1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
From 41152f10ddbd8681cdac44b408038a4f23ab02df Mon Sep 17 00:00:00 2001
From: Scott Moser <smoser@brickies.net>
Date: Tue, 17 Oct 2017 16:12:59 -0400
Subject: [PATCH] schema: Log debug instead of warning when jsonschema is not
available.
When operating in expected path, cloud-init should avoid logging with
warning. That causes 'WARNING' messages in /var/log/cloud-init.log.
By default, warnings also go to the console.
Since jsonschema is a optional dependency, and not present on xenial
and zesty, cloud-init should not warn there.
Also here:
* Add a test to integration tests to assert that there are no
warnings in /var/log/cloud-init.log.
* Update one integration test that did show warning and the related
documentation and examples.
LP: #1724354
---
cloudinit/config/cc_users_groups.py | 3 ++-
cloudinit/config/schema.py | 2 +-
doc/examples/cloud-config-user-groups.txt | 6 +++---
tests/cloud_tests/testcases/base.py | 4 ++++
tests/cloud_tests/testcases/examples/including_user_groups.py | 6 ++++++
tests/cloud_tests/testcases/examples/including_user_groups.yaml | 7 +++++--
tests/cloud_tests/testcases/modules/user_groups.py | 6 ++++++
tests/cloud_tests/testcases/modules/user_groups.yaml | 7 +++++--
8 files changed, 32 insertions(+), 9 deletions(-)
Index: cloud-init/cloudinit/config/cc_users_groups.py
===================================================================
--- cloud-init.orig/cloudinit/config/cc_users_groups.py
+++ cloud-init/cloudinit/config/cc_users_groups.py
@@ -15,7 +15,8 @@ options, see the ``Including users and g
Groups to add to the system can be specified as a list under the ``groups``
key. Each entry in the list should either contain a the group name as a string,
or a dictionary with the group name as the key and a list of users who should
-be members of the group as the value.
+be members of the group as the value. **Note**: Groups are added before users,
+so any users in a group list must already exist on the system.
The ``users`` config key takes a list of users to configure. The first entry in
this list is used as the default user for the system. To preserve the standard
Index: cloud-init/cloudinit/config/schema.py
===================================================================
--- cloud-init.orig/cloudinit/config/schema.py
+++ cloud-init/cloudinit/config/schema.py
@@ -74,7 +74,7 @@ def validate_cloudconfig_schema(config,
try:
from jsonschema import Draft4Validator, FormatChecker
except ImportError:
- logging.warning(
+ logging.debug(
'Ignoring schema validation. python-jsonschema is not present')
return
validator = Draft4Validator(schema, format_checker=FormatChecker())
Index: cloud-init/doc/examples/cloud-config-user-groups.txt
===================================================================
--- cloud-init.orig/doc/examples/cloud-config-user-groups.txt
+++ cloud-init/doc/examples/cloud-config-user-groups.txt
@@ -1,8 +1,8 @@
# Add groups to the system
-# The following example adds the ubuntu group with members foo and bar and
-# the group cloud-users.
+# The following example adds the ubuntu group with members 'root' and 'sys'
+# and the empty group cloud-users.
groups:
- - ubuntu: [foo,bar]
+ - ubuntu: [root,sys]
- cloud-users
# Add users to the system. Users are added after groups are added.
Index: cloud-init/tests/cloud_tests/testcases/base.py
===================================================================
--- cloud-init.orig/tests/cloud_tests/testcases/base.py
+++ cloud-init/tests/cloud_tests/testcases/base.py
@@ -72,6 +72,10 @@ class CloudTestCase(unittest.TestCase):
result = self.get_status_data(self.get_data_file('result.json'))
self.assertEqual(len(result['errors']), 0)
+ def test_no_warnings_in_log(self):
+ """Warnings should not be found in the log."""
+ self.assertNotIn("WARN", self.get_data_file('cloud-init.log'))
+
class PasswordListTest(CloudTestCase):
"""Base password test case class."""
Index: cloud-init/tests/cloud_tests/testcases/examples/including_user_groups.py
===================================================================
--- cloud-init.orig/tests/cloud_tests/testcases/examples/including_user_groups.py
+++ cloud-init/tests/cloud_tests/testcases/examples/including_user_groups.py
@@ -40,4 +40,10 @@ class TestUserGroups(base.CloudTestCase)
out = self.get_data_file('user_cloudy')
self.assertRegex(out, r'cloudy:x:[0-9]{3,4}:')
+ def test_user_root_in_secret(self):
+ """Test root user is in 'secret' group."""
+ user, _, groups = self.get_data_file('root_groups').partition(":")
+ self.assertIn("secret", groups.split(),
+ msg="User root is not in group 'secret'")
+
# vi: ts=4 expandtab
Index: cloud-init/tests/cloud_tests/testcases/examples/including_user_groups.yaml
===================================================================
--- cloud-init.orig/tests/cloud_tests/testcases/examples/including_user_groups.yaml
+++ cloud-init/tests/cloud_tests/testcases/examples/including_user_groups.yaml
@@ -8,7 +8,7 @@ cloud_config: |
#cloud-config
# Add groups to the system
groups:
- - secret: [foobar,barfoo]
+ - secret: [root]
- cloud-users
# Add users to the system. Users are added after groups are added.
@@ -24,7 +24,7 @@ cloud_config: |
- name: barfoo
gecos: Bar B. Foo
sudo: ALL=(ALL) NOPASSWD:ALL
- groups: cloud-users
+ groups: [cloud-users, secret]
lock_passwd: true
- name: cloudy
gecos: Magic Cloud App Daemon User
@@ -49,5 +49,8 @@ collect_scripts:
user_cloudy: |
#!/bin/bash
getent passwd cloudy
+ root_groups: |
+ #!/bin/bash
+ groups root
# vi: ts=4 expandtab
Index: cloud-init/tests/cloud_tests/testcases/modules/user_groups.py
===================================================================
--- cloud-init.orig/tests/cloud_tests/testcases/modules/user_groups.py
+++ cloud-init/tests/cloud_tests/testcases/modules/user_groups.py
@@ -40,4 +40,10 @@ class TestUserGroups(base.CloudTestCase)
out = self.get_data_file('user_cloudy')
self.assertRegex(out, r'cloudy:x:[0-9]{3,4}:')
+ def test_user_root_in_secret(self):
+ """Test root user is in 'secret' group."""
+ user, _, groups = self.get_data_file('root_groups').partition(":")
+ self.assertIn("secret", groups.split(),
+ msg="User root is not in group 'secret'")
+
# vi: ts=4 expandtab
Index: cloud-init/tests/cloud_tests/testcases/modules/user_groups.yaml
===================================================================
--- cloud-init.orig/tests/cloud_tests/testcases/modules/user_groups.yaml
+++ cloud-init/tests/cloud_tests/testcases/modules/user_groups.yaml
@@ -7,7 +7,7 @@ cloud_config: |
#cloud-config
# Add groups to the system
groups:
- - secret: [foobar,barfoo]
+ - secret: [root]
- cloud-users
# Add users to the system. Users are added after groups are added.
@@ -23,7 +23,7 @@ cloud_config: |
- name: barfoo
gecos: Bar B. Foo
sudo: ALL=(ALL) NOPASSWD:ALL
- groups: cloud-users
+ groups: [cloud-users, secret]
lock_passwd: true
- name: cloudy
gecos: Magic Cloud App Daemon User
@@ -48,5 +48,8 @@ collect_scripts:
user_cloudy: |
#!/bin/bash
getent passwd cloudy
+ root_groups: |
+ #!/bin/bash
+ groups root
# vi: ts=4 expandtab
|
