Re: [Cloud-init-dev] [Merge] ~utlemming/cloud-init:master into cloud-init:master
Review: Needs Fixing continuous-integration FAILED: Continuous integration, rev:f77b0c2bdded3ed516cadc63376f12274dc6e90d https://jenkins.ubuntu.com/server/job/cloud-init-ci/159/ Executed test runs: FAILURE: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-amd64/159/console FAILURE: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-arm64/159/console FAILURE: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-ppc64el/159/console FAILURE: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-s390x/159/console FAILURE: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=vm-i386/159/console Click here to trigger a rebuild: https://jenkins.ubuntu.com/server/job/cloud-init-ci/159/rebuild -- https://code.launchpad.net/~utlemming/cloud-init/+git/cloud-init-1/+merge/321001 Your team cloud init development team is requested to review the proposed merge of ~utlemming/cloud-init:master into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~utlemming/cloud-init:master into cloud-init:master
The proposal to merge ~utlemming/cloud-init:master into cloud-init:master has been updated. Description changed to: Fix for LP: #1675571 affecting DigitalOcean. This moves the nameserver from the first NIC definition to being bound on the loopback device. For more details, see: https://code.launchpad.net/~utlemming/cloud-init/+git/cloud-init-1/+merge/321001 -- Your team cloud init development team is requested to review the proposed merge of ~utlemming/cloud-init:master into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~utlemming/cloud-init:master into cloud-init:master
Ben Howard has proposed merging ~utlemming/cloud-init:master into
cloud-init:master.
Requested reviews:
cloud init development team (cloud-init-dev)
For more details, see:
https://code.launchpad.net/~utlemming/cloud-init/+git/cloud-init-1/+merge/321001
Fix for LP: #1637290 affecting DigitalOcean.
--
Your team cloud init development team is requested to review the proposed merge
of ~utlemming/cloud-init:master into cloud-init:master.
diff --git a/cloudinit/sources/helpers/digitalocean.py b/cloudinit/sources/helpers/digitalocean.py
index 72f7bde..a9f1816 100644
--- a/cloudinit/sources/helpers/digitalocean.py
+++ b/cloudinit/sources/helpers/digitalocean.py
@@ -10,6 +10,7 @@ from cloudinit import net as cloudnet
from cloudinit import url_helper
from cloudinit import util
+FIRST_NICS = ['eth0', 'ens3']
NIC_MAP = {'public': 'eth0', 'private': 'eth1'}
LOG = logging.getLogger(__name__)
@@ -22,8 +23,13 @@ def assign_ipv4_link_local(nic=None):
address is random.
"""
+# if there is an eth0, then it has already been mapped from ens3 to eth0
+c_devs = FIRST_NICS
+c_devs.extend([x for x in sorted(cloudnet.get_devicelist())
+ if x not in FIRST_NICS])
+
if not nic:
-for cdev in sorted(cloudnet.get_devicelist()):
+for cdev in c_devs:
if cloudnet.is_physical(cdev):
nic = cdev
LOG.debug("assigned nic '%s' for link-local discovery", nic)
@@ -107,15 +113,12 @@ def convert_network_configuration(config, dns_servers):
}
"""
-def _get_subnet_part(pcfg, nameservers=None):
+def _get_subnet_part(pcfg):
subpart = {'type': 'static',
'control': 'auto',
'address': pcfg.get('ip_address'),
'gateway': pcfg.get('gateway')}
-if nameservers:
-subpart['dns_nameservers'] = nameservers
-
if ":" in pcfg.get('ip_address'):
subpart['address'] = "{0}/{1}".format(pcfg.get('ip_address'),
pcfg.get('cidr'))
@@ -124,15 +127,13 @@ def convert_network_configuration(config, dns_servers):
return subpart
-all_nics = []
-for k in ('public', 'private'):
-if k in config:
-all_nics.extend(config[k])
-
-macs_to_nics = cloudnet.get_interfaces_by_mac()
nic_configs = []
+macs_to_nics = cloudnet.get_interfaces_by_mac()
+LOG.debug("nic mapping: %s", macs_to_nics)
-for nic in all_nics:
+for n in config:
+nic = config[n][0]
+LOG.debug("considering %s", nic)
mac_address = nic.get('mac')
sysfs_name = macs_to_nics.get(mac_address)
@@ -157,13 +158,8 @@ def convert_network_configuration(config, dns_servers):
continue
sub_part = _get_subnet_part(raw_subnet)
-if nic_type == 'public' and 'anchor' not in netdef:
-# add DNS resolvers to the public interfaces only
-sub_part = _get_subnet_part(raw_subnet, dns_servers)
-else:
-# remove the gateway any non-public interfaces
-if 'gateway' in sub_part:
-del sub_part['gateway']
+if netdef in ('private', 'anchor_ipv4', 'anchor_ipv6'):
+del sub_part['gateway']
subnets.append(sub_part)
@@ -171,6 +167,10 @@ def convert_network_configuration(config, dns_servers):
nic_configs.append(ncfg)
LOG.debug("nic '%s' configuration: %s", if_name, ncfg)
+if dns_servers:
+LOG.debug("added dns servers")
+nic_configs.append({'type': 'nameserver', 'address': dns_servers})
+
return {'version': 1, 'config': nic_configs}
diff --git a/tests/unittests/test_datasource/test_digitalocean.py b/tests/unittests/test_datasource/test_digitalocean.py
index 9be6bc1..1e3b9f3 100644
--- a/tests/unittests/test_datasource/test_digitalocean.py
+++ b/tests/unittests/test_datasource/test_digitalocean.py
@@ -204,17 +204,24 @@ class TestNetworkConvert(TestCase):
netcfg = self._get_networking()
self.assertIsNotNone(netcfg)
-for nic_def in netcfg.get('config'):
-print(json.dumps(nic_def, indent=3))
-n_type = nic_def.get('type')
-n_subnets = nic_def.get('type')
-n_name = nic_def.get('name')
-n_mac = nic_def.get('mac_address')
+for part in netcfg.get('config'):
+print(json.dumps(part, indent=3))
+n_type = part.get('type')
+
+if n_type == 'nameserver':
+n_address = part.get('address')
+self.assertIsNotNone(n_address)
+self.assertEquals(len(n_address), 3)
+
+else:
+n_subnets = part.get('type')
+n_name = part.get('name')
+n_mac = part.get('mac_address')
-self.assertIsNotNone(n_type)
-s
Re: [Cloud-init-dev] [Merge] ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master
Review: Approve continuous-integration PASSED: Continuous integration, rev:21632972df034c200578e1fbc121a07f20bb8774 https://jenkins.ubuntu.com/server/job/cloud-init-ci/158/ Executed test runs: SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-amd64/158 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-arm64/158 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-ppc64el/158 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-s390x/158 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=vm-i386/158 Click here to trigger a rebuild: https://jenkins.ubuntu.com/server/job/cloud-init-ci/158/rebuild -- https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/321000 Your team cloud init development team is requested to review the proposed merge of ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master
Scott Moser has proposed merging
~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master.
Commit message:
Add support for setting hashed passwords
This change will add support for hashed passwords in cc_set_passwords.
It checks if a password is a hash with by checking that it matches
in fairly safe way, and also that the password does not have a ":" in it.
chpasswd needs to know if the password is hashed or not, so two lists
is created so chpasswd is feed with the correct one.
LP: #1570325
Requested reviews:
cloud init development team (cloud-init-dev)
Related bugs:
Bug #1570325 in cloud-init: "RFE: chpasswd in cloud-init should support
hashed passwords"
https://bugs.launchpad.net/cloud-init/+bug/1570325
For more details, see:
https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/321000
--
Your team cloud init development team is requested to review the proposed merge
of ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into
cloud-init:master.
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
index 8440e59..eb0bdab 100755
--- a/cloudinit/config/cc_set_passwords.py
+++ b/cloudinit/config/cc_set_passwords.py
@@ -23,7 +23,8 @@ If the ``list`` key is provided, a list of
``username:password`` pairs can be specified. The usernames specified
must already exist on the system, or have been created using the
``cc_users_groups`` module. A password can be randomly generated using
-``username:RANDOM`` or ``username:R``. Password ssh authentication can be
+``username:RANDOM`` or ``username:R``. A hashed password can be specified
+using ``username:$6$salt$hash``. Password ssh authentication can be
enabled, disabled, or left to system defaults using ``ssh_pwauth``.
.. note::
@@ -60,8 +61,10 @@ enabled, disabled, or left to system defaults using ``ssh_pwauth``.
- user2:RANDOM
- user3:password3
- user4:R
+- user4:$6$rL..$ej...
"""
+import re
import sys
from cloudinit.distros import ug_util
@@ -112,24 +115,43 @@ def handle(_name, cfg, cloud, log, args):
errors = []
if plist:
plist_in = []
+hashed_plist_in = []
+hashed_users = []
randlist = []
users = []
+prog = re.compile(r'\$[1,2a,2y,5,6](\$.+){2}')
for line in plist:
u, p = line.split(':', 1)
-if p == "R" or p == "RANDOM":
-p = rand_user_password()
-randlist.append("%s:%s" % (u, p))
-plist_in.append("%s:%s" % (u, p))
-users.append(u)
+if prog.match(p) is not None and ":" not in p:
+hashed_plist_in.append("%s:%s" % (u, p))
+hashed_users.append(u)
+else:
+if p == "R" or p == "RANDOM":
+p = rand_user_password()
+randlist.append("%s:%s" % (u, p))
+plist_in.append("%s:%s" % (u, p))
+users.append(u)
ch_in = '\n'.join(plist_in) + '\n'
-try:
-log.debug("Changing password for %s:", users)
-util.subp(['chpasswd'], ch_in)
-except Exception as e:
-errors.append(e)
-util.logexc(log, "Failed to set passwords with chpasswd for %s",
-users)
+if users:
+try:
+log.debug("Changing password for %s:", users)
+util.subp(['chpasswd'], ch_in)
+except Exception as e:
+errors.append(e)
+util.logexc(
+log, "Failed to set passwords with chpasswd for %s", users)
+
+hashed_ch_in = '\n'.join(hashed_plist_in) + '\n'
+if hashed_users:
+try:
+log.debug("Setting hashed password for %s:", hashed_users)
+util.subp(['chpasswd', '-e'], hashed_ch_in)
+except Exception as e:
+errors.append(e)
+util.logexc(
+log, "Failed to set hashed passwords with chpasswd for %s",
+hashed_users)
if len(randlist):
blurb = ("Set the following 'random' passwords\n",
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index c03f102..bd84c64 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -426,14 +426,21 @@ syslog_fix_perms: syslog:root
#
# there is also an option to set multiple users passwords, using 'chpasswd'
# That looks like the following, with 'expire' set to 'True' by default.
-# to not expire users passwords, set 'expire' to 'False':
+# to not expire users passwords, set 'expire' to 'False'. Also possible
+# to set hashed password, here account 'user3' has a password it set to
+# 'cloud-init', hashed with SHA-256:
# chpasswd:
# list: |
#user1:password1
#user2:RANDOM
+#user3:$5$eriogqzq$Dg7PxHsKGzziuEGkZgkLvacjuEFeljJ.rLf.hZ
[Cloud-init-dev] [Merge] ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master
The proposal to merge ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master has been updated. Commit Message changed to: Add support for setting hashed passwords This change will add support for hashed passwords in cc_set_passwords. It checks if a password is a hash with by checking that it matches in fairly safe way, and also that the password does not have a ":" in it. chpasswd needs to know if the password is hashed or not, so two lists is created so chpasswd is feed with the correct one. LP: #1570325 For more details, see: https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/321000 -- Your team cloud init development team is requested to review the proposed merge of ~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
Re: [Cloud-init-dev] [Merge] ~powersj/cloud-init:enable-snap into cloud-init:master
Review: Approve continuous-integration PASSED: Continuous integration, rev:85f8a18274a5d0f7429034d469cfb73f78700488 https://jenkins.ubuntu.com/server/job/cloud-init-ci/157/ Executed test runs: SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-amd64/157 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-arm64/157 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-ppc64el/157 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-s390x/157 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=vm-i386/157 Click here to trigger a rebuild: https://jenkins.ubuntu.com/server/job/cloud-init-ci/157/rebuild -- https://code.launchpad.net/~powersj/cloud-init/+git/cloud-init/+merge/320994 Your team cloud init development team is requested to review the proposed merge of ~powersj/cloud-init:enable-snap into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~powersj/cloud-init:enable-snap into cloud-init:master
The proposal to merge ~powersj/cloud-init:enable-snap into cloud-init:master has been updated. Description changed to: To test: 1. git clone -b enable-snap git+ssh://git.launchpad.net/~powersj/cloud-init 2. cd cloud-init 3. Because the required setup.py change is not in master, you need to edit snapcraft.yaml to use the local repo with the change. Edit parts -> cloud-init -> source as follows: source: . 4. snapcraft 5. sudo snap install cloud-init_master_amd64.snap --classic --dangerous --classic because it is class --dangerous because it is not from the store and local 6. Try it out: sudo cloud-init -v sudo cloud-init -h I have run a `sudo cloud-init init` and it executed as I believe is expected. For more details, see: https://code.launchpad.net/~powersj/cloud-init/+git/cloud-init/+merge/320994 -- Your team cloud init development team is requested to review the proposed merge of ~powersj/cloud-init:enable-snap into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~powersj/cloud-init:enable-snap into cloud-init:master
Joshua Powers has proposed merging ~powersj/cloud-init:enable-snap into
cloud-init:master.
Commit message:
snap: allows for creating cloud-init snap
Add a basic snapcraft.yaml file to allow the creation of cloud-init as
a snap. This will always pull down the latest source from master for
the snap. setup.py will now also set the default init system to be
systemd when no init system is specified.
Requested reviews:
cloud init development team (cloud-init-dev)
For more details, see:
https://code.launchpad.net/~powersj/cloud-init/+git/cloud-init/+merge/320994
--
Your team cloud init development team is requested to review the proposed merge
of ~powersj/cloud-init:enable-snap into cloud-init:master.
diff --git a/.gitignore b/.gitignore
index 3946ec7..b0500a6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,7 @@ __pycache__
.tox
.coverage
doc/rtd_html
+parts
+prime
+stage
+*.snap
diff --git a/setup.py b/setup.py
index e6693c9..32a44d9 100755
--- a/setup.py
+++ b/setup.py
@@ -138,9 +138,7 @@ class InitsysInstallData(install):
self.init_system = self.init_system.split(",")
if len(self.init_system) == 0:
-raise DistutilsArgError(
-("You must specify one of (%s) when"
- " specifying init system(s)!") % (", ".join(INITSYS_TYPES)))
+self.init_system = ['systemd']
bad = [f for f in self.init_system if f not in INITSYS_TYPES]
if len(bad) != 0:
diff --git a/snapcraft.yaml b/snapcraft.yaml
new file mode 100644
index 000..6a0163e
--- /dev/null
+++ b/snapcraft.yaml
@@ -0,0 +1,21 @@
+name: cloud-init
+version: master
+summary: Init scripts for cloud instances
+description: |
+ Cloud instances need special scripts to run during initialisation to
+ retrieve and install ssh keys and to let the user run various scripts.
+
+grade: devel
+confinement: classic
+
+apps:
+ cloud-init:
+# LP: #1664427
+command: usr/bin/python3 $SNAP/bin/cloud-init
+
+parts:
+ cloud-init:
+plugin: python
+source-type: git
+source: https://git.launchpad.net/cloud-init
+
___
Mailing list: https://launchpad.net/~cloud-init-dev
Post to : cloud-init-dev@lists.launchpad.net
Unsubscribe : https://launchpad.net/~cloud-init-dev
More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~multani/cloud-init:fix-1634678 into cloud-init:master
The proposal to merge ~multani/cloud-init:fix-1634678 into cloud-init:master has been updated. Status: Needs review => Merged For more details, see: https://code.launchpad.net/~multani/cloud-init/+git/cloud-init/+merge/320815 -- Your team cloud init development team is requested to review the proposed merge of ~multani/cloud-init:fix-1634678 into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~powersj/cloud-init:enable-pylint into cloud-init:master
The proposal to merge ~powersj/cloud-init:enable-pylint into cloud-init:master has been updated. Status: Needs review => Merged For more details, see: https://code.launchpad.net/~powersj/cloud-init/+git/cloud-init/+merge/320560 -- Your team cloud init development team is requested to review the proposed merge of ~powersj/cloud-init:enable-pylint into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
[Cloud-init-dev] [Merge] ~smoser/cloud-init:bug/1674766-ds-identify-bigstep into cloud-init:master
The proposal to merge ~smoser/cloud-init:bug/1674766-ds-identify-bigstep into cloud-init:master has been updated. Status: Needs review => Merged For more details, see: https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/320866 -- Your team cloud init development team is requested to review the proposed merge of ~smoser/cloud-init:bug/1674766-ds-identify-bigstep into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
Re: [Cloud-init-dev] [Merge] ~powersj/cloud-init:enable-pylint into cloud-init:master
Review: Approve continuous-integration PASSED: Continuous integration, rev:2393e5abf47eca5a8f58e52ac17d7a37427041df https://jenkins.ubuntu.com/server/job/cloud-init-ci/155/ Executed test runs: SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-amd64/155 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-arm64/155 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-ppc64el/155 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=metal-s390x/155 SUCCESS: https://jenkins.ubuntu.com/server/job/cloud-init-ci/nodes=vm-i386/155 Click here to trigger a rebuild: https://jenkins.ubuntu.com/server/job/cloud-init-ci/155/rebuild -- https://code.launchpad.net/~powersj/cloud-init/+git/cloud-init/+merge/320560 Your team cloud init development team is requested to review the proposed merge of ~powersj/cloud-init:enable-pylint into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
Re: [Cloud-init-dev] [Merge] ~multani/cloud-init:fix-1634678 into cloud-init:master
Jonathan, Thanks for this. It looks great. In order to accept the change I need you to sign the contributors agreement. HACKING.rst in the code base has more info. http://www.canonical.com/contributors Please feel free to ping me in irc or email if you have any questions. Other than that, it looks good. Thanks. Scott -- https://code.launchpad.net/~multani/cloud-init/+git/cloud-init/+merge/320815 Your team cloud init development team is requested to review the proposed merge of ~multani/cloud-init:fix-1634678 into cloud-init:master. ___ Mailing list: https://launchpad.net/~cloud-init-dev Post to : cloud-init-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
