Name: cloud-init Version: 21.4 Release: 34 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance. License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init Source0: https://launchpad.net/%{name}/trunk/%{version}/+download/%{name}-%{version}.tar.gz Source1: cloud-init-tmpfiles.conf Patch0: cloud-init-20.4-nm-controlled.patch Patch2: bugfix-cloud-init-add-os-support.patch Patch3: bugfix-sort-requirements.patch Patch4: add-variable-to-forbid-tmp-dir.patch Patch5: backport-add-Requires-cloud-init-hotplugd.socket-in-cloud-init-hotplugd.service-file.patch Patch6: backport-testing-add-additional-mocks-to-test_net-tests-1356.patch Patch7: delete-config-nopasswd-all.patch Patch8: backport-net-netplan-config-root-read-only-as-wifi-config-can.patch Patch9: backport-netplan-define-features.NETPLAN_CONFIG_ROOT_READ_ONL.patch Patch10: backport-Fix-the-distro.osfamily-output-problem.patch Patch11: backport-netplan-keep-custom-strict-perms-when-50-cloud-init.patch Patch12: backport-Do-not-change-permissions-of-netrules-target.patch Patch13: fix-a-small-unitest-error.patch Patch14: backport-CVE-2022-2084.patch Patch15: remove-schema-errors-from-log-for-cloudinit-config-cc_.patch Patch16: backport-cloudinit-net-handle-two-different-routes-for-the-sa.patch Patch17: backport-Cleanup-ephemeral-IP-routes-on-exception-2100.patch Patch18: backport-CVE-2023-1786.patch Patch6001: backport-sources-azure-fix-metadata-check-in-_check_if_nic_is.patch Patch6002: backport-check-for-existing-symlink-while-force-creating-syml.patch Patch6003: backport-BUG-1473527-module-ssh-authkey-fingerprints-fails-In.patch Patch6004: backport-Resource-leak-cleanup-1556.patch Patch6005: backport-DataSourceVMware-fix-var-use-before-init-1674.patch Patch6006: backport-cc_set_hostname-ignore-var-lib-cloud-data-set-hostna.patch Patch6007: backport-disk_setup-use-byte-string-when-purging-the-partitio.patch Patch6008: backport-util-atomically-update-sym-links-to-avoid-Suppress-F.patch Patch6009: backport-Workaround-net_setup_link-race-with-udev-1655.patch Patch6010: backport-util-Fix-error-path-and-parsing-in-get_proc_ppid.patch Patch6011: backport-util-Support-Idle-process-state-in-get_proc_ppid-163.patch Patch6012: backport-Use-btrfs-enquque-when-available-1926.patch Patch6013: backport-mounts-fix-suggested_swapsize-for-64GB-hosts-1569.patch Patch6014: backport-Fix-ds-identify-not-detecting-NoCloud-seed-in-config.patch Patch6015: backport-cc_disk_setup-pass-options-in-correct-order-to-utils.patch Patch6016: backport-util-add-Version-class.patch Patch9000: Fix-the-error-level-logs-displayed-for-the-cloud-init-local-service.patch Patch9001: do-not-generate-dsa.patch Patch6017: backport-cc_ubuntu_advantage-Redact-token-from-logs-1726.patch Patch6018: backport-Do-not-silently-ignore-integer-uid-1280.patch Patch6019: backport-Ensure-network-ready-before-cloud-init-service-runs.patch Patch6020: backport-Fix-exception-when-no-activator-found-1129.patch Patch6021: backport-Fix-KeyError-in-iproute-pformat-3287.patch Patch6022: backport-Handle-non-existent-ca-cert-config-situation-2073.patch Patch6023: backport-net-dhcp-catch-dhclient-failures-and-raise-NoDHCPLea.patch Patch6024: backport-Don-t-fail-if-IB-and-Ethernet-devices-collide-1411.patch Patch6025: backport-net-skip-duplicate-mac-check-for-netvsc-nic-and-its-.patch Patch6026: backport-Ignore-duplicate-macs-from-mscc_felix-and-fsl_enetc.patch Patch6027: backport-macs-ignore-duplicate-MAC-for-devs-with-driver-drive.patch Patch6028: backport-Set-ownership-for-new-folders-in-Write-Files-Module-.patch Patch6029: backport-Fix-network-v2-metric-rendering-4220.patch Patch6030: backport-Fix-IPv6-netmask-format-for-sysconfig-1215.patch Patch6031: backport-Fix-KeyError-when-rendering-sysconfig-IPv6-routes.patch Patch6032: backport-Fix-default-route-rendering-on-v2-ipv6-1973.patch Patch6033: backport-Drop-support-of-sk-keys-in-cc_ssh-1451.patch Patch6034: backport-Do-not-generate-dsa-and-ed25519-key-types-when-crypt.patch Patch6035: backport-cc_mounts-Fix-swapfile-not-working-on-btrfs-4319.patch Patch6036: backport-cc_mounts-Use-fallocate-to-create-swapfile-on-btrfs-.patch Patch6037: backport-cloud-config-honor-cloud_dir-setting-1523.patch Patch6038: backport-collect-logs-fix-memory-usage-SC-1590-4289.patch Patch6039: backport-Return-a-namedtuple-from-subp-1376.patch Patch6040: backport-fix-Don-t-loosen-the-permissions-of-the-log-file.patch Patch6041: backport-fix-growpart-race-4618.patch Patch6042: backport-handle-error-when-log-file-is-empty-4859.patch Patch6043: backport-fix-Logging-sensitive-data.patch Patch6044: backport-ec2-Do-not-enable-dhcp6-on-EC2.patch Patch6045: backport-fix-azure-disable-use-dns-for-secondary-nics-5314.patch Patch6046: backport-fix-net-Make-duplicate-route-add-succeed.-5343.patch Patch6047: backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch Patch6048: backport-fix-openstack-Fix-bond-mac_address-5369.patch Patch6049: backport-fix-net-klibc-ipconfig-PROTO-compatibility-5437.patch Patch6050: backport-feat-Ensure-random-passwords-contain-multiple-charac.patch Patch6051: backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch Patch6052: backport-fix-properly-handle-blank-lines-in-fstab-5643.patch Patch6053: backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch Patch6054: backport-test-openstack-Test-bond-mac-address.patch Patch6055: backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch Patch6056: backport-fix-Wait-for-udev-on-openstack-5947.patch Patch6057: backport-fix-correct-the-path-for-Chef-s-cache-5994.patch Patch6058: backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch Patch6059: backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch Patch6060: backport-net-sysconfig-do-not-remove-all-existing-settings-of.patch Patch6061: backport-fix-typing-for-rsyslog-ubuntu_pro-power_state_change.patch BuildRequires: pkgconfig(systemd) python3-devel python3-setuptools systemd BuildRequires: iproute python3-configobj python3-httpretty >= 0.8.14-2 BuildRequires: python3-jinja2 python3-jsonpatch python3-jsonschema BuildRequires: python3-mock python3-oauthlib python3-prettytable BuildRequires: python3-pyserial python3-PyYAML python3-requests python3-six BuildRequires: python3-unittest2 dnf %{_vendor}-release python3-pytest passwd python3-netifaces Requires: e2fsprogs iproute python3-libselinux net-tools python3-policycoreutils Requires: procps python3-configobj python3-jinja2 python3-jsonpatch xfsprogs Requires: python3-jsonschema python3-oauthlib python3-prettytable util-linux Requires: python3-pyserial python3-pyyaml python3-requests python3-six shadow %{?systemd_requires} BuildArch: noarch %description Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. %package_help %prep %autosetup -n %{name}-%{version} -p1 echo %{_vendor} sed -i -e 's|#!/usr/bin/env python|#!/usr/bin/env python3|' \ -e 's|#!/usr/bin/python|#!/usr/bin/python3|' tools/* cloudinit/ssh_util.py sed -i 's/\/etc\/redhat-release/\/etc\/%{_vendor}-release/g' setup.py %build %py3_build %install %py3_install -- --init-system=systemd python3 tools/render-cloudcfg --variant openeuler > %{buildroot}/%{_sysconfdir}/cloud/cloud.cfg install -d %{buildroot}/var/lib/cloud install -d %{buildroot}/run/%{name} install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/%{name}.conf install -D -m 0644 tools/21-cloudinit.conf %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf %check rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_handler/test_handler_ntp.py rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_datasource/test_opennebula.py rm -f $RPM_BUILD_DIR/%{name}-%{version}/tests/unittests/test_net_freebsd.py SKIP_TESTS="" # 检测是否存在多个网卡的MAC地址是ee:ee:ee:ee:ee:ee # https://docs.tigera.io/calico/latest/reference/faq#why-do-all-cali-interfaces-have-the-mac-address-eeeeeeeeeeee MAC_ADDR="ee:ee:ee:ee:ee:ee" interfaces=$(ls /sys/class/net) duplicate_mac_matched_count=0 for iface in $interfaces; do if [ -e "/sys/class/net/$iface/address" ]; then iface_mac=$(cat /sys/class/net/$iface/address) if [ "$iface_mac" == "$MAC_ADDR" ]; then duplicate_mac_matched_count=$((duplicate_mac_matched_count+1)) fi fi done if [ "$duplicate_mac_matched_count" -gt 1 ]; then SKIP_TESTS="not test_dhcp.py and not test_network_state.py and not test_configdrive.py" fi if [ -n "$SKIP_TESTS" ]; then python3 -m pytest tests/unittests/ -k "$SKIP_TESTS" else python3 -m pytest tests/unittests/ fi %pre %preun %systemd_preun cloud-config.service cloud-config.target cloud-final.service cloud-init.service cloud-init.target cloud-init-local.service %post if [ $1 -eq 1 ] ; then /bin/systemctl enable cloud-config.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-final.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-init.service >/dev/null 2>&1 || : /bin/systemctl enable cloud-init-local.service >/dev/null 2>&1 || : elif [ $1 -eq 2 ]; then /bin/systemctl is-enabled cloud-config.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-config.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-final.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-final.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-init.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-init.service >/dev/null 2>&1 || : /bin/systemctl is-enabled cloud-init-local.service >/dev/null 2>&1 && /bin/systemctl reenable cloud-init-local.service >/dev/null 2>&1 || : fi %postun %systemd_postun cloud-config.service cloud-config.target cloud-final.service cloud-init.service cloud-init.target cloud-init-local.service %files %doc ChangeLog %license LICENSE LICENSE-Apache2.0 LICENSE-GPLv3 %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg %dir %{_sysconfdir}/cloud/cloud.cfg.d %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d/*.cfg %doc %{_sysconfdir}/cloud/cloud.cfg.d/README %dir %{_sysconfdir}/rsyslog.d %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %{_sysconfdir}/NetworkManager/dispatcher.d/hook-network-manager %{_sysconfdir}/dhcp/dhclient-exit-hooks.d/hook-dhclient /lib/udev/rules.d/66-azure-ephemeral.rules %{_unitdir}/cloud-config.service %{_unitdir}/cloud-final.service %{_unitdir}/cloud-init.service %{_unitdir}/cloud-init-local.service %{_unitdir}/cloud-config.target %{_unitdir}/cloud-init.target /usr/lib/systemd/system-generators/cloud-init-generator %{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf /usr/lib/systemd/system/cloud-init-hotplugd.service /usr/lib/systemd/system/cloud-init-hotplugd.socket %{_tmpfilesdir}/%{name}.conf %{_libexecdir}/%{name} %{_bindir}/cloud-init* %{_bindir}/cloud-id %{python3_sitelib}/* %dir /run/%{name} %dir /var/lib/cloud %{_datadir}/bash-completion/completions/cloud-init %files help %doc doc/* %dir %{_sysconfdir}/cloud/templates %config(noreplace) %{_sysconfdir}/cloud/templates/* %exclude /usr/share/doc/* %changelog * Tue Mar 18 2025 Linux_zhang - 21.4-34 - Type:bugfix - CVE:NA - SUG:NA - DESC:backport upstream patches * Wed Mar 05 2025 Linux_zhang - 21.4-33 - Type:bugfix - CVE:NA - SUG:NA - DESC:backport upstream patches skip some test if there are multiple NICs with the MAC address 'ee:ee:ee:ee:ee:ee' * Fri Dec 06 2024 shixuantong - 21.4-32 - Type:bugfix - CVE:NA - SUG:NA - DESC:chore: set recursive=False for ensure_dir if parent path is "/" test(openstack): Test bond mac address fix: Ensure properties for bonded interfaces are properly translated * Thu Nov 14 2024 shixuantong - 21.4-31 - Type:bugfix - CVE:NA - SUG:NA - DESC:fix: properly handle blank lines in fstab * Mon Nov 04 2024 shixuantong - 21.4-30 - Type:bugfix - CVE:NA - SUG:NA - DESC:Ensure random passwords contain multiple character types * Thu Sep 5 2024 dongyuzhen - 21.4-29 - Type:bugfix - CVE:NA - SUG:NA - DESC:fix(net): klibc ipconfig PROTO compatibility fix(openstack): Fix bond mac_address * Tue Jun 11 2024 shixuantong - 21.4-28 - Type:bugfix - CVE:NA - SUG:NA - DESC:disable use-dns for secondary nics Make duplicate route add succeed Fix predictable interface rename issue * Wed May 8 2024 dongyuzhen - 21.4-27 - Type:bugfix - CVE:NA - SUG:NA - DESC:ec2: Do not enable dhcp6 on EC2 * Fri Apr 12 2024 shixuantong - 21.4-26 - Type:bugfix - CVE:NA - SUG:NA - DESC:fix: Logging sensitive data * Tue Mar 26 2024 shixuantong - 21.4-25 - Type:bugfix - CVE:NA - SUG:NA - DESC:fix growpart race handle error when log file is empty * Thu Dec 14 2023 shixuantong - 21.4-24 - Type:bugfix - CVE:NA - SUG:NA - DESC:Don't loosen the permissions of the log file * Tue Nov 07 2023 shixuantong - 21.4-23 - Type:bugfix - CVE:NA - SUG:NA - DESC:do not generate dsa * Tue Nov 07 2023 shixuantong - 21.4-22 - Type:bugfix - CVE:NA - SUG:NA - DESC:remove test_net_freebsd * Mon Sep 18 2023 shixuantong - 21.4-21 - Type:bugfix - CVE:NA - SUG:NA - DESC:cc_mounts: Fix swapfile not working on btrfs cc_mounts: Use fallocate to create swapfile on btrfs collect-logs fix memory usage * Mon Aug 21 2023 shixuantong - 21.4-20 - Type:bugfix - CVE:NA - SUG:NA - DESC:Do not generate dsa and ed25519 key types when crypto FIPS mode is enabled Don't fail if IB and Ethernet devices 'collide' Fix default route rendering on v2 ipv6 Fix IPv6 netmask format for sysconfig Fix KeyError when rendering sysconfig IPv6 routes Fix network v2 metric rendering Ignore duplicate macs from mscc_felix and fsl_enetc macs: ignore duplicate MAC for devs with driver driver qmi_wwan net/dhcp: catch dhclient failures and raise NoDHCPLeaseError net: skip duplicate mac check for netvsc nic and its VF Set ownership for new folders in Write Files Module cc_ubuntu_advantage: Redact token from logs Do not silently ignore integer uid Ensure network ready before cloud-init service runs Fix exception when no activator found Fix KeyError in iproute pformat Handle non existent ca-cert-config situation * Fri Aug 18 2023 shixuantong - 21.4-19 - backport upstream patches * Sat Jul 29 2023 Lv Ying - 21.4-18 - backport upstream patches: https://github.com/canonical/cloud-init/commit/7136109df5a7b3c75dfb05a853fc4485fed25b5f https://github.com/canonical/cloud-init/commit/f51c352e6c6a7d05a61308c188450a1b818eac45 https://github.com/canonical/cloud-init/commit/668a68fe577368555ea7f71577fc352494a98c25 * Sat Jul 29 2023 Lv Ying - 21.4-17 - backport upstream patches: https://github.com/canonical/cloud-init/commit/fa53c7f4086f5937bc9bd328dba9f91ca73b6614 https://github.com/canonical/cloud-init/commit/9c7502a801763520639c66125eb373123d1e4f44 https://github.com/canonical/cloud-init/commit/2e17a0d626d41147b7d0822013e80179b3a81ee4 https://github.com/canonical/cloud-init/commit/9f0efc474ea430c75cd0abec3e2da719d4934346 https://github.com/canonical/cloud-init/commit/bb414c7866c4728b2105e84f7b426ab81cc4bf4d https://github.com/canonical/cloud-init/commit/9cbd94dd57112083856ead0e0ff724e9d1c1f714 https://github.com/canonical/cloud-init/commit/6d817e94beb404d3917bf973bcb728aa6cc22ffe https://github.com/canonical/cloud-init/commit/0450a1faff9e5095e6da0865916501772b3972e9 * Wed May 24 2023 shixuantong - 21.4-16 - fix CVE-2023-1786 * Fri May 19 2023 shixuantong - 21.4-15 - Cleanup ephemeral IP routes on exception and handle two different routes for the same ip * Sun May 14 2023 shixuantong - 21.4-14 - fix CVE-2022-2084 * Sun Apr 23 2023 shixuantong - 21.4-13 - Fix a unitest error * Thu Apr 13 2023 shixuantong - 21.4-12 - Don't change permissions of netrules target * Mon Mar 27 2023 shixuantong - 21.4-11 - keep custom strict perms when 50-cloud-init.yaml exists * Thu Feb 02 2023 shixuantong - 21.4-10 - revert make the same authentication behavior for arm and x86 machine * Fri Jan 06 2023 shixuantong - 21.4-9 - Fix the distro.osfamily output problem * Thu Jan 05 2023 shixuantong - 21.4-8 - Limit permissions for /etc/network/50-cloud-init.yaml as read-only for root (600) * Wed Dec 21 2022 wanglimin - 21.4-7 - make the same authentication behavior for arm and x86 machine * Tue Dec 20 2022 xuxinyu - 21.4-6 - Type:security - CVE: - DESC:delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl * Wed Nov 30 2022 shixuantong - 21.4-5 - rename patch * Thu Oct 13 2022 fuanan - 21.4-4 - DESC:fix the changelog exception macro * Fri Apr 1 2022 yangzhuangzhuang - 21.4-3 - Type:bugfix - ID:NA - SUG:NA - DESC:Fix test_net.py testcase fail * Fri Mar 18 2022 yangzhuangzhuang - 21.4-2 - Type:update - ID:NA - SUG:NA - DESC:add Requires cloud-init-hotplugd.socket in cloud-init-hotplugd.service file * Tue Dec 21 2021 yangzhuangzhuang - 21.4-1 - Type:update - ID:NA - SUG:NA - DESC:upate version to 21.4 * Sat Dec 4 2021 yangzhuangzhuang - 20.4-4 - Type:bugfix - ID:NA - SUG:NA - DESC:change openEuler to openeuler * Wed Sep 22 2021 yangzhuangzhuang - 20.4-3 - Type:CVE - ID:CVE-2021-3429 - SUG:NA - DESC:Fix CVE-2021-3429 * Thu Jul 29 2021 Hugel - 20.4-2 - Type:bugfix - ID:NA - SUG:NA - DESC:exclude OVS internal interfaces in get_interfaces * Sat Jun 26 2021 yangzhuangzhuang - 20.4-1 - Type:update - ID:NA - SUG:NA - DESC:update to 20.4 * Sat Jun 19 2021 yangzhuangzhuang - 20.3-3 - Type:bugfix - ID:NA - SUG:NA - DESC:enable make check * Tue May 25 2021 yangzhuangzhuang - 20.3-2 - Type:bugfix - ID:NA - SUG:NA - DESC:Fix the error level logs displayed for the cloud-init-local service * Wed Nov 4 2020 yangzhuangzhuang - 20.3-1 - Type:update - ID:NA - SUG:NA - DESC:update to 20.3 * Fri Jul 31 2020 Liquor - 19.4-1 - Type:update - ID:NA - SUG:NA - DESC:update to 19.4 * Tue Jun 23 2020 chenditang - 17.1-13 - Type:bugfix - ID:NA - SUG:NA - DESC:add get_linux_distro function to replace platfom.dist * Sat Mar 14 2020 chengquan - 17.1-12 - Type:bugfix - ID:NA - SUG:NA - DESC:fixbug in self-building * Mon Dec 23 2019 chengquan - 17.1-11 - Type:bugfix - ID:NA - SUG:NA - DESC:add openEuler into distros * Thu Oct 31 2019 chengquan - 17.1-10 - Type:bugfix - ID:NA - SUG:NA - DESC:fix postun marco and change OS realease * Tue Oct 22 2019 openEuler Buildteam - 17.1-9 - Package rebuild. * Tue Sep 17 2019 openEuler Buildteam - 17.1-8 - Package init.