| Age | Commit message (Collapse) | Author |
|---|
|
Cloud-config provided like:
users:
- default
- name: foobar
groups: sudo, adm
Would result in adduser being called as:
useradd foobar --groups 'sudo, adm' -m
Which would cause error:
useradd: group ' adm' does not exist
The fix here is just to always normalize groups and remove whitespace.
Additionally a fix and unit tests to explicitly set system=False
or no_create_home=True. Previously those paths did not test the value
of the entry, only the presense of the entry.
LP: #1354694
|
|
The documentation shows group names in the 'groups:' key delimited by
", ", but this will result in group names that contain spaces. This
can cause the 'groupadd' or 'useradd' commands to fail.
This patch ensures that we strip whitespace from either end of the
group names passed to the 'groups:' key.
LP: #1354694
|
|
Ubuntu Core images use the `snap create-user` to add users to an
Ubuntu Core system. Add support for creating snap users by adding
a key to the users dictionary.
users:
- name: bob
snapuser: bob@bobcom.io
Or via the 'snappy' dictionary:
snappy:
email: bob@bobcom.io
Users may also create a snap user without contacting the SSO by
providing a 'system-user' assertion by importing them into snapd.
Additionally, Ubuntu Core systems have a read-only /etc/passwd such that
the normal useradd/groupadd commands do not function without an additional
flag, '--extrausers', which redirects the pwd to /var/lib/extrausers.
Move the system_is_snappy() check from cc_snappy module to util for
re-use and then update the Distro class to append '--extrausers' if
the system is Ubuntu Core.
|
|
The amount of code to do user and group normalization
and extraction deserves its own file so move the code
that does this to a new file and update references to the
old location.
This removes some of the funkyness done in config modules
to avoid namespace and attribute clashes as well.
|
|
os.uname is a method, not a property.
|
|
|
|
Previous commit disabled the consumption of 'injected' files in
configdrive (openstack server boot --file=/target/file=local-file)
unless the datasource was in 'pass' mode. The default mode is 'net'
so that would never happen.
Also here are:
a.) a fix for 'links_path_prefix' string from debian, to finally
disable the rendering of systemd.link files (LP: #1594546)
b.) some comments to apply_network_config
c.) implement a backwards compatibility for for distros that do
not yet implement apply_network_config by converting the network
config into ENI format and calling apply_network.
This is required because prior to the previous commit, those distros
would have had 'apply_network' called with the openstack provided
ENI file. But after this change they will have apply_network_config
called by cloudinit's main.
d.) a network_state_to_eni helper for converting net config to eni
it supports the not-actually-correct 'hwaddress' field in ENI.
LP: #1602373
|
|
pylint --errors-only found several errors. Some of the changes
here represent real errors, others just code that pylint did
not like.
|
|
currently does not work in lxc
https://github.com/lxc/lxd/issues/2063
|
|
== background ==
DataSource Mode (dsmode) is present in many datasources in cloud-init.
dsmode was originally added to cloud-init to specify when this datasource
should be 'realized'.
cloud-init has 4 stages of boot.
a.) cloud-init --local . network is guaranteed not present.
b.) cloud-init (--network). network is guaranteed present.
c.) cloud-config
d.) cloud-init final
'init_modules' [1] are run "as early as possible". And as such, are executed
in either 'a' or 'b' based on the datasource. However, executing them means
that user-data has been fully consumed. User-data and vendor-data may have
'#include http://...' which then rely on the network being present. boothooks
are an example of the things run in init_modules.
The 'dsmode' was a way for a user to indicate that init_modules
should run at 'a' (dsmode=local) or 'b' (dsmode=net) directly.
Things were further confused when a datasource could provide networking
configuration. Then, we needed to apply the networking config at 'a'
but if the user had provided boothooks that expected networking, then the
init_modules would need to be executed at 'b'. The config drive datasource
hacked its way through this and applies networking if *it* detects it is
a new instance.
== Suggested Change ==
The plan is to
1. incorporate 'dsmode' into DataSource superclass
2. make all existing datasources default to network
3. apply any networking configuration from a datasource on first boot only
apply_networking will always rename network devices when it runs.
for bug 1579130.
4. run init_modules at cloud-init (network) time frame unless datasource
is 'local'.
5. Datasources can provide a 'first_boot' method that will be called when
a new instance_id is found. This will allow the config drive's write_files
to be applied once.
Over all, this will very much simplify things. We'll no longer have
2 sources like DataSourceNoCloud and DataSourceNoCloudNet, but would just
have one source with a dsmode.
== Concerns ==
Some things have odd reliance on dsmode. For example, OpenNebula's get_hostname
uses it to determine if it should do a lookup of an ip address.
== Bugs to fix here ==
http://pad.lv/1577982 ConfigDrive: cloud-init fails to configure network from network_data.json
http://pad.lv/1579130 need to support systemd.link renaming of devices in container
http://pad.lv/1577844 Drop unnecessary blocking of all net udev rules
|
|
|
|
revision 1179 regressed adding a user that did not have a 'groups'
entry present in cloud-config.
This handles that correctly, making 'add_user' able to take:
a.) groups="group1,group2"
b.) groups=["group1", "group2"]
c.) groups=None
d.) no groups parameter
Additionally, if a primary group is specified it will also be created.
End result is that this is functional:
#cloud-config
groups: ["sudo"]
users:
- name: sysop
primary-group: sysop
groups: "sudo,adm"
shell: /bin/bash
- name: user1
primary-group: users
groups: sudo
- name: foo1
- name: bar
gecos: Bar
groups: ["bargroup"]
Resulting in:
$ groups sysop
sysop : sysop adm sudo
$ groups user1
user1 : users sudo
$ groups foo1
foo1 : foo1
$ groups bar
bar : bar bargroup
LP: #1562918
|
|
|
|
When provided with gzipped data, an exception would be raised
because of a conversion to string.
This fixes the issue and adds a test for write_files.
LP: #1565638
|
|
revision 1179 regressed adding a user that did not have a 'groups'
entry present. This should handle that correctly, making 'add_user'
able to take:
a.) groups="group1,group2"
b.) groups=["group1", "group2"]
c.) groups=None
d.) no groups parameter
LP: #1562918
|
|
there is no data source that has a populated network_config()
so at this point this doesn't do anything.
|
|
|
|
this adds the consumption of 'network-config' to the datasourcenocloud.
There is an implementation of the network rendering taht is untested
in distros/debian.
|
|
This add 'lxd' to the list of groups that the default user is added to.
It also changes behavior to create any necessary groups that are listed
for the user rather than failing to add the user.
Theres also a fix for usage of logexc that I found along the way.
LP: #1539317
|
|
|
|
Update make check target to use pep8, pyflakes, pyflakes3.
|
|
|
|
|
|
the already implemented functionality of changing the password with a hashed string, but which wasn't used anywhere.
|
|
Unless /etc/localtime is an existing file and not a symlink,
then we will symlink instead of copying the tz_file to /etc/localtime.
The copy was due to an old bug in Ubuntu, symlink should be preferred.
LP: #1543025
|
|
Also implement DataSource.region for EC2 and GCE data sources.
|
|
|
|
The existing cloud-init code determines if systemd is in use by looking at the
distribution name and version. This is prone to error because:
- RHEL derivatives other than CentOS (e.g., Scientific Linux) will fail this test, and
- Distributions that are not derived from RHEL also use systemd
This patch makes cloud-init use the same logic that is used in systemd's
sd_booted() method
(http://www.freedesktop.org/software/systemd/man/sd_booted.html)
LP: #1461201
|
|
eu-central-1 means that 'central' is a direction to update the
regular expression to understand.
LP: #1456684
|
|
|
|
|
|
|
|
|
|
* In Py3, pass universal_newlines to subprocess.Popen()
|
|
|
|
to be behind trunk.
`tox -e py27` passes full test suite. Now to work on replacing mocker.
|
|
|
|
|
|
on RHEL, we were writing to persistent configuration the fqdn, but
invoking 'hostname' on the first boot with just the shortname. On 'reboot',
then the hostname would differ.
Now, whatever we write, invoke hostname with.
Also remove some duplicate code.
LP: #1246485
|
|
|
|
|
|
|
|
When a dict is passed in for 'ssh_authorized_keys' just extract
the keys from the values of the dict (and discard the keys).
|
|
Instead of only expected a list, tuple, or set type
allow for a string type to be passed in, and add log
message that occurs if some other type is used that
can not be correctly processed.
|
|
|
|
make pyflakes now passes.
|
|
Instead of using this log (which really isn't a failure) we should
instead of just return the looked up locations and then if there really
is an error the caller can handle the usage of the looked up locations
as they choose fit.
|
|
Fixed all complaints from running "make pep8". Also version locked
pep8 in test-requirements.txt to ensure that pep8 requirements don't
change without an explicit commit.
|
|
comments in /etc/timezone are not expected, and can cause problems
if another tool tries to read it.
LP: #1341710
|
|
for now, this the mechanism just doesn't seem right.
I think i'd rather have the module declare supported distros than
have distros declare [un]supported modules.
|
