From 585eb4a8314ff5c967b7b9bf31525b13a576ae14 Mon Sep 17 00:00:00 2001
From: shixuantong <shixuantong1@huawei.com>
Date: Mon, 15 Jan 2024 09:36:11 +0800
Subject: [PATCH] delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl

---
 cloud-init.spec                  |  9 ++++++++-
 delete-config-nopasswd-all.patch | 23 +++++++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 delete-config-nopasswd-all.patch

diff --git a/cloud-init.spec b/cloud-init.spec
index 4757184..b4d4091 100644
--- a/cloud-init.spec
+++ b/cloud-init.spec
@@ -1,6 +1,6 @@
 Name: cloud-init
 Version: 21.4
-Release: 20
+Release: 21
 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
 License: ASL 2.0 or GPLv3
 URL: http://launchpad.net/cloud-init
@@ -26,6 +26,7 @@ Patch14: remove-schema-errors-from-log-for-cloudinit-config-cc_.patch
 Patch15: backport-cloudinit-net-handle-two-different-routes-for-the-sa.patch
 Patch16: backport-Cleanup-ephemeral-IP-routes-on-exception-2100.patch
 Patch17: backport-CVE-2023-1786.patch
+Patch18: delete-config-nopasswd-all.patch
 
 Patch6001: backport-sources-azure-fix-metadata-check-in-_check_if_nic_is.patch
 Patch6002: backport-check-for-existing-symlink-while-force-creating-syml.patch
@@ -180,6 +181,12 @@ fi
 %exclude /usr/share/doc/*
 
 %changelog
+* Mon Jan 15 2023 shixuantong <shixuantong1@huawei.com> - 21.4-21
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl
+
 * Thu Dec 14 2023 shixuantong <shixuantong1@huawei.com> - 21.4-20
 - Type:bugfix
 - CVE:NA
diff --git a/delete-config-nopasswd-all.patch b/delete-config-nopasswd-all.patch
new file mode 100644
index 0000000..2c08107
--- /dev/null
+++ b/delete-config-nopasswd-all.patch
@@ -0,0 +1,23 @@
+From 5d4297092279a96da79b6404dfb7f31cc406b01c Mon Sep 17 00:00:00 2001
+From: qiushigang <qiushigang@xfusion.com>
+Date: Thu, 18 Aug 2022 09:51:59 +0800
+Subject: [xfusion]cloud-init:delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl
+
+---
+ config/cloud.cfg.tmpl | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
+index 39e36dd..cbf91ac 100644
+--- a/config/cloud.cfg.tmpl
++++ b/config/cloud.cfg.tmpl
+@@ -252,7 +252,6 @@ system_info:
+ {% else %}
+      groups: [wheel, adm, systemd-journal]
+ {% endif %}
+-     sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+ {% if variant == "alpine" %}
+      shell: /bin/ash
+ {% else %}
+-- 
+2.27.0
-- 
Gitee