From 1cefb4e685e89723d891e6be1c4238562fc9beb7 Mon Sep 17 00:00:00 2001 From: Linux_zhang Date: Wed, 5 Mar 2025 09:30:32 +0800 Subject: [PATCH] backport upstream patches (cherry picked from commit ed349e59f9b126000f462295905f81532e7d1778) --- ...ata-crashes-if-DHCP-lease-fails-5998.patch | 70 +++++++++++++++++++ ...is-treated-as-string-in-get_hostname.patch | 62 ++++++++++++++++ ...-fix-Wait-for-udev-on-openstack-5947.patch | 64 +++++++++++++++++ ...rrect-the-path-for-Chef-s-cache-5994.patch | 56 +++++++++++++++ cloud-init.spec | 12 +++- 5 files changed, 263 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch create mode 100644 backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch create mode 100644 backport-fix-Wait-for-udev-on-openstack-5947.patch create mode 100644 backport-fix-correct-the-path-for-Chef-s-cache-5994.patch diff --git a/backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch b/backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch new file mode 100644 index 0000000..906d3c5 --- /dev/null +++ b/backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch @@ -0,0 +1,70 @@ +From eb1965a434360b3198768302f4196488d7c2511f Mon Sep 17 00:00:00 2001 +From: Bryan Fraschetti +Date: Mon, 3 Feb 2025 16:13:19 -0500 +Subject: [PATCH] Fix: GCE _get_data crashes if DHCP lease fails (#5998) + +This commit addresses issue #5997 which reported crashes in init-local +when cloud-init was examining GCELocal as a potential datasource. When +all NICs failed at DHCP discovery cloud-init attempts to log the events +by dereferencing a value that was never assigned. + +This commit modifies the _get_data function of DataSourceGCE.py by +adding an empty dictionary definition for the ret variable at the +top level of the function and some debugging logs when a candidate NIC +fails to obtain a DHCP lease. At the same time, the commit replaces the +direct key access operator on ret with the safe lookup method get(). This +commit also adds a unit test that mocks the observed situation. + +Reference:https://github.com/canonical/cloud-init/commit/eb1965a434360b3198768302f4196488d7c2511f +Conflict:not change test_gce.py (M_PATH and net.find_candidate_nics doesn't exist) + +Fixes GH-5997 +--- + cloudinit/sources/DataSourceGCE.py | 16 ++++++++++------ + 1 file changed, 10 insertions(+), 6 deletions(-) + +diff --git a/cloudinit/sources/DataSourceGCE.py b/cloudinit/sources/DataSourceGCE.py +index c730ae8..87dc4e0 100644 +--- a/cloudinit/sources/DataSourceGCE.py ++++ b/cloudinit/sources/DataSourceGCE.py +@@ -88,6 +88,7 @@ class DataSourceGCE(sources.DataSource): + + def _get_data(self): + url_params = self.get_url_params() ++ ret = {} + if self.perform_dhcp_setup: + candidate_nics = net.find_candidate_nics() + if DEFAULT_PRIMARY_INTERFACE in candidate_nics: +@@ -122,6 +123,9 @@ class DataSourceGCE(sources.DataSource): + ) + continue + except NoDHCPLeaseError: ++ LOG.debug( ++ "Unable to obtain a DHCP lease for %s", candidate_nic ++ ) + continue + if ret["success"]: + self._fallback_interface = candidate_nic +@@ -142,14 +146,14 @@ class DataSourceGCE(sources.DataSource): + }, + ) + +- if not ret["success"]: +- if ret["platform_reports_gce"]: +- LOG.warning(ret["reason"]) ++ if not ret.get("success"): ++ if ret.get("platform_reports_gce"): ++ LOG.warning(ret.get("reason")) + else: +- LOG.debug(ret["reason"]) ++ LOG.debug(ret.get("reason")) + return False +- self.metadata = ret["meta-data"] +- self.userdata_raw = ret["user-data"] ++ self.metadata = ret.get("meta-data") ++ self.userdata_raw = ret.get("user-data") + return True + + @property +-- +2.33.0 \ No newline at end of file diff --git a/backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch b/backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch new file mode 100644 index 0000000..cb2dce9 --- /dev/null +++ b/backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch @@ -0,0 +1,62 @@ +From b45d66a03659f8e4780b6b55e51edcbd2f6f012d Mon Sep 17 00:00:00 2001 +From: MKhatibzadeh <32599707+masihkhatibzadeh99@users.noreply.github.com> +Date: Fri, 7 Feb 2025 18:13:43 +0330 +Subject: [PATCH] fix: Ensure fqdn is treated as string in get_hostname_fqdn + (#5993) + +Explicitly cast fqdn to a string before processing. + +Reference:https://github.com/canonical/cloud-init/commit/b45d66a03659f8e4780b6b55e51edcbd2f6f012d +Conflict:not change .github-cla-signers + +Fixes GH-5989 + +Co-authored-by: masih.khatibzdeh +--- + cloudinit/util.py | 2 +- + tests/unittests/test_util.py | 16 ++++++++++++++++ + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/cloudinit/util.py b/cloudinit/util.py +index 20b6e2e9ef4..bfcc9c8edba 100644 +--- a/cloudinit/util.py ++++ b/cloudinit/util.py +@@ -1215,7 +1215,7 @@ def get_hostname_fqdn(cfg, cloud, metadata_only=False): + is_default = False + if "fqdn" in cfg: + # user specified a fqdn. Default hostname then is based off that +- fqdn = cfg["fqdn"] ++ fqdn = str(cfg["fqdn"]) + hostname = get_cfg_option_str(cfg, "hostname", fqdn.split(".")[0]) + else: + if "hostname" in cfg and cfg["hostname"].find(".") > 0: +diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py +index 8a107191b0e..7d2383f2dd6 100644 +--- a/tests/unittests/test_util.py ++++ b/tests/unittests/test_util.py +@@ -799,6 +799,22 @@ def test_get_hostname_fqdn_from_without_fqdn_or_hostname(self): + mock.call(metadata_only=False), + ] == cloud.get_hostname.call_args_list + ++ def test_get_hostname_fqdn_from_numeric_fqdn(self): ++ """When cfg fqdn is numeric, ensure it is treated as a string.""" ++ hostname, fqdn, _ = util.get_hostname_fqdn( ++ cfg={"fqdn": 12345}, cloud=None ++ ) ++ self.assertEqual("12345", hostname) ++ self.assertEqual("12345", fqdn) ++ ++ def test_get_hostname_fqdn_from_numeric_fqdn_with_domain(self): ++ """When cfg fqdn is numeric with a domain, ensure correct parsing.""" ++ hostname, fqdn, _ = util.get_hostname_fqdn( ++ cfg={"fqdn": "12345.example.com"}, cloud=None ++ ) ++ self.assertEqual("12345", hostname) ++ self.assertEqual("12345.example.com", fqdn) ++ + def test_get_hostname_fqdn_from_passes_metadata_only_to_cloud(self): + """Calls to cloud.get_hostname pass the metadata_only parameter.""" + cloud = mock.MagicMock() +-- +2.33.0 + diff --git a/backport-fix-Wait-for-udev-on-openstack-5947.patch b/backport-fix-Wait-for-udev-on-openstack-5947.patch new file mode 100644 index 0000000..10155a8 --- /dev/null +++ b/backport-fix-Wait-for-udev-on-openstack-5947.patch @@ -0,0 +1,64 @@ +From 7f09102ad601cb5225fa0ffe280d77a75f435e93 Mon Sep 17 00:00:00 2001 +From: Robert Schweikert +From 7f09102ad601cb5225fa0ffe280d77a75f435e93 Mon Sep 17 00:00:00 2001 +From: Robert Schweikert +Date: Tue, 7 Jan 2025 15:59:26 -0500 +Subject: [PATCH] fix: Wait for udev on openstack (#5947) + +It is possible that we outrun udev and when we try to enumerate the macs +any given mac may not yet be present. If we detect the condition give +udev a chance to catch up and check the system macs again before +triggering an error. + +Fixes GH-4125 +--- + cloudinit/sources/helpers/openstack.py | 6 +++++- + tests/unittests/sources/test_configdrive.py | 15 +++++++++------ + 2 files changed, 14 insertions(+), 7 deletions(-) + +diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py +index 97ec18faf98..bea1a2ce29f 100644 +--- a/cloudinit/sources/helpers/openstack.py ++++ b/cloudinit/sources/helpers/openstack.py +@@ -771,7 +771,11 @@ def convert_net_json(network_json=None, known_macs=None): + if not mac: + raise ValueError("No mac_address or name entry for %s" % d) + if mac not in known_macs: +- raise ValueError("Unable to find a system nic for %s" % d) ++ # Let's give udev a chance to catch up ++ util.udevadm_settle() ++ known_macs = net.get_interfaces_by_mac() ++ if mac not in known_macs: ++ raise ValueError("Unable to find a system nic for %s" % d) + d["name"] = known_macs[mac] + + for cfg, key, fmt, targets in link_updates: +diff --git a/tests/unittests/sources/test_configdrive.py b/tests/unittests/sources/test_configdrive.py +index 70da4812aee..a724f7613a0 100644 +--- a/tests/unittests/sources/test_configdrive.py ++++ b/tests/unittests/sources/test_configdrive.py +@@ -896,12 +896,15 @@ def test_convert_reads_system_prefers_name(self, get_interfaces_by_mac): + + def test_convert_raises_value_error_on_missing_name(self): + macs = {"aa:aa:aa:aa:aa:00": "ens1"} +- self.assertRaises( +- ValueError, +- openstack.convert_net_json, +- NETWORK_DATA, +- known_macs=macs, +- ) ++ with mock.patch( ++ "cloudinit.sources.helpers.openstack.util.udevadm_settle" ++ ): ++ self.assertRaises( ++ ValueError, ++ openstack.convert_net_json, ++ NETWORK_DATA, ++ known_macs=macs, ++ ) + + def test_conversion_with_route(self): + ncfg = openstack.convert_net_json( +-- +2.33.0 + diff --git a/backport-fix-correct-the-path-for-Chef-s-cache-5994.patch b/backport-fix-correct-the-path-for-Chef-s-cache-5994.patch new file mode 100644 index 0000000..d1714f8 --- /dev/null +++ b/backport-fix-correct-the-path-for-Chef-s-cache-5994.patch @@ -0,0 +1,56 @@ +From a0ebb8d35e41bae075a0762b7002bc4e6a2b6269 Mon Sep 17 00:00:00 2001 +From: MostafaTarek124eru + <48182100+MostafaTarek124eru@users.noreply.github.com> +Date: Mon, 3 Feb 2025 22:03:51 +0200 +Subject: [PATCH] fix: correct the path for Chef's cache (#5994) + +Corrected the path for chef cache in cc_chef, schema-cloud-config-v1, +and test_cc_chef. + +Reference:https://github.com/canonical/cloud-init/commit/a0ebb8d35e41bae075a0762b7002bc4e6a2b6269 +Conflict:not change schema-cloud-config-v1.json and .github-cla-signers + +Fixes GH-5090 +--- + cloudinit/config/cc_chef.py | 4 ++-- + tests/unittests/config/test_cc_chef.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py +index 6aa2836..58293a7 100644 +--- a/cloudinit/config/cc_chef.py ++++ b/cloudinit/config/cc_chef.py +@@ -29,7 +29,7 @@ CHEF_DIRS = tuple( + "/etc/chef", + "/var/log/chef", + "/var/lib/chef", +- "/var/cache/chef", ++ "/var/chef/cache", + "/var/backups/chef", + "/var/run/chef", + ] +@@ -58,7 +58,7 @@ CHEF_RB_TPL_DEFAULTS = { + "validation_cert": None, + "client_key": "/etc/chef/client.pem", + "json_attribs": CHEF_FB_PATH, +- "file_cache_path": "/var/cache/chef", ++ "file_cache_path": "/var/chef/cache", + "file_backup_path": "/var/backups/chef", + "pid_file": "/var/run/chef/client.pid", + "show_time": True, +diff --git a/tests/unittests/config/test_cc_chef.py b/tests/unittests/config/test_cc_chef.py +index 6fad6a7..f3e4ad9 100644 +--- a/tests/unittests/config/test_cc_chef.py ++++ b/tests/unittests/config/test_cc_chef.py +@@ -150,7 +150,7 @@ class TestChef(FilesystemMockingTestCase): + environment "_default" + node_name "iid-datasource-none" + json_attribs "/etc/chef/firstboot.json" +- file_cache_path "/var/cache/chef" ++ file_cache_path "/var/chef/cache" + file_backup_path "/var/backups/chef" + pid_file "/var/run/chef/client.pid" + Chef::Log::Formatter.show_time = true +-- +2.33.0 + diff --git a/cloud-init.spec b/cloud-init.spec index 8cc8e22..0fe3440 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -1,6 +1,6 @@ Name: cloud-init Version: 23.4.1 -Release: 11 +Release: 12 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance. License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init @@ -35,6 +35,10 @@ Patch6017: backport-fix-properly-handle-blank-lines-in-fstab-5643.patch Patch6018: backport-chore-set-recursive-False-for-ensure_dir-if-parent-p.patch Patch6019: backport-test-openstack-Test-bond-mac-address.patch Patch6020: backport-fix-Ensure-properties-for-bonded-interfaces-are-prop.patch +Patch6021: backport-fix-Wait-for-udev-on-openstack-5947.patch +Patch6022: backport-fix-correct-the-path-for-Chef-s-cache-5994.patch +Patch6023: backport-Fix-GCE-_get_data-crashes-if-DHCP-lease-fails-5998.patch +Patch6024: backport-fix-Ensure-fqdn-is-treated-as-string-in-get_hostname.patch Patch9000: do-not-generate-dsa.patch @@ -167,6 +171,12 @@ fi %exclude /usr/share/doc/* %changelog +* Wed Mar 05 2025 Linux_zhang - 23.4.1-12 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:backport upstream patches + * Fri Dec 06 2024 shixuantong - 23.4.1-11 - Type:bugfix - CVE:NA -- Gitee