From e3b9ff315d5e6be07518b5281107381e45f07b438ad42126a023a100f57c7fc5 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 13 Aug 2023 21:04:19 +0000 Subject: [PATCH] - update to 23.1.2: * Make user/vendor data sensitive and remove log permissions * source: Force OpenStack when it is only option (#2045) * sources/azure: fix regressions in IMDS behavior - drop cloud-init-cve-2023-1786-redact-inst-data.patch (upstream) - spec-file cleanups, including dropping flake8 (as build fails with newer flake8 versions) OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/cloud-init?expand=0&rev=210 --- cloud-init-23.1.2.tar.gz | 3 + cloud-init-23.1.tar.gz | 3 - cloud-init.changes | 11 +++ cloud-init.spec | 149 +++++++++++++++++---------------------- 4 files changed, 78 insertions(+), 88 deletions(-) create mode 100644 cloud-init-23.1.2.tar.gz delete mode 100644 cloud-init-23.1.tar.gz diff --git a/cloud-init-23.1.2.tar.gz b/cloud-init-23.1.2.tar.gz new file mode 100644 index 0000000..d28a8bf --- /dev/null +++ b/cloud-init-23.1.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f38515f6b29ce9b8216001cf543cfd8422fed3103f3729ac55b5a598658ff106 +size 1539960 diff --git a/cloud-init-23.1.tar.gz b/cloud-init-23.1.tar.gz deleted file mode 100644 index 4c729b5..0000000 --- a/cloud-init-23.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7d6a13210c9fc82c82e471c335de9fbb53ccd63ac92c1d1c462a6e5c8e992ebc -size 1540625 diff --git a/cloud-init.changes b/cloud-init.changes index cffc404..249f4ab 100644 --- a/cloud-init.changes +++ b/cloud-init.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sun Aug 13 21:02:31 UTC 2023 - Dirk Müller + +- update to 23.1.2: + * Make user/vendor data sensitive and remove log permissions + * source: Force OpenStack when it is only option (#2045) + * sources/azure: fix regressions in IMDS behavior +- drop cloud-init-cve-2023-1786-redact-inst-data.patch (upstream) +- spec-file cleanups, including dropping flake8 (as build fails + with newer flake8 versions) + ------------------------------------------------------------------- Thu Jul 6 12:06:22 UTC 2023 - Robert Schweikert diff --git a/cloud-init.spec b/cloud-init.spec index 2f43852..21cf585 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -1,7 +1,7 @@ # # spec file for package cloud-init # -# Copyright (c) 2023 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,49 +12,45 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # + + # change this whenever config changes incompatible %global configver 0.7 - +%global docdir %{_defaultdocdir}/%{name} Name: cloud-init -Version: 23.1 +Version: 23.1.2 Release: 0 -License: GPL-3.0 Summary: Cloud node initialization tool -Url: https://github.com/canonical/cloud-init +License: GPL-3.0-only Group: System/Management -Source0: %{name}-%{version}.tar.gz +URL: https://github.com/canonical/cloud-init +Source0: https://github.com/canonical/cloud-init/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: rsyslog-cloud-init.cfg Source2: hidesensitivedata -Patch1: datasourceLocalDisk.patch +Patch1: datasourceLocalDisk.patch # FIXME (lp#1849296) -Patch2: cloud-init-break-resolv-symlink.patch +Patch2: cloud-init-break-resolv-symlink.patch # FIXME no proposed solution -Patch3: cloud-init-sysconf-path.patch +Patch3: cloud-init-sysconf-path.patch # FIXME (lp#1860164) -Patch4: cloud-init-no-tempnet-oci.patch +Patch4: cloud-init-no-tempnet-oci.patch # FIXME https://github.com/canonical/cloud-init/pull/2036 -Patch5: cloud-init-fix-ca-test.patch +Patch5: cloud-init-fix-ca-test.patch # FIXME (lp#1812117) -Patch6: cloud-init-write-routes.patch -Patch7: cloud-init-cve-2023-1786-redact-instance-data-json-main.patch +Patch6: cloud-init-write-routes.patch # FIXME https://github.com/canonical/cloud-init/pull/2148 -Patch8: cloud-init-power-rhel-only.patch +Patch8: cloud-init-power-rhel-only.patch BuildRequires: fdupes -BuildRequires: filesystem # pkg-config is needed to find correct systemd unit dir -BuildRequires: pkg-config -# needed for /lib/udev -BuildRequires: pkgconfig(udev) +BuildRequires: pkgconfig BuildRequires: python-rpm-macros -BuildRequires: python3-devel -BuildRequires: python3-setuptools # Test requirements BuildRequires: python3-Jinja2 BuildRequires: python3-PyYAML BuildRequires: python3-configobj >= 5.0.2 -BuildRequires: python3-flake8 +BuildRequires: python3-devel BuildRequires: python3-httpretty BuildRequires: python3-jsonpatch BuildRequires: python3-jsonschema @@ -66,28 +62,28 @@ BuildRequires: python3-pytest-mock BuildRequires: python3-requests BuildRequires: python3-responses BuildRequires: python3-serial +BuildRequires: python3-setuptools BuildRequires: system-user-nobody -%if 0%{?is_opensuse} -BuildRequires: openSUSE-release -%else -BuildRequires: sles-release -%endif BuildRequires: util-linux +BuildRequires: pkgconfig(systemd) +# needed for /lib/udev +BuildRequires: pkgconfig(udev) Requires: bash +Requires: cloud-init-config = %{configver} Requires: dhcp-client +Requires: e2fsprogs Requires: file Requires: growpart -Requires: e2fsprogs Requires: net-tools Requires: openssh -Requires: python3-configobj >= 5.0.2 Requires: python3-Jinja2 +Requires: python3-PyYAML +Requires: python3-configobj >= 5.0.2 Requires: python3-jsonpatch Requires: python3-jsonschema Requires: python3-netifaces Requires: python3-oauthlib Requires: python3-pyserial -Requires: python3-PyYAML Requires: python3-requests Requires: python3-serial Requires: python3-setuptools @@ -95,23 +91,18 @@ Requires: python3-xml Requires: sudo Requires: util-linux Requires: wget +%{?systemd_requires} +%if 0%{?is_opensuse} +BuildRequires: openSUSE-release +%else +BuildRequires: sles-release +%endif %if 0%{?suse_version} && 0%{?suse_version} <= 1500 Requires: wicked-service %endif -Requires: cloud-init-config = %configver -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define docdir %{_defaultdocdir}/%{name} -%ifarch %ix86 x86_64 +%ifarch %{ix86} x86_64 Requires: dmidecode %endif -%define initsys systemd -BuildRequires: pkgconfig(systemd) -%{?systemd_requires} -%if 0%{?suse_version} && 0%{?suse_version} == 1220 -%define systemd_prefix /lib -%else -%define systemd_prefix /usr/lib -%endif %description Cloud-init is an init script that initializes a cloud node (VM) @@ -119,9 +110,9 @@ according to the fetched configuration data from the admin node. %package config-suse Summary: Configuration file for Cloud node initialization tool -Provides: cloud-init-config = %configver Group: System/Management -Conflicts: otherproviders(cloud-init-config) +Conflicts: cloud-init-config +Provides: cloud-init-config = %{configver} %description config-suse This package contains the product specific configuration file @@ -140,13 +131,12 @@ Documentation and examples for cloud-init tools %prep %setup -q -%patch1 -p0 +%patch1 %patch2 %patch3 %patch4 %patch5 %patch6 -%patch7 %patch8 # patch in the full version to version.py @@ -159,11 +149,10 @@ sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $version_pys python3 setup.py build %check -make unittest -make flake8 +%make_build unittest %install -python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} --init-system=%{initsys} +python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} --init-system=systemd find %{buildroot} \( -name .gitignore -o -name .placeholder \) -delete # from debian install script for x in "%{buildroot}%{_bindir}/"*.py; do @@ -176,10 +165,6 @@ mv %{buildroot}%{_datadir}/doc/%{name} %{buildroot}%{_defaultdocdir} # man pages mkdir -p %{buildroot}%{_mandir}/man1 mv doc/man/* %{buildroot}%{_mandir}/man1 -# copy the LICENSE -mkdir -p %{buildroot}%{_defaultlicensedir}/%{name} -cp LICENSE %{buildroot}%{_defaultlicensedir}/%{name} -cp LICENSE-GPLv3 %{buildroot}%{_defaultlicensedir}/%{name} # Set the distribution indicator %if 0%{?suse_version} %if 0%{?is_opensuse} @@ -188,12 +173,10 @@ sed -i s/suse/opensuse/ %{buildroot}/%{_sysconfdir}/cloud/cloud.cfg sed -i s/suse/sles/ %{buildroot}/%{_sysconfdir}/cloud/cloud.cfg %endif %endif -mkdir -p %{buildroot}/%{_sysconfdir}/rsyslog.d -mkdir -p %{buildroot}/usr/lib/udev/rules.d/ -cp -a %{SOURCE1} %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf -mv %{buildroot}/lib/udev/rules.d/66-azure-ephemeral.rules %{buildroot}/usr/lib/udev/rules.d/ -mkdir -p %{buildroot}%{_sbindir} -install -m 755 %{SOURCE2} %{buildroot}%{_sbindir} +install -D -m 644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf +mkdir -p %{buildroot}%{_prefix}/lib/udev/rules.d/ +mv %{buildroot}/lib/udev/rules.d/66-azure-ephemeral.rules %{buildroot}%{_prefix}/lib/udev/rules.d/ +install -D -m 755 %{SOURCE2} %{buildroot}%{_sbindir}/hidesensitivedata # remove debian/ubuntu specific profile.d file (bnc#779553) rm -f %{buildroot}%{_sysconfdir}/profile.d/Z99-cloud-locale-test.sh @@ -203,16 +186,15 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.debian.* rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.redhat.* rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.* -%post -/usr/sbin/hidesensitivedata - # remove duplicate files %if 0%{?suse_version} %fdupes %{buildroot}%{python3_sitelib} %endif +%post +%{_sbindir}/hidesensitivedata + %files -%defattr(-,root,root) %license LICENSE LICENSE-GPLv3 %{_bindir}/cloud-id %{_bindir}/cloud-init @@ -235,36 +217,33 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.* %{python3_sitelib}/cloudinit %{python3_sitelib}/cloud_init-%{version}*.egg-info %{_prefix}/lib/cloud-init -%{systemd_prefix}/systemd/system-generators/cloud-init-generator -%{systemd_prefix}/systemd/system/cloud-config.service -%{systemd_prefix}/systemd/system/cloud-config.target -%{systemd_prefix}/systemd/system/cloud-init-local.service -%{systemd_prefix}/systemd/system/cloud-init.service -%{systemd_prefix}/systemd/system/cloud-init.target -%{systemd_prefix}/systemd/system/cloud-final.service +%{_prefix}/lib/systemd/system-generators/cloud-init-generator +%{_prefix}/lib/systemd/system/cloud-config.service +%{_prefix}/lib/systemd/system/cloud-config.target +%{_prefix}/lib/systemd/system/cloud-init-local.service +%{_prefix}/lib/systemd/system/cloud-init.service +%{_prefix}/lib/systemd/system/cloud-init.target +%{_prefix}/lib/systemd/system/cloud-final.service %dir %{_sysconfdir}/rsyslog.d %{_sysconfdir}/rsyslog.d/21-cloudinit.conf -/usr/lib/udev/rules.d/66-azure-ephemeral.rules +%{_prefix}/lib/udev/rules.d/66-azure-ephemeral.rules # We use cloud-netconfig to handle new interfaces added to the instance -%exclude %{systemd_prefix}/systemd/system/cloud-init-hotplugd.service -%exclude %{systemd_prefix}/systemd/system/cloud-init-hotplugd.socket +%exclude %{_prefix}/lib/systemd/system/cloud-init-hotplugd.service +%exclude %{_prefix}/lib/systemd/system/cloud-init-hotplugd.socket %dir %attr(0755, root, root) %{_localstatedir}/lib/cloud -%dir %{docdir} -%dir /etc/NetworkManager -%dir /etc/NetworkManager/dispatcher.d -%dir /etc/dhcp -%dir /etc/dhcp/dhclient-exit-hooks.d -%dir /etc/systemd/system/sshd-keygen@.service.d - +%dir %docdir +%dir %{_sysconfdir}/NetworkManager +%dir %{_sysconfdir}/NetworkManager/dispatcher.d +%dir %{_sysconfdir}/dhcp +%dir %{_sysconfdir}/dhcp/dhclient-exit-hooks.d +%dir %{_sysconfdir}/systemd/system/sshd-keygen@.service.d %files config-suse -%defattr(-,root,root) %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg %files doc -%defattr(-,root,root) -%{docdir}/examples/* -%{docdir}/*.txt -%dir %{docdir}/examples +%docdir/examples/* +%docdir/*.txt +%dir %docdir/examples %changelog