packages/cloud-init
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:8e1493b7654cf246441cd5bce0ba92c1bb0ec145
Branches Tags
packages:main
...
compare: packages:cfd7cfec4e293172037c61eb7a994b0b738b46a8
Branches Tags
packages:main

10 Commits
8e1493b765 ... cfd7cfec4e

Author SHA1 Message Date
openeuler-ci-bot
cfd7cfec4e
!271 [sync] PR-266: sync some patches 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-12-06 08:08:24 +00:00
shixuantong
3d52295c6f sync some patches 
(cherry picked from commit 318dfe57b6a29219eb6fc7a63943b6e3e4a8d944)
 2024-12-06 15:09:29 +08:00
openeuler-ci-bot
0c297b6260
!264 [sync] PR-259: fix: properly handle blank lines in fstab 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-11-14 03:26:17 +00:00
shixuantong
1f94ee519a fix: properly handle blank lines in fstab 
(cherry picked from commit d132da07de3a946c34ab966bfd69d073008b5a1c)
 2024-11-14 10:23:41 +08:00
openeuler-ci-bot
5de3ea1110
!252 [sync] PR-249: Ensure random passwords contain multiple character types 
From: @openeuler-sync-bot 
Reviewed-by: @znzjugod 
Signed-off-by: @znzjugod
 2024-11-06 04:00:30 +00:00
shixuantong
b447b91a77 Ensure random passwords contain multiple character types 
(cherry picked from commit c5ad5566abe48eaeb5b5ef362ba5da2fa89fbc6a)
 2024-11-05 14:31:37 +08:00
openeuler-ci-bot
9b144f2f5d
!245 [sync] PR-242: backport upstream bugfix patches 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2024-09-06 03:36:23 +00:00
dongyuzhen
1358fd86be backport upstream bugfix patches 
(cherry picked from commit e4b7566e87a35782b9d89b910c22971381610705)
 2024-09-06 08:17:22 +08:00
openeuler-ci-bot
c903ff715e
!239 [sync] PR-238: do not generate dsa 
From: @openeuler-sync-bot 
Reviewed-by: @gaoruoshu 
Signed-off-by: @gaoruoshu
 2024-07-20 08:23:24 +00:00
shixuantong
af73668dd1 do not generate dsa 
(cherry picked from commit 734321d3f9b31adab9a6ea6a060efac1a881cb5e)
 2024-07-20 15:51:05 +08:00
10 changed files with 626 additions and 1 deletions
Show Stats Expand all files Collapse all files

30
backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch Normal file
View File

@ -0,0 +1,30 @@
From b3120f7fefbb772b8fd5f5e8d32ee5377d4aa5cf Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Wed, 13 Nov 2024 23:15:39 +0800
Subject: [PATCH] chore: set recursive=False for ensure_dir if parent path is
"/" (#5816)
---
cloudinit/util.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 8025f4d51..e2f04a402 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -1884,7 +1884,11 @@ def ensure_dir(path, mode=None, user=None, group=None):
# Get non existed parent dir first before they are created.
non_existed_parent_dir = get_non_exist_parent_dir(path)
# Make the dir and adjust the mode
- with SeLinuxGuard(os.path.dirname(path), recursive=True):
+ dir_name = os.path.dirname(path)
+ selinux_recursive = True
+ if dir_name == "/":
+ selinux_recursive = False
+ with SeLinuxGuard(dir_name, recursive=selinux_recursive):
os.makedirs(path)
chmod(path, mode)
# Change the ownership
--
2.27.0

140
backport-feat-Ensure-random-passwords-contain-multiple-charac.patch Normal file
View File

@ -0,0 +1,140 @@
From 879945f56103d937a7fee84bfe7662dc2a5be708 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Thu, 17 Oct 2024 20:45:07 +0800
Subject: [PATCH] feat: Ensure random passwords contain multiple character
types (#5815)
Reference:https://github.com/canonical/cloud-init/commit/879945f56103d937a7fee84bfe7662dc2a5be708
Conflict:NA
The complexity of the random password generated by the
rand_user_password() method may not meet the security configuration
requirements of the system authentication module. This can cause
chpasswd to fail.
This commit ensures we generate a password using 4 different character
classes.
Fixes GH-5814
Co-authored-by: James Falcon <james.falcon@canonical.com>
---
cloudinit/config/cc_set_passwords.py | 33 +++++++++++++---
.../unittests/config/test_cc_set_passwords.py | 38 +++++++++++++++++++
2 files changed, 66 insertions(+), 5 deletions(-)
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
index 24d8267..d46c7f2 100644
--- a/cloudinit/config/cc_set_passwords.py
+++ b/cloudinit/config/cc_set_passwords.py
@@ -9,7 +9,8 @@
import logging
import re
-from string import ascii_letters, digits
+import random
+import string
from textwrap import dedent
from typing import List
@@ -89,9 +90,6 @@ __doc__ = get_meta_doc(meta)
LOG = logging.getLogger(__name__)
-# We are removing certain 'painful' letters/numbers
-PW_SET = "".join([x for x in ascii_letters + digits if x not in "loLOI01"])
-
def get_users_by_type(users_list: list, pw_type: str) -> list:
"""either password or type: RANDOM is required, user is always required"""
@@ -307,4 +305,29 @@ def handle(name: str, cfg: Config, cloud: Cloud, args: list) -> None:
def rand_user_password(pwlen=20):
- return util.rand_str(pwlen, select_from=PW_SET)
+ if pwlen < 4:
+ raise ValueError("Password length must be at least 4 characters.")
+
+ # There are often restrictions on the minimum number of character
+ # classes required in a password, so ensure we at least one character
+ # from each class.
+ res_rand_list = [
+ random.choice(string.digits),
+ random.choice(string.ascii_lowercase),
+ random.choice(string.ascii_uppercase),
+ random.choice(string.punctuation),
+ ]
+
+ res_rand_list.extend(
+ list(
+ util.rand_str(
+ pwlen - len(res_rand_list),
+ select_from=string.digits
+ + string.ascii_lowercase
+ + string.ascii_uppercase
+ + string.punctuation,
+ )
+ )
+ )
+ random.shuffle(res_rand_list)
+ return "".join(res_rand_list)
diff --git a/tests/unittests/config/test_cc_set_passwords.py b/tests/unittests/config/test_cc_set_passwords.py
index ef34a8c..b5d561c 100644
--- a/tests/unittests/config/test_cc_set_passwords.py
+++ b/tests/unittests/config/test_cc_set_passwords.py
@@ -1,6 +1,7 @@
# This file is part of cloud-init. See LICENSE file for license information.
import logging
+import string
from unittest import mock
import pytest
@@ -555,6 +556,43 @@ class TestExpire:
assert "Expired passwords" not in caplog.text
+class TestRandUserPassword:
+ def _get_str_class_num(self, str):
+ return sum(
+ [
+ any(c.islower() for c in str),
+ any(c.isupper() for c in str),
+ any(c.isupper() for c in str),
+ any(c in string.punctuation for c in str),
+ ]
+ )
+
+ @pytest.mark.parametrize(
+ "strlen, expected_result",
+ [
+ (1, ValueError),
+ (2, ValueError),
+ (3, ValueError),
+ (4, 4),
+ (5, 4),
+ (5, 4),
+ (6, 4),
+ (20, 4),
+ ],
+ )
+ def test_rand_user_password(self, strlen, expected_result):
+ if expected_result is ValueError:
+ with pytest.raises(
+ expected_result,
+ match="Password length must be at least 4 characters.",
+ ):
+ setpass.rand_user_password(strlen)
+ else:
+ rand_password = setpass.rand_user_password(strlen)
+ assert len(rand_password) == strlen
+ assert self._get_str_class_num(rand_password) == expected_result
+
+
class TestSetPasswordsSchema:
@pytest.mark.parametrize(
"config, expectation",
--
2.33.0

59
backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch Normal file
View File

@ -0,0 +1,59 @@
From 371b2362bbd78ce53cd1b8f69d55db5855434e61 Mon Sep 17 00:00:00 2001
From: Curt Moore <curt.moore@garmin.com>
Date: Tue, 4 Jun 2024 12:45:32 -0500
Subject: [PATCH] fix: Ensure properties for bonded interfaces are properly
translated (#5367)
There is a discrepancy between the properties key name formatting in
the OpenStack network_data.json and cloudinit network-config.json
specifications. Ensure `bond_` is translated to `bond-` when the
OpenStack configuration is parsed by cloudinit.
Fixes GH-5366
Co-authored-by: Alberto Contreras <alberto.contreras@canonical.com>
---
cloudinit/sources/helpers/openstack.py | 9 ++++++++-
tests/unittests/sources/helpers/test_openstack.py | 6 +++---
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index 69a35db72..70998dda2 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -672,7 +672,14 @@ def convert_net_json(network_json=None, known_macs=None):
if k == "bond_links":
continue
elif k.startswith("bond"):
- params.update({k: v})
+ # There is a difference in key name formatting for
+ # bond parameters in the cloudinit and OpenStack
+ # network schemas. The keys begin with 'bond-' in the
+ # cloudinit schema but 'bond_' in OpenStack
+ # network_data.json schema. Translate them to what
+ # is expected by cloudinit.
+ translated_key = "bond-{}".format(k.split("bond_", 1)[-1])
+ params.update({translated_key: v})
# openstack does not provide a name for the bond.
# they do provide an 'id', but that is possibly non-sensical.
diff --git a/tests/unittests/sources/helpers/test_openstack.py b/tests/unittests/sources/helpers/test_openstack.py
index 312d66a01..663f6c2db 100644
--- a/tests/unittests/sources/helpers/test_openstack.py
+++ b/tests/unittests/sources/helpers/test_openstack.py
@@ -192,9 +192,9 @@ class TestConvertNetJson:
"name": "bond0",
"mac_address": "xx:xx:xx:xx:xx:00",
"params": {
- "bond_miimon": 100,
- "bond_mode": "802.3ad",
- "bond_xmit_hash_policy": "layer3+4",
+ "bond-miimon": 100,
+ "bond-mode": "802.3ad",
+ "bond-xmit_hash_policy": "layer3+4",
},
"subnets": [],
"type": "bond",
--
2.27.0

94
backport-fix-net-klibc-ipconfig-PROTO-compatibility-5437.patch Normal file
View File

@ -0,0 +1,94 @@
From 2c09f69173d448118b02e013518bf5f1674d3c1f Mon Sep 17 00:00:00 2001
From: Alexsander de Souza <61709370+alexsander-souza@users.noreply.github.com>
Date: Thu, 27 Jun 2024 12:24:50 -0300
Subject: [PATCH] fix(net): klibc ipconfig PROTO compatibility (#5437)
klibc's ipconfig format [1] states that PROTO values 'none', 'off',
'static' and blank all mean no autoconfiguration, but cloud-init parser
is too strict and accepts only the first.
Reference:https://github.com/canonical/cloud-init/commit/2c09f69173d448118b02e013518bf5f1674d3c1f
Conflict:not change tools/.github-cla-signers
LP: #2065787
[1] https://git.kernel.org/pub/scm/libs/klibc/klibc.git/plain/usr/kinit/ipconfig/README.ipconfig
---
cloudinit/net/cmdline.py | 3 +++
tests/unittests/test_net.py | 39 +++++++++++++++++++++++++++++++++++--
2 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/cloudinit/net/cmdline.py b/cloudinit/net/cmdline.py
index 48714e9..23febfe 100644
--- a/cloudinit/net/cmdline.py
+++ b/cloudinit/net/cmdline.py
@@ -127,6 +127,9 @@ def _klibc_to_config_entry(content, mac_addrs=None):
else:
proto = "none"
+ if proto in ("static", "off"):
+ proto = "none"
+
if proto not in ("none", "dhcp", "dhcp6"):
raise ValueError("Unexpected value for PROTO: %s" % proto)
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
index 73a4c91..68e2e94 100644
--- a/tests/unittests/test_net.py
+++ b/tests/unittests/test_net.py
@@ -134,6 +134,37 @@ STATIC_EXPECTED_1 = {
],
}
+STATIC_CONTENT_2 = """
+DEVICE='eth1'
+PROTO='static'
+IPV4ADDR='10.0.0.2'
+IPV4BROADCAST='10.0.0.255'
+IPV4NETMASK='255.255.255.0'
+IPV4GATEWAY='10.0.0.1'
+IPV4DNS0='10.0.1.1'
+IPV4DNS1='0.0.0.0'
+HOSTNAME='foohost'
+UPTIME='21'
+DHCPLEASETIME='3600'
+DOMAINSEARCH='foo.com'
+"""
+
+STATIC_CONTENT_3 = """
+DEVICE='eth1'
+PROTO='off'
+IPV4ADDR='10.0.0.2'
+IPV4BROADCAST='10.0.0.255'
+IPV4NETMASK='255.255.255.0'
+IPV4GATEWAY='10.0.0.1'
+IPV4DNS0='10.0.1.1'
+IPV4DNS1='0.0.0.0'
+HOSTNAME='foohost'
+UPTIME='21'
+DHCPLEASETIME='3600'
+DOMAINSEARCH='foo.com'
+"""
+
+
V1_NAMESERVER_ALIAS = """
config:
- id: eno1
@@ -6891,8 +6922,12 @@ class TestCmdlineConfigParsing(CiTestCase):
self.assertEqual(found, ("eno1", DHCP6_EXPECTED_1))
def test_cmdline_convert_static(self):
- found = cmdline._klibc_to_config_entry(STATIC_CONTENT_1)
- self.assertEqual(found, ("eth1", STATIC_EXPECTED_1))
+ found1 = cmdline._klibc_to_config_entry(STATIC_CONTENT_1)
+ assert found1 == ("eth1", STATIC_EXPECTED_1)
+ found2 = cmdline._klibc_to_config_entry(STATIC_CONTENT_2)
+ assert found2 == ("eth1", STATIC_EXPECTED_1)
+ found3 = cmdline._klibc_to_config_entry(STATIC_CONTENT_3)
+ assert found3 == ("eth1", STATIC_EXPECTED_1)
def test_config_from_cmdline_net_cfg(self):
files = []
--
2.43.0

29
backport-fix-openstack-Fix-bond-mac_address-5369.patch Normal file
View File

@ -0,0 +1,29 @@
From 12f1198e8e9e884363b14eeaaf6eb69b7199c36a Mon Sep 17 00:00:00 2001
From: Curt Moore <curt.moore@garmin.com>
Date: Tue, 4 Jun 2024 14:37:43 -0500
Subject: [PATCH] fix(openstack): Fix bond mac_address (#5369)
Reference:https://github.com/canonical/cloud-init/commit/12f1198e8e9e884363b14eeaaf6eb69b7199c36a
Conflict:tools/.github-cla-signers not change.
Fixes GH-5368
---
cloudinit/sources/helpers/openstack.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
index d2260ba..ef29eb7 100644
--- a/cloudinit/sources/helpers/openstack.py
+++ b/cloudinit/sources/helpers/openstack.py
@@ -663,7 +663,7 @@ def convert_net_json(network_json=None, known_macs=None):
if link["type"] in ["bond"]:
params = {}
if link_mac_addr:
- params["mac_address"] = link_mac_addr
+ cfg.update({"mac_address": link_mac_addr})
for k, v in link.items():
if k == "bond_links":
continue
--
2.43.0

33
backport-fix-properly-handle-blank-lines-in-fstab-5643.patch Normal file
View File

@ -0,0 +1,33 @@
From 93f30bbfcb073fd8213c18c2e7eb7f857234fc8a Mon Sep 17 00:00:00 2001
From: James Falcon <james.falcon@canonical.com>
Date: Thu, 29 Aug 2024 18:22:23 -0400
Subject: [PATCH] fix: properly handle blank lines in fstab (#5643)
Reference:https://github.com/canonical/cloud-init/commit/93f30bbfcb073fd8213c18c2e7eb7f857234fc8a
Conflict:(1)not change test, the corresponding test case does not exist.
(2)change handle() not parse_fstab(), diff commit is d15a770.
---
cloudinit/config/cc_mounts.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/cloudinit/config/cc_mounts.py b/cloudinit/config/cc_mounts.py
index 4efa2a2..1cd53ef 100644
--- a/cloudinit/config/cc_mounts.py
+++ b/cloudinit/config/cc_mounts.py
@@ -459,8 +459,9 @@ def handle(name: str, cfg: Config, cloud: Cloud, args: list) -> None:
toks = WS.split(line)
except Exception:
pass
- fstab_devs[toks[0]] = line
- fstab_lines.append(line)
+ if toks:
+ fstab_devs[toks[0]] = line
+ fstab_lines.append(line)
device_aliases = cfg.get("device_aliases", {})
--
2.33.0

31
backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch Normal file
View File

@ -0,0 +1,31 @@
From 4c156a80375c01433cdd00546c6278edb0bb6025 Mon Sep 17 00:00:00 2001
From: sxt1001 <shixuantong1@huawei.com>
Date: Mon, 21 Oct 2024 23:40:25 +0800
Subject: [PATCH] test: Fix duplicate judgment conditions in password
generation (#5835)
Reference:https://github.com/canonical/cloud-init/commit/4c156a80375c01433cdd00546c6278edb0bb6025
Conflict:NA
The problem was introduced by commit 879945f
---
tests/unittests/config/test_cc_set_passwords.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/unittests/config/test_cc_set_passwords.py b/tests/unittests/config/test_cc_set_passwords.py
index 73cb3d490..c068f62d8 100644
--- a/tests/unittests/config/test_cc_set_passwords.py
+++ b/tests/unittests/config/test_cc_set_passwords.py
@@ -566,7 +566,7 @@ class TestRandUserPassword:
[
any(c.islower() for c in str),
any(c.isupper() for c in str),
- any(c.isupper() for c in str),
+ any(c.isdigit() for c in str),
any(c in string.punctuation for c in str),
]
)
--
2.33.0

140
backport-test-openstack-Test-bond-mac-address.patch Normal file
View File

@ -0,0 +1,140 @@
From f8f9d19409fcbda32e119a5514fd5185bcd88b79 Mon Sep 17 00:00:00 2001
From: Brett Holman <brett.holman@canonical.com>
Date: Thu, 27 Jun 2024 11:56:58 -0600
Subject: [PATCH] test(openstack): Test bond mac address (#5369)
---
.../sources/helpers/test_openstack.py | 120 ++++++++++++++++++
1 file changed, 120 insertions(+)
diff --git a/tests/unittests/sources/helpers/test_openstack.py b/tests/unittests/sources/helpers/test_openstack.py
index 4d85ec3c6..312d66a01 100644
--- a/tests/unittests/sources/helpers/test_openstack.py
+++ b/tests/unittests/sources/helpers/test_openstack.py
@@ -112,3 +112,123 @@ class TestConvertNetJson:
assert expected == openstack.convert_net_json(
network_json=net_json, known_macs=macs
)
+
+ def test_bond_mac(self):
+ """Verify the bond mac address is assigned correctly."""
+ network_json = {
+ "links": [
+ {
+ "id": "ens1f0np0",
+ "name": "ens1f0np0",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ },
+ {
+ "id": "ens1f1np1",
+ "name": "ens1f1np1",
+ "type": "phy",
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ },
+ {
+ "id": "bond0",
+ "name": "bond0",
+ "type": "bond",
+ "bond_links": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "ethernet_mac_address": "xx:xx:xx:xx:xx:00",
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ "bond_miimon": 100,
+ },
+ {
+ "id": "bond0.123",
+ "name": "bond0.123",
+ "type": "vlan",
+ "vlan_link": "bond0",
+ "vlan_id": 123,
+ "vlan_mac_address": "xx:xx:xx:xx:xx:00",
+ },
+ ],
+ "networks": [
+ {
+ "id": "publicnet-ipv4",
+ "type": "ipv4",
+ "link": "bond0.123",
+ "ip_address": "x.x.x.x",
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "network": "0.0.0.0",
+ "netmask": "0.0.0.0",
+ "gateway": "x.x.x.1",
+ }
+ ],
+ "network_id": "00000000-0000-0000-0000-000000000000",
+ }
+ ],
+ "services": [{"type": "dns", "address": "1.1.1.1"}],
+ }
+ expected = {
+ "config": [
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "mtu": 9000,
+ "name": "ens1f0np0",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:01",
+ "mtu": 9000,
+ "name": "ens1f1np1",
+ "subnets": [],
+ "type": "physical",
+ },
+ {
+ "bond_interfaces": ["ens1f0np0", "ens1f1np1"],
+ "mtu": 9000,
+ "name": "bond0",
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "params": {
+ "bond_miimon": 100,
+ "bond_mode": "802.3ad",
+ "bond_xmit_hash_policy": "layer3+4",
+ },
+ "subnets": [],
+ "type": "bond",
+ },
+ {
+ "mac_address": "xx:xx:xx:xx:xx:00",
+ "name": "bond0.123",
+ "subnets": [
+ {
+ "address": "x.x.x.x",
+ "ipv4": True,
+ "netmask": "255.255.255.0",
+ "routes": [
+ {
+ "gateway": "x.x.x.1",
+ "netmask": "0.0.0.0",
+ "network": "0.0.0.0",
+ }
+ ],
+ "type": "static",
+ }
+ ],
+ "type": "vlan",
+ "vlan_id": 123,
+ "vlan_link": "bond0",
+ },
+ {"address": "1.1.1.1", "type": "nameserver"},
+ ],
+ "version": 1,
+ }
+ macs = {
+ "xx:xx:xx:xx:xx:00": "ens1f0np0",
+ "xx:xx:xx:xx:xx:01": "ens1f1np1",
+ }
+ assert expected == openstack.convert_net_json(
+ network_json=network_json, known_macs=macs
+ )
--
2.27.0

45
cloud-init.spec
View File

@ -1,6 +1,6 @@
Name: cloud-init
Version: 23.4.1
Release: 6
Release: 11
Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init
@ -27,6 +27,16 @@ Patch6009: backport-fix-azure-disable-use-dns-for-secondary-nics-5314.patch
Patch6010: backport-fix-net-Make-duplicate-route-add-succeed.-5343.patch
Patch6011: backport-fix-netplan-Fix-predictable-interface-rename-issue-5.patch
Patch6012: backport-fix-Fall-back-to-cached-local-ds-if-no-valid-ds-foun.patch
Patch6013: backport-fix-openstack-Fix-bond-mac_address-5369.patch
Patch6014: backport-fix-net-klibc-ipconfig-PROTO-compatibility-5437.patch
Patch6015: backport-feat-Ensure-random-passwords-contain-multiple-charac.patch
Patch6016: backport-test-Fix-duplicate-judgment-conditions-in-password-g.patch
Patch6017: backport-fix-properly-handle-blank-lines-in-fstab-5643.patch
Patch6018: backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch
Patch6019: backport-test-openstack-Test-bond-mac-address.patch
Patch6020: backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch
Patch9000: do-not-generate-dsa.patch
BuildRequires: pkgconfig(systemd) python3-devel python3-setuptools systemd
BuildRequires: iproute python3-configobj python3-responses
@ -157,6 +167,39 @@ fi
%exclude /usr/share/doc/*
%changelog
* Fri Dec 06 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-11
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:chore: set recursive=False for ensure_dir if parent path is "/"
test(openstack): Test bond mac address
fix: Ensure properties for bonded interfaces are properly translated
* Thu Nov 14 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-10
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix: properly handle blank lines in fstab
* Mon Nov 04 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-9
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Ensure random passwords contain multiple character types
* Thu Sep 5 2024 dongyuzhen <dongyuzhen@h-partners.com> - 23.4.1-8
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix(net): klibc ipconfig PROTO compatibility
fix(openstack): Fix bond mac_address
* Sat Jul 20 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-7
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:do not generate dsa
* Tue Jul 02 2024 shixuantong <shixuantong1@huawei.com> - 23.4.1-6
- Type:bugfix
- CVE:NA

26
do-not-generate-dsa.patch Normal file
View File

@ -0,0 +1,26 @@
From 5f121b085119d7eb694b5ee09f4183175cda2678 Mon Sep 17 00:00:00 2001
From: shixuantong <shixuantong1@huawei.com>
Date: Sat, 20 Jul 2024 15:04:30 +0800
Subject: [PATCH] do not generate dsa
---
config/cloud.cfg.tmpl | 3 +++
1 file changed, 3 insertions(+)
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index f096595..37571fc 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -109,6 +109,9 @@ syslog_fix_perms: ~
disable_vmware_customization: false
{% endif -%}
+# do not generate dsa
+ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519']
+
# The modules that run in the 'init' stage
cloud_init_modules:
- migrator
--
2.27.0