| Age | Commit message (Collapse) | Author |
|---|
|
|
|
and produce a user and group list. Clean this up to
be simpler as well as handle the old 'user' case when
it exists in configuration.
|
|
Rework the rhel sysconfig writing/updating so that it goes through a
single function which helps ensure correctness. Also write to
/etc/sysconfig/network when we have written out devices to ensure that
networking is on.
|
|
|
|
|
|
|
|
Fix the ifup so that if a list of devices is provided then each interface is
brought up individually instead of using the '--all' which isn't on rhel.
The default debian behavior will be to use this still though as it overrides
the new bring up interfaces function for this case.
|
|
In the event of a 403 (Unauthorized) in oauth, try set a 'oauth_clockskew'
variable. In future headers, use a time created by 'time.time() +
self.oauth_clockskew'. The idea here is that if the local time is bad (or even
if the server time is bad) we will essentially use something that should be
similar to the remote clock.
This fixes LP: #978127.
LP: #978127
|
|
|
|
|
|
In the previous commit to htis file I had wrapped the writing of
'BEGIN SSH HOST KEY KEYS' to go through logger.
This would cause the keys to be prefixed with 'ec2:' which, previously they
were not. That would break existing users *and* make it more difficult to
consume that data, which was explicitly added to be easy to consume.
|
|
|
|
This changes all output write-ssh-key-fingerprints to go to its
stdout by redirecting stderr to stdout.
The reason for this is that cc_keys_to_console.py was swallowing stderr
and not replaying it to /dev/console.
Ideally, we'd have a way in 'util.subp' to do effectively the same thing
as we're doing here in the shell script.
LP: #1055688
|
|
sudo complains about the permissions on the sudoers config file that cloud-init
writes:
[ec2-user@ip-10-166-110-107 ~]$ sudo -s sudo:
/etc/sudoers.d/90-cloud-init-users is mode 0644, should be 0440
This patch makes the file's permissions match sudo's recommendation.
Note: ubuntu's sudo doesn't seem to complain about 644, but 440 is probably
better.
|
|
since it has little dependence on the distros
class itself. Readjust the using code to use
this new module level function instead.
|
|
|
|
|
|
separated list so that its types match more of
what the group list can be.
|
|
normalization instead of forgetting about it.
|
|
responsible only for creating users and groups and
normalizing a input configuration into a normalized
format that splits up the user list, the group list
and the default user listsand let the add user/group config
module handle calling those methods to add its own users/groups
and the default user (if any).
2. Also add in tests for this normalization process to ensure
that it is pretty bug free and works with the different types
of formats that users/groups/defaults + options can take.
|
|
we are going to check for the 'all' entry
and if that exists then only fire off one
call (since debian supports this).
|
|
to avoid duplicating the same code in
this file.
|
|
so that it goes through a single function
which helps ensure correctness. Also write
to /etc/sysconfig/network when we have written
out devices to ensure that networking is on.
|
|
then each interface is brought up individually instead
of using the '--all' which isn't on rhel. The default
debian behavior will be to use this still though as it
overrides the new bring up interfaces function for this
case.
|
|
This most commonly occurs if a user-data script does '/sbin/poweroff'
where syslog was being used. Once poweroff is invoked, syslog gets killed
and logging would start to show stack traces.
This generally tries to continue working instead, but log to stderr.
|
|
LP: #1042764
|
|
is to patch the functionality before it gets reimported.
|
|
|
|
A cloud-init job (user-data) might invoke /sbin/reboot or in some other
way end up killing cloud-init. Rather than spewing the stack trace,
we just print a nicer message.
|
|
I had previously asked for this, but we're hoping to handle it in a
more generic way. Just because we receive a signal doesn't mean that
all logging is broken.
The more general solution we'll chase is to catch a failure of a log
message and fall back if necessary across the board. That way cloud-init
will still send logging to the right places on a user interupt.
|
|
the unit test required access to /dev/console due to the logging.
|
|
|
|
will be monkey patched in to replace the
base handler. That patching isn't quite
there yet but WIP.
|
|
update_package_sources on RHEL called "yum update", which actually
upgrades packages on the system. Thix fix makes it instead call "yum
makecache" instead.
|
|
servers and add in the writing of /etc/resolv.conf in rhel from that
translation.
|
|
Network Manager (LP: #1053048), and apparently fedora/redhat do not like
comments in this file.
LP: #1052664
|
|
|
|
This adds trailing newlines to /etc/default/locale, /etc/hostname,
/etc/timezone.
|
|
Fedora and RHEL and friends' useradd program supports an "--selinux-user"
option that sets what SELinux user a new user should log in with. This commit
introduces an "selinux-user" directive to cloud-config "users" lists that
exposes this option.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the signal information in one block instead of many.
|
|
|
|
LP: #1050962
|
|
do not 'start networking' in cloud-init-nonet, but add
cloud-init-container job that runs only if in container and emits
net-device-added (LP: #1031065)
LP: #1031065
|
|
|
