From a09fd19e86794f7898a30e1c09e0c3055b651134 Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: Import patches-unapplied version 2.0.4-0ubuntu2 to ubuntu/trusty-proposed Imported using git-ubuntu import. Changelog parent: 75e067cb6f84d1834dea8aeab0722e9ffc651466 New changelog entries: * Fix for broken sshd configuration (LP: #1305418) - Change modification of sshd_config to address lack of newline at EOF --- debian/changelog | 7 +++++++ debian/patches/series | 1 + debian/patches/sshd_config_newline_fix.patch | 22 ++++++++++++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 debian/patches/sshd_config_newline_fix.patch diff --git a/debian/changelog b/debian/changelog index c42e5f4..dac7683 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +walinuxagent (2.0.4-0ubuntu2) trusty; urgency=low + + * Fix for broken sshd configuration (LP: #1305418) + - Change modification of sshd_config to address lack of newline at EOF + + -- Ben Howard Thu, 10 Apr 2014 14:04:44 -0600 + walinuxagent (2.0.4-0ubuntu1) trusty; urgency=medium * Update to latest upstream version 2.0.4 (LP: #1304023). diff --git a/debian/patches/series b/debian/patches/series index 5879858..49ac87a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ disable-udev-rules.patch disable_provisioning.patch fixup_setup_file.patch cloud-init-default-cfg.patch +sshd_config_newline_fix.patch diff --git a/debian/patches/sshd_config_newline_fix.patch b/debian/patches/sshd_config_newline_fix.patch new file mode 100644 index 0000000..a599c81 --- /dev/null +++ b/debian/patches/sshd_config_newline_fix.patch @@ -0,0 +1,22 @@ +Description: Fix for broken sshd configuration (LP: #1305418) + Change modification of sshd_config to address lack of newline at EOF. + Lack of newline resulted in appended config line on same line + as existing configuration option, breaking sshd_config. + +Author: Robert C Jennings +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1305418 +--- + waagent | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/waagent ++++ b/waagent +@@ -3353,7 +3353,7 @@ + # Disable RFC 4252 and RFC 4256 authentication schemes. + ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not + (a.startswith("PasswordAuthentication") or a.startswith("ChallengeResponseAuthentication")), +- GetFileContents(filepath).split('\n'))) + "PasswordAuthentication no\nChallengeResponseAuthentication no\n") ++ GetFileContents(filepath).split('\n'))) + "\nPasswordAuthentication no\nChallengeResponseAuthentication no\n") + Log("Disabled SSH password-based authentication methods.") + if self.AdminPassword != None: + MyDistro.changePass('root',self.AdminPassword) -- cgit v1.2.3 From e8d951d0001b9ca1b1ffa8322a6020becb2e1230 Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: Prevent the removal of udev rules by agent Gbp-Pq: disable-udev-rules.patch. --- waagent | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/waagent b/waagent index c04ab3e..5be3288 100755 --- a/waagent +++ b/waagent @@ -90,8 +90,7 @@ ExtensionChildren = [] VMM_STARTUP_SCRIPT_NAME='install' VMM_CONFIG_FILE_NAME='linuxosconfiguration.xml' global RulesFiles -RulesFiles = [ "/lib/udev/rules.d/75-persistent-net-generator.rules", - "/etc/udev/rules.d/70-persistent-net.rules" ] +RulesFiles = [] VarLibDhcpDirectories = ["/var/lib/dhclient", "/var/lib/dhcpcd", "/var/lib/dhcp"] EtcDhcpClientConfFiles = ["/etc/dhcp/dhclient.conf", "/etc/dhcp3/dhclient.conf"] global LibDir -- cgit v1.2.3 From 7b2fd91df57dbf69ffd7bb434b083e4438437c3a Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: Disable provisioning Gbp-Pq: disable_provisioning.patch. --- config/waagent.conf | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/config/waagent.conf b/config/waagent.conf index c7cb96a..5e26508 100644 --- a/config/waagent.conf +++ b/config/waagent.conf @@ -1,6 +1,9 @@ # # Windows Azure Linux Agent Configuration # +# Ubuntu uses Cloud-init to provision on Windows Azure. This configuration +# file is used to ensure that cloud-init does the prep of the disk +# # Specified program is invoked with the argument "Ready" when we report ready status # to the endpoint server. @@ -14,29 +17,29 @@ Role.ConfigurationConsumer=None Role.TopologyConsumer=None # Enable instance creation -Provisioning.Enabled=y +Provisioning.Enabled=n # Password authentication for root account will be unavailable. -Provisioning.DeleteRootPassword=y +Provisioning.DeleteRootPassword=n # Generate fresh host key pair. -Provisioning.RegenerateSshHostKeyPair=y +Provisioning.RegenerateSshHostKeyPair=n # Supported values are "rsa", "dsa" and "ecdsa". Provisioning.SshHostKeyPairType=rsa # Monitor host name changes and publish changes via DHCP requests. -Provisioning.MonitorHostName=y +Provisioning.MonitorHostName=n # Format if unformatted. If 'n', resource disk will not be mounted. -ResourceDisk.Format=y +ResourceDisk.Format=n # File system on the resource disk # Typically ext3 or ext4. FreeBSD images should use 'ufs2' here. ResourceDisk.Filesystem=ext4 -# ount point for the resource disk -ResourceDisk.MountPoint=/mnt/resource +# Mount point for the resource disk +ResourceDisk.MountPoint=/mnt # Create and use swapfile on resource disk. ResourceDisk.EnableSwap=n -- cgit v1.2.3 From 0e66aebf97a5b8354c223a39524915112c99031b Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: fixup_setup_file.patch No DEP3 Subject or Description header found Gbp-Pq: fixup_setup_file.patch. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 846d8e7..5af4797 100755 --- a/setup.py +++ b/setup.py @@ -52,7 +52,7 @@ class InstallData(install): def initialize_options(self): install.initialize_options(self) - self.init_system = 'sysV' + self.init_system = 'upstart' self.lnx_distro = None def finalize_options(self): -- cgit v1.2.3 From 4bdc1e1ee5a6b4c571b936fc389d5be972702145 Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: cloud-init-default-cfg.patch No DEP3 Subject or Description header found Gbp-Pq: cloud-init-default-cfg.patch. --- config/91_walinuxagent.cfg | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 config/91_walinuxagent.cfg diff --git a/config/91_walinuxagent.cfg b/config/91_walinuxagent.cfg new file mode 100644 index 0000000..b7049fc --- /dev/null +++ b/config/91_walinuxagent.cfg @@ -0,0 +1,3 @@ +# This configuration file is provided by the WALinuxAgent package. +datasource_list: [ Azure ] + -- cgit v1.2.3 From 5cf5793d5fcad94d51671d869572248ae90fc375 Mon Sep 17 00:00:00 2001 From: Ben Howard Date: Thu, 10 Apr 2014 14:04:44 -0600 Subject: Fix for broken sshd configuration (LP: #1305418) Gbp-Pq: sshd_config_newline_fix.patch. --- waagent | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waagent b/waagent index 5be3288..621f939 100755 --- a/waagent +++ b/waagent @@ -3353,7 +3353,7 @@ class OvfEnv(object): # Disable RFC 4252 and RFC 4256 authentication schemes. ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not (a.startswith("PasswordAuthentication") or a.startswith("ChallengeResponseAuthentication")), - GetFileContents(filepath).split('\n'))) + "PasswordAuthentication no\nChallengeResponseAuthentication no\n") + GetFileContents(filepath).split('\n'))) + "\nPasswordAuthentication no\nChallengeResponseAuthentication no\n") Log("Disabled SSH password-based authentication methods.") if self.AdminPassword != None: MyDistro.changePass('root',self.AdminPassword) -- cgit v1.2.3