# Recommended update for google-guest-agent, google-guest-configs, google- osconfig-agent Announcement ID: SUSE-RU-2024:4087-1 Release Date: 2024-11-28T07:39:16Z Rating: moderate References: * bsc#1231775 * bsc#1231776 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for google-guest-agent, google-guest-configs, google-osconfig-agent fixes the following issues: * Update to version 20241011.01 (bsc#1231775, bsc#1231776) * Set enable regardless of previous check failed or not * Avoid unnecessary reloads, check before overwriting configs * network/netplan: Do generate instead of apply * Skip SetupInterfaces if configs are already applied * Repeated logging could be mistaken for a recurring issue, log mds mtls endpoint error only once * Retry MDS PUT operation, reload netplan/networkctl only if configs are changed * Log interface state after setting up network * network: Debian 12 rollback only if default netplan is ok * Change mtls mds defaults, update log message to assure error is harmless * network: Restore Debian 12 netplan configuration * network: Remove primary NIC left over configs * Update VLAN interfaces format to match with MDS * Fix panics in agent when setting up VLAN with netplan * Add VLAN NIC support for NetworkManager * Fix debian12 netplan config issue, use ptr receiver * Introduce a configuration toggle for enabling/disabling cloud logging * Adapt and update config key to be consistent with MDS * Allow users to enable/disable the mds mtls via metadata key * Make primary nic management config consistent across all network managers * Avoid writing configuration files when they already exist on wicked * Fix where agent panics on nil event * Update NIC management strategy * Only release dhclient leases for an interface if the respective dhclient is still running * Disable OS Login without pruning off any extra suffix * Skip root cert rotation if installed once * Add ipv6 support to guest agent * Update google-startup-scripts.service to enable logging * Network subsystem remove os rules * oslogin: Don't remove sshca watcher when oslogin is disabled * Network manager netplan implementation * Log current available routes on error * Fix command monitor bugs * windows account: Ignore "user already belongs to group" error * Add more error logging in snapshot handling requests, use common retry util * All non-200 status code from MDS should raise error * Change metadata key to enable-oslogin-certificates * Update dhclient pid/lease file directory to abide apparmor rules * Add require-oslogin-certificates logic to disable keys * systemd-networkd: Support Debian 12's version * NetworkManager: Only set secondary interfaces as up * address manager: Make sure we check for oldMetadata * network: Early setup network * NetworkManager: Fix ipv6 and ipv4 mode attribute * Network Manager: Make sure we clean up ifcfg files * metadata script runner: Fix script download * oslogin: Avoid adding extra empty line at the end of /etc/security/group.conf * Dynamic vlan * Check for nil response * Create NetworkManager implementation * Skip interface manager on Windows * network: Remove ignore setup * Create wicked network service implementation and its respective unit * Update metadata script runner, add tests * Refactor guest-agent to use common retry util * Flush logs before exiting * Implement retry util * Refactor utils package to not dump everything unrelated into one file * Set version on metadata script runner * Implement cleanup of deprecated configuration directives * Ignore DHCP offered routes only for secondary nics * Deprecate DHClient in favor of systemd-networkd * Generate windows and linux licenses * Remove quintonamore from OWNERS * Delete integration tests * Add configuration toggle to enable/disable use of OS native certificate stores * Avoid writing configuration files when they already exist on wicked and NetworkManager * Get rid of deprecated dependencies in snapshot service generate code * Configure primary nic if only set in cfg file ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4087=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4087=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4087=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-4087=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-4087=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4087=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-4087=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-4087=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * Public Cloud Module 15-SP2 (noarch) * google-guest-configs-20241025.00-150000.1.34.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * Public Cloud Module 15-SP3 (noarch) * google-guest-configs-20241025.00-150000.1.34.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20240926.03-150000.1.38.1 * google-guest-agent-20241011.01-150000.1.51.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231775 * https://bugzilla.suse.com/show_bug.cgi?id=1231776