/cc_mounts.py b/cloudinit/config/cc_mounts.py
index 2d645b3..f97b870 100644
--- a/cloudinit/config/cc_mounts.py
+++ b/cloudinit/config/cc_mounts.py
@@ -384,8 +384,9 @@ def handle(_name, cfg, cloud, log, _args):
toks = WS.split(line)
except Exception:
pass
- fstab_devs[toks[0]] = line
- fstab_lines.append(line)
+ if toks:
+ fstab_devs[toks[0]] = line
+ fstab_lines.append(line)
device_aliases = cfg.get("device_aliases", {})
--
2.33.0

67
backport-fix-typing-for-rsyslog-ubuntu_pro-power_state_change.patch Normal file
View File

@ -0,0 +1,67 @@
From 2b7d9636b303ad212d1a446ab59636c5cd75dd4a Mon Sep 17 00:00:00 2001
From: MostafaTarek124eru
<48182100+MostafaTarek124eru@users.noreply.github.com>
Date: Tue, 11 Feb 2025 00:54:01 +0200
Subject: [PATCH] fix: typing for rsyslog, ubuntu_pro, power_state_change
(#5985)
Conflict: (1) not change
cloudinit/config/cc_ubuntu_pro.py,pyproject.toml,tests/unittests/config/test_cc_rsyslog.py
and tests/unittests/config/test_cc_ubuntu_pro.py
(2) change test_handler/test_handler_power_state.py not
config/test_cc_power_state_change.py
---
cloudinit/config/cc_power_state_change.py | 5 ++++-
cloudinit/config/cc_rsyslog.py | 5 +----
tests/unittests/test_handler/test_handler_power_state.py | 2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/cloudinit/config/cc_power_state_change.py b/cloudinit/config/cc_power_state_change.py
index 5780a7e..9665e9a 100644
--- a/cloudinit/config/cc_power_state_change.py
+++ b/cloudinit/config/cc_power_state_change.py
@@ -78,7 +78,10 @@ def givecmdline(pid):
(output, _err) = subp.subp(['procstat', '-c', str(pid)])
line = output.splitlines()[1]
m = re.search(r'\d+ (\w|\.|-)+\s+(/\w.+)', line)
- return m.group(2)
+ if m:
+ return m.group(2)
+ else:
+ return None
else:
return util.load_file("/proc/%s/cmdline" % pid)
except IOError:
diff --git a/cloudinit/config/cc_rsyslog.py b/cloudinit/config/cc_rsyslog.py
index dd2bbd0..b27a54c 100644
--- a/cloudinit/config/cc_rsyslog.py
+++ b/cloudinit/config/cc_rsyslog.py
@@ -333,10 +333,7 @@ class SyslogRemotesLine(object):
self.proto = proto
self.addr = addr
- if port:
- self.port = int(port)
- else:
- self.port = None
+ self.port = int(port) if port is not None else None
def validate(self):
if self.port:
diff --git a/tests/unittests/test_handler/test_handler_power_state.py b/tests/unittests/test_handler/test_handler_power_state.py
index 4ac4942..ed953d0 100644
--- a/tests/unittests/test_handler/test_handler_power_state.py
+++ b/tests/unittests/test_handler/test_handler_power_state.py
@@ -42,7 +42,7 @@ class TestLoadPowerState(t_help.TestCase):
self.assertRaises(TypeError, psc.load_power_state, cfg, self.dist)
def test_valid_modes(self):
- cfg = {'power_state': {}}
+ cfg: dict = {"power_state": {}}
for mode in ('halt', 'poweroff', 'reboot'):
cfg['power_state']['mode'] = mode
check_lps_ret(psc.load_power_state(cfg, self.dist), mode=mode)
--
2.33.0

144
backport-net-sysconfig-do-not-remove-all-existing-settings-of.patch Normal file
View File

@ -0,0 +1,144 @@
From fa331315d22f4bbe33320485e89a02bb2f695fbf Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Sat, 15 Feb 2025 01:54:31 +0530
Subject: [PATCH] net/sysconfig: do not remove all existing settings of
/etc/sysconfig/network (#5991)
Conflict:(1) use util.load_file not util.load_text_file in
render_network_state().
(2)test format diff.
In some distros, /etc/sysconfig/network may have important
configurations that
are necessary for the instance to come up. For example, centos based
distros
write NOZEROCONF=yes in /etc/sysconfig/network for some instances that
require
zeroconf to be disabled. Removing these customizations would prevent the
instance to come up. So leave the customizations in
/etc/sysconfig/network
intact except those that we are interested in.
Fixes GH-5990
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/sysconfig.py | 18 ++++++
.../unittests/test_distros/test_netconfig.py | 63 ++++++++++++++++++-
2 files changed, 78 insertions(+), 3 deletions(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index 7135ecf..c030e41 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -970,6 +970,24 @@ class Renderer(renderer.Renderer):
if network_state.use_ipv6:
netcfg.append('NETWORKING_IPV6=yes')
netcfg.append('IPV6_AUTOCONF=no')
+
+ # if sysconfig file exists and is not empty, append rest of the
+ # file content, do not remove the exsisting customizations.
+ if os.path.exists(sysconfig_path):
+ for line in util.load_file(sysconfig_path).splitlines():
+ if (
+ not any(
+ setting in line
+ for setting in [
+ "NETWORKING",
+ "NETWORKING_IPV6",
+ "IPV6_AUTOCONF",
+ ]
+ )
+ and line not in _make_header().splitlines()
+ ):
+ netcfg.append(line)
+
util.write_file(sysconfig_path,
"\n".join(netcfg) + "\n", file_mode)
diff --git a/tests/unittests/test_distros/test_netconfig.py b/tests/unittests/test_distros/test_netconfig.py
index 3f82d54..69cc26f 100644
--- a/tests/unittests/test_distros/test_netconfig.py
+++ b/tests/unittests/test_distros/test_netconfig.py
@@ -528,12 +528,17 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
def control_path(self):
return '/etc/sysconfig/network'
- def _apply_and_verify(self, apply_fn, config, expected_cfgs=None,
- bringup=False):
+ def _apply_and_verify(
+ self,
+ apply_fn,
+ config,
+ expected_cfgs=None,
+ bringup=False,
+ tmpd=None,
+ ):
if not expected_cfgs:
raise ValueError('expected_cfg must not be None')
- tmpd = None
with mock.patch('cloudinit.net.sysconfig.available') as m_avail:
m_avail.return_value = True
with self.reRooted(tmpd) as tmpd:
@@ -606,6 +611,58 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
V1_NET_CFG_IPV6,
expected_cfgs=expected_cfgs.copy())
+ def test_sysconfig_network_no_overwite_ipv6_rh(self):
+ expected_cfgs = {
+ self.ifcfg_path("eth0"): dedent(
+ """\
+ BOOTPROTO=none
+ DEFROUTE=yes
+ DEVICE=eth0
+ IPV6ADDR=2607:f0d0:1002:0011::2/64
+ IPV6INIT=yes
+ IPV6_AUTOCONF=no
+ IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
+ IPV6_FORCE_ACCEPT_RA=no
+ ONBOOT=yes
+ TYPE=Ethernet
+ USERCTL=no
+ """
+ ),
+ self.ifcfg_path("eth1"): dedent(
+ """\
+ BOOTPROTO=dhcp
+ DEVICE=eth1
+ ONBOOT=yes
+ TYPE=Ethernet
+ USERCTL=no
+ """
+ ),
+ self.control_path(): dedent(
+ """\
+ NETWORKING=yes
+ NETWORKING_IPV6=yes
+ IPV6_AUTOCONF=no
+ NOZEROCONF=yes
+ """
+ ),
+ }
+ tmpdir = self.tmp_dir()
+ file_mode = 0o644
+ # pre-existing config in /etc/sysconfig/network should not be removed
+ with self.reRooted(tmpdir) as tmpdir:
+ util.write_file(
+ self.control_path(),
+ "".join("NOZEROCONF=yes") + "\n",
+ file_mode,
+ )
+
+ self._apply_and_verify(
+ self.distro.apply_network_config,
+ V1_NET_CFG_IPV6,
+ expected_cfgs=expected_cfgs.copy(),
+ tmpd=tmpdir,
+ )
+
def test_vlan_render_unsupported(self):
"""Render officially unsupported vlan names."""
cfg = {
--
2.33.0

31
backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch Normal file
View File

@ -0,0 +1,31 @@
From 4c156a80375c01433cdd00546c6278edb0bb6025 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Mon, 21 Oct 2024 23:40:25 +0800
Subject: [PATCH] test: Fix duplicate judgment conditions in password
generation (#5835)
Reference:https://github.com/canonical/cloud-init/commit/4c156a80375c01433cdd00546c6278edb0bb6025
Conflict:NA
The problem was introduced by commit 879945f
---
cloudinit/config/tests/test_set_passwords.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cloudinit/config/tests/test_set_passwords.py b/cloudinit/config/tests/test_set_passwords.py
index 73cb3d490..c068f62d8 100644
--- a/cloudinit/config/tests/test_set_passwords.py
+++ b/cloudinit/config/tests/test_set_passwords.py
@@ -566,7 +566,7 @@ class TestRandUserPassword:
[
any(c.islower() for c in str),
any(c.isupper() for c in str),
- any(c.isupper() for c in str),
+ any(c.isdigit() for c in str),
any(c in string.punctuation for c in str),
]
)
--
2.33.0

144
backport-test-openstack-Test-bond-mac-address.patch Normal file
View File

@ -0,0 +1,144 @@
From f8f9d19409fcbda32e119a5514fd5185bcd88b79 Mon Sep 17 00:00:00 2001
From: Brett Holman <brett.holman@canonical.com>
Date: Thu, 27 Jun 2024 11:56:58 -0600
Subject: [PATCH] test(openstack): Test bond mac address (#5369)
Reference:https://github.com/canonical/cloud-init/commit/f8f9d19409fcbda32e119a5514fd5185bcd88b79
Conflict:NA
---
.../sources/helpers/tests/test_openstack.py | 121 ++++++++++++++++++
1 file changed, 121 insertions(+)
diff --git a/cloudinit/sources/helpers/tests/test_openstack.py b/cloudinit/sources/helpers/tests/test_openstack.py
index 95fb974..8468cc3 100644
--- a/cloudinit/sources/helpers/tests/test_openstack.py
+++ b/cloudinit/sources/helpers/tests/test_openstack.py
@@ -47,3 +47,124 @@ class TestConvertNetJson(test_helpers.CiTestCase):
expected,
openstack.convert_net_json(network_json=net_json,
known_macs=macs))
+
+
+ def test_bond_mac(self):
+ """Verify the bond mac address is assigned correctly."""
+ network_json = {
+ "links": [
+ {
+ "id": "ens1f0np0",
+ "name": "ens1f0np0",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ },
+ {
+ "id": "ens1f1np1",
+ "name": "ens1f1np1",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ },
+ {
+ "id": "bond0",
+ "name": "bond0",
+ "type": "bond",
+ "bond_links": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ "bond_miimon": 100,
+ },
+ {
+ "id": "bond0.123",
+ "name": "bond0.123",
+ "type": "vlan",
+ "vlan_link": "bond0",
+ "vlan_id": 123,
+ "vlan_mac_address": "xx:xx:xx:xx:xx:00",
+ },
+ ],
+ "networks": [
+ {
+ "id": "publicnet-ipv4",
+ "type": "ipv4",
+ "link": "bond0.123",
+ "ip_address": "x.x.x.x",
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "network": "0.0.0.0",
+ "netmask": "0.0.0.0",
+ "gateway": "x.x.x.1",
+ }
+ ],
+ "network_id": "00000000-0000-0000-0000-000000000000",
+ }
+ ],
+ "services": [{"type": "dns", "address": "1.1.1.1"}],
+ }
+ expected = {
+ "config": [
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ "name": "ens1f0np0",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ "name": "ens1f1np1",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "bond_interfaces": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "name": "bond0",
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "params": {
+ "bond_miimon": 100,
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ },
+ "subnets": [],
+ "type": "bond",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "name": "bond0.123",
+ "subnets": [
+ {
+ "address": "x.x.x.x",
+ "ipv4": True,
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "gateway": "x.x.x.1",
+ "netmask": "0.0.0.0",
+ "network": "0.0.0.0",
+ }
+ ],
+ "type": "static",
+ }
+ ],
+ "type": "vlan",
+ "vlan_id": 123,
+ "vlan_link": "bond0",
+ },
+ {"address": "1.1.1.1", "type": "nameserver"},
+ ],
+ "version": 1,
+ }
+ macs = {
+ "xx:xx:xx:xx:xx:00": "ens1f0np0",
+ "xx:xx:xx:xx:xx:01": "ens1f1np1",
+ }
+ assert expected == openstack.convert_net_json(
+ network_json=network_json, known_macs=macs
+ )
--
2.33.0

36
cloud-init-20.4-no-override-default-network.patch
View File

@ -1,36 +0,0 @@
From 5514d5922cbc92278868bfea587c4207619d81fc Mon Sep 17 00:00:00 2001
From: Eduardo Otubo <otubo@redhat.com>
Date: Thu, 3 Dec 2020 12:34:01 +0100
Subject: [PATCH 3/3] Don't override default network configuration
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
---
cloudinit/net/sysconfig.py | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
index 9c822c3e..a240f65e 100644
--- a/cloudinit/net/sysconfig.py
+++ b/cloudinit/net/sysconfig.py
@@ -918,7 +918,17 @@ class Renderer(renderer.Renderer):
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
if sysconfig_path.endswith('network'):
util.ensure_dir(os.path.dirname(sysconfig_path))
- netcfg = [_make_header(), 'NETWORKING=yes']
+ # Make sure that existing lines, other than overriding ones, remain
+ netcfg = []
+ for line in util.load_file(sysconfig_path, quiet=True).split('\n'):
+ if 'cloud-init' in line:
+ break
+ if not line.startswith(('NETWORKING=',
+ 'IPV6_AUTOCONF=',
+ 'NETWORKING_IPV6=')):
+ netcfg.append(line)
+ # Now generate the cloud-init portion of sysconfig/network
+ netcfg.extend([_make_header(), 'NETWORKING=yes'])
if network_state.use_ipv6:
netcfg.append('NETWORKING_IPV6=yes')
netcfg.append('IPV6_AUTOCONF=no')
--
2.27.0

74
cloud-init.spec
View File

@ -1,6 +1,6 @@
Name: cloud-init
Version: 21.4
Release: 29
Release: 34
Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init
@ -9,7 +9,6 @@ Source0: https://launchpad.net/%{name}/trunk/%{version}/+download/%{name}-%{vers
Source1: cloud-init-tmpfiles.conf
Patch0: cloud-init-20.4-nm-controlled.patch
Patch1: cloud-init-20.4-no-override-default-network.patch
Patch2: bugfix-cloud-init-add-os-support.patch
Patch3: bugfix-sort-requirements.patch
Patch4: add-variable-to-forbid-tmp-dir.patch
@ -81,6 +80,18 @@ Patch6046: backport-fix-net-Make-duplicate-route-add-succeed.-5343.patch
Patch6047: backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch
Patch6048: backport-fix-openstack-Fix-bond-mac_address-5369.patch
Patch6049: backport-fix-net-klibc-ipconfig-PROTO-compatibility-5437.patch
Patch6050: backport-feat-Ensure-random-passwords-contain-multiple-charac.patch
Patch6051: backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch
Patch6052: backport-fix-properly-handle-blank-lines-in-fstab-5643.patch
Patch6053: backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch
Patch6054: backport-test-openstack-Test-bond-mac-address.patch
Patch6055: backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch
Patch6056: backport-fix-Wait-for-udev-on-openstack-5947.patch
Patch6057: backport-fix-correct-the-path-for-Chef-s-cache-5994.patch
Patch6058: backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch
Patch6059: backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch
Patch6060: backport-net-sysconfig-do-not-remove-all-existing-settings-of.patch
Patch6061: backport-fix-typing-for-rsyslog-ubuntu_pro-power_state_change.patch
BuildRequires: pkgconfig(systemd) python3-devel python3-setuptools systemd
BuildRequires: iproute python3-configobj python3-httpretty >= 0.8.14-2
@ -126,7 +137,31 @@ rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_handler/test_handle
rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_datasource/test_opennebula.py
rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_net_freebsd.py
python3 -m pytest tests/unittests/
SKIP_TESTS=""
# 检测是否存在多个网卡的MAC地址是ee:ee:ee:ee:ee:ee
# https://docs.tigera.io/calico/latest/reference/faq#why-do-all-cali-interfaces-have-the-mac-address-eeeeeeeeeeee
MAC_ADDR="ee:ee:ee:ee:ee:ee"
interfaces=$(ls /sys/class/net)
duplicate_mac_matched_count=0
for iface in $interfaces; do
if [ -e "/sys/class/net/$iface/address" ]; then
iface_mac=$(cat /sys/class/net/$iface/address)
if [ "$iface_mac" == "$MAC_ADDR" ]; then
duplicate_mac_matched_count=$((duplicate_mac_matched_count+1))
fi
fi
done
if [ "$duplicate_mac_matched_count" -gt 1 ]; then
SKIP_TESTS="not test_dhcp.py and not test_network_state.py and not test_configdrive.py"
fi
if [ -n "$SKIP_TESTS" ]; then
python3 -m pytest tests/unittests/ -k "$SKIP_TESTS"
else
python3 -m pytest tests/unittests/
fi
%pre
@ -191,6 +226,39 @@ fi
%exclude /usr/share/doc/*
%changelog
* Tue Mar 18 2025 Linux_zhang <zhangruifang@h-partners.com> - 21.4-34
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport upstream patches
* Wed Mar 05 2025 Linux_zhang <zhangruifang@h-partners.com> - 21.4-33
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport upstream patches
skip some test if there are multiple NICs with the MAC address 'ee:ee:ee:ee:ee:ee'
* Fri Dec 06 2024 shixuantong <shixuantong1@huawei.com> - 21.4-32
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:chore: set recursive=False for ensure_dir if parent path is "/"
test(openstack): Test bond mac address
fix: Ensure properties for bonded interfaces are properly translated
* Thu Nov 14 2024 shixuantong <shixuantong1@huawei.com> - 21.4-31
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix: properly handle blank lines in fstab
* Mon Nov 04 2024 shixuantong <shixuantong1@huawei.com> - 21.4-30
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Ensure random passwords contain multiple character types
* Thu Sep 5 2024 dongyuzhen <dongyuzhen@h-partners.com> - 21.4-29
- Type:bugfix
- CVE:NA