diff --git a/SOURCES/ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch b/SOURCES/ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch new file mode 100644 index 0000000..5198d51 --- /dev/null +++ b/SOURCES/ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch @@ -0,0 +1,123 @@ +From dc2f2dee74b805dc54cf08bd3c49f860fad58c8a Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Thu, 7 Dec 2023 02:39:51 +0530 +Subject: [PATCH 1/2] net/nm: check for presence of ifcfg files when nm + connection files are absent (#4645) + +RH-Author: Ani Sinha +RH-MergeRequest: 114: net/nm: check for presence of ifcfg files when nm connection files are absent (#4645) +RH-Jira: RHEL-18980 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Jon Maloy +RH-Commit: [1/2] 16921dc3bc54ad80debc8ad334f1724762df582b + +On systems that use network manager to manage connections and activate network +interfaces, they may also use ifcfg files for configuring +interfaces using ifcfg-rh network manager plugin. When network manager is used +as the activator, we need to also check for the presence of ifcfg interface +config file when the network manager connection file is absent and if ifcfg-rh +plugin is present. +Hence, with this change, network manager activator first tries to use network +manager connection files to bring up or bring down the interface. If the +connection files are not present and if ifcfg-rh plugin is present, it tries to +use ifcfg files for the interface. If the plugin or the ifcfg files are not +present, the activator fails to activate or deactivate the interface and it +bails out with warning log. + +Fixes: GH-4640 + +Signed-off-by: Ani Sinha +(cherry picked from commit d1d5166895da471cff3606c70d4e8ab6eec1c006) +--- + cloudinit/net/activators.py | 7 +++++++ + cloudinit/net/network_manager.py | 33 ++++++++++++++++++++++++++++++-- + 2 files changed, 38 insertions(+), 2 deletions(-) + +diff --git a/cloudinit/net/activators.py b/cloudinit/net/activators.py +index 7d11a02c..428ff99b 100644 +--- a/cloudinit/net/activators.py ++++ b/cloudinit/net/activators.py +@@ -135,6 +135,13 @@ class NetworkManagerActivator(NetworkActivator): + from cloudinit.net.network_manager import conn_filename + + filename = conn_filename(device_name) ++ if filename is None: ++ LOG.warning( ++ "Unable to find an interface config file. " ++ "Unable to bring up interface." ++ ) ++ return False ++ + cmd = ["nmcli", "connection", "load", filename] + if _alter_interface(cmd, device_name): + cmd = ["nmcli", "connection", "up", "filename", filename] +diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py +index 8047f796..6cc0241d 100644 +--- a/cloudinit/net/network_manager.py ++++ b/cloudinit/net/network_manager.py +@@ -17,10 +17,12 @@ from cloudinit import log as logging + from cloudinit import subp, util + from cloudinit.net import is_ipv6_address, renderer, subnet_is_ipv6 + from cloudinit.net.network_state import NetworkState ++from cloudinit.net.sysconfig import available_nm_ifcfg_rh + + NM_RUN_DIR = "/etc/NetworkManager" + NM_LIB_DIR = "/usr/lib/NetworkManager" + NM_CFG_FILE = "/etc/NetworkManager/NetworkManager.conf" ++IFCFG_CFG_FILE = "/etc/sysconfig/network-scripts" + NM_IPV6_ADDR_GEN_CONF = """# This is generated by cloud-init. Do not edit. + # + [.config] +@@ -374,7 +376,7 @@ class Renderer(renderer.Renderer): + for con_id, conn in self.connections.items(): + if not conn.valid(): + continue +- name = conn_filename(con_id, target) ++ name = nm_conn_filename(con_id, target) + util.write_file(name, conn.dump(), 0o600) + + # Select EUI64 to be used by default by NM for creating the address +@@ -384,12 +386,39 @@ class Renderer(renderer.Renderer): + ) + + +-def conn_filename(con_id, target=None): ++def nm_conn_filename(con_id, target=None): + target_con_dir = subp.target_path(target, NM_RUN_DIR) + con_file = f"cloud-init-{con_id}.nmconnection" + return f"{target_con_dir}/system-connections/{con_file}" + + ++def sysconfig_conn_filename(devname, target=None): ++ target_con_dir = subp.target_path(target, IFCFG_CFG_FILE) ++ con_file = f"ifcfg-{devname}" ++ return f"{target_con_dir}/{con_file}" ++ ++ ++def conn_filename(devname): ++ """ ++ This function returns the name of the interface config file. ++ It first checks for presence of network manager connection file. ++ If absent and ifcfg-rh plugin for network manager is available, ++ it returns the name of the ifcfg file if it is present. If the ++ plugin is not present or the plugin is present but ifcfg file is ++ not, it returns None. ++ This function is called from NetworkManagerActivator class in ++ activators.py. ++ """ ++ conn_file = nm_conn_filename(devname) ++ # If the network manager connection file is absent, also check for ++ # presence of ifcfg files for the same interface (if nm-ifcfg-rh plugin is ++ # present, network manager can handle ifcfg files). If both network manager ++ # connection file and ifcfg files are absent, return None. ++ if not os.path.isfile(conn_file) and available_nm_ifcfg_rh(): ++ conn_file = sysconfig_conn_filename(devname) ++ return conn_file if os.path.isfile(conn_file) else None ++ ++ + def cloud_init_nm_conf_filename(target=None): + target_con_dir = subp.target_path(target, NM_RUN_DIR) + conf_file = "30-cloud-init-ip6-addr-gen-mode.conf" +-- +2.41.0 + diff --git a/SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch b/SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch new file mode 100644 index 0000000..7da0cb8 --- /dev/null +++ b/SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch @@ -0,0 +1,59 @@ +From f4fdcdd05dc2c57f0453a4be3e1a4b0a39ab3fd2 Mon Sep 17 00:00:00 2001 +From: Emanuele Giuseppe Esposito +Date: Thu, 20 May 2021 08:53:55 +0200 +Subject: [PATCH] rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set + in cloud.cfg + +RH-Author: Ani Sinha +RH-MergeRequest: 112: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg +RH-Jira: RHEL-16444 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Commit: [1/1] 855dec5dcc0892c0f7cedf06b025a794769a2a8d (anisinha/rhel-cloud-init) + +RH-Author: Emanuele Giuseppe Esposito +RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg +RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f +RH-Bugzilla: 1957532 +RH-Acked-by: Eduardo Otubo +RH-Acked-by: Cathy Avery +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Mohamed Gamal Morsy + +Currently genkeytypes in cloud.cfg is set to None, so together with +ssh_deletekeys=1 cloudinit on first boot it will just delete the existing +keys and not generate new ones. + +Just removing that property in cloud.cfg is not enough, because +settings.py provides another empty default value that will be used +instead, resulting to no key generated even when the property is not defined. + +Removing genkeytypes also in settings.py will default to GENERATE_KEY_NAMES, +but since we want only 'rsa', 'ecdsa' and 'ed25519', add back genkeytypes in +cloud.cfg with the above defaults. + +Also remove ssh_deletekeys in settings.py as we always need +to 1 (and it also defaults to 1). + +Signed-off-by: Emanuele Giuseppe Esposito +(cherry picked from commit b545a0cbabe8924d048b7172b30e7aad59ed32d5) +--- + cloudinit/settings.py | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/cloudinit/settings.py b/cloudinit/settings.py +index a36c518d..859ad546 100644 +--- a/cloudinit/settings.py ++++ b/cloudinit/settings.py +@@ -55,8 +55,6 @@ CFG_BUILTIN = { + "log_cfgs": [], + "syslog_fix_perms": [], + "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"], +- "ssh_deletekeys": False, +- "ssh_genkeytypes": [], + "system_info": { + "paths": { + "cloud_dir": "/var/lib/cloud", +-- +2.41.0 + diff --git a/SOURCES/ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch b/SOURCES/ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch new file mode 100644 index 0000000..457c42e --- /dev/null +++ b/SOURCES/ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch @@ -0,0 +1,140 @@ +From 2b0b54482a82e229cc5090d797370aef16a7944a Mon Sep 17 00:00:00 2001 +From: Ani Sinha +Date: Thu, 7 Dec 2023 21:03:13 +0530 +Subject: [PATCH 2/2] tests/unittests: add a new unit test for network manager + net activator (#4672) + +RH-Author: Ani Sinha +RH-MergeRequest: 114: net/nm: check for presence of ifcfg files when nm connection files are absent (#4645) +RH-Jira: RHEL-18980 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Jon Maloy +RH-Commit: [2/2] 1fd87afe487c30368e7ec64eede64b5a756e25db + +Some changes in behavior in network manager net activator was brought in with +the commit +d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent") + +This change adds some unit tests that exercizes network manager activator's +bring_up_interface() method that tests failure scenarios as well as cases +where an ifcfg file is used to bring the interface up. + +Signed-off-by: Ani Sinha +(cherry picked from commit bb474df78bfe45ea5f05907eb710e8d5de764fc8) +--- + tests/unittests/test_net_activators.py | 102 +++++++++++++++++++++++++ + 1 file changed, 102 insertions(+) + +diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py +index afd9056a..57ec7493 100644 +--- a/tests/unittests/test_net_activators.py ++++ b/tests/unittests/test_net_activators.py +@@ -347,3 +347,105 @@ class TestActivatorsBringDown: + activator.bring_down_all_interfaces(network_state) + for call in m_subp.call_args_list: + assert call in expected_call_list ++ ++class TestNetworkManagerActivatorBringUp: ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=True, ++ ) ++ @patch("os.path.isfile") ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_nm_conn( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ There is no network manager connection file but ifcfg-rh plugin is ++ present and ifcfg interface config files are also present. In this ++ case, we should use ifcfg files. ++ """ ++ ++ def fake_isfile_no_nmconn(filename): ++ return False if filename.endswith(".nmconnection") else True ++ ++ m_isfile.side_effect = fake_isfile_no_nmconn ++ ++ expected_call_list = [ ++ ( ++ ( ++ [ ++ "nmcli", ++ "connection", ++ "load", ++ "".join( ++ [ ++ "/etc/sysconfig/network-scripts/ifcfg-eth0", ++ ] ++ ), ++ ], ++ ), ++ {}, ++ ), ++ ( ++ ( ++ [ ++ "nmcli", ++ "connection", ++ "up", ++ "filename", ++ "".join( ++ [ ++ "/etc/sysconfig/network-scripts/ifcfg-eth0", ++ ] ++ ), ++ ], ++ ), ++ {}, ++ ), ++ ] ++ ++ index = 0 ++ assert NetworkManagerActivator.bring_up_interface("eth0") ++ for call in m_subp.call_args_list: ++ assert call == expected_call_list[index] ++ index += 1 ++ ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=False, ++ ) ++ @patch("os.path.isfile") ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_plugin_no_nm_conn( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ The ifcfg-rh plugin is absent and nmconnection file is also ++ not present. In this case, we can't use ifcfg file and the ++ interface bring up should fail. ++ """ ++ ++ def fake_isfile_no_nmconn(filename): ++ return False if filename.endswith(".nmconnection") else True ++ ++ m_isfile.side_effect = fake_isfile_no_nmconn ++ assert not NetworkManagerActivator.bring_up_interface("eth0") ++ ++ @patch("cloudinit.subp.subp", return_value=("", "")) ++ @patch( ++ "cloudinit.net.network_manager.available_nm_ifcfg_rh", ++ return_value=True, ++ ) ++ @patch("os.path.isfile", return_value=False) ++ @patch("os.path.exists", return_value=True) ++ def test_bring_up_interface_no_conn_file( ++ self, m_exists, m_isfile, m_plugin, m_subp ++ ): ++ """ ++ Neither network manager connection files are present nor ++ ifcfg files are present. Even if ifcfg-rh plugin is present, ++ we can not bring up the interface. So bring_up_interface() ++ should fail. ++ """ ++ assert not NetworkManagerActivator.bring_up_interface("eth0") +-- +2.41.0 + diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec index fe2c996..9e3ec0c 100644 --- a/SPECS/cloud-init.spec +++ b/SPECS/cloud-init.spec @@ -6,7 +6,7 @@ Name: cloud-init Version: 23.1.1 -Release: 10%{?dist} +Release: 11%{?dist}.1 Summary: Cloud instance init scripts Group: System Environment/Base @@ -54,6 +54,12 @@ Patch28: ci-logging-keep-current-file-mode-of-log-file-if-its-st.patch Patch29: ci-DS-VMware-modify-a-few-log-level-4284.patch # For bz#2229460 - [rhel-8.9] [RFE] Configure "ipv6.addr-gen-mode=eui64' as default in NetworkManager Patch30: ci-NM-renderer-set-default-IPv6-addr-gen-mode-for-all-i.patch +# For RHEL-16444 - [cloud-init][rhel-8.9.0.z] Backport the patch "rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg" to fix settings.py +Patch31: ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch +# For RHEL-18980 - [RHEL-8] NetworkManagerActivator brings up interface failed when using sysconfig renderer [rhel-8.9.0.z] +Patch32: ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch +# For RHEL-18980 - [RHEL-8] NetworkManagerActivator brings up interface failed when using sysconfig renderer [rhel-8.9.0.z] +Patch33: ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch BuildArch: noarch @@ -272,6 +278,17 @@ fi %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog +* Wed Dec 13 2023 Jon Maloy - 23.1.1-11.el8_9.1 +- ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch [RHEL-18980] +- ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch [RHEL-18980] +- Resolves: RHEL-18980 + ([RHEL-8] NetworkManagerActivator brings up interface failed when using sysconfig renderer [rhel-8.9.0.z]) + +* Thu Nov 23 2023 Camilla Conte - 23.1.1-10.el8_9.1 +- ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch [RHEL-16444] +- Resolves: RHEL-16444 + ([cloud-init][rhel-8.9.0.z] Backport the patch "rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg" to fix settings.py) + * Fri Aug 25 2023 Camilla Conte - 23.1.1-10 - Resolves: bz#2233047 ([RHEL 8.9] Inform user when cloud-init generated config files are left during uninstalling)