openSUSE Recommended Update: Recommended update for cloud-init, dhcp ______________________________________________________________________________ Announcement ID: openSUSE-RU-2019:1681-1 Rating: moderate References: #1087331 #1095627 #1097388 #1099340 #1101894 #1111427 #1114160 #1116767 #1119397 #1121878 #1123694 #1125950 #1125992 #1126101 #1132692 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that has 15 recommended fixes can now be installed. Description: This update for cloud-init, dhcp provides the following fixes: Changes to cloud-init: - When the user configures a new rules file for network devices, the rules may not apply immediately, so trigger udevadm. (bsc#1125950) - Fix the order of calls when writing routes so that the SUSE implementation of route config file writing has precedence over the default implementation. (bsc#1125992) - Use the proper name to designate IPv6 addresses in ifcfg-* files. (bsc#1126101) - Drop a '-' in the route file for the last column. (bsc#1123694) - Make sure the resulting resolv.conf file is not empty. (bsc#1119397) - Update to version 18.5 (bsc#1121878, bsc#1116767): * Add cloud-id binary to packages for SUSE. * azure: Accept variation in error msg from mount for ntfs volumes. * azure: Add apply_network_config option to disable network from IMDS. * azure: Add udev rules to create cloud-init Gen2 disk name symlinks. * azure: Detect vnet migration via netlink media change event. * azure: Fix a copy and paste error in error handling when reading azure ovf. * azure: Fix a regression introduced when persisting ephemeral dhcp lease. * azure: _poll_imds only retry on 404, failing on timeout. * azure: Remove /etc/netplan/90-hotplug-azure.yaml when net from IMDS. * azure: Report ready to fabric after reprovision and reduce logging. * azure: Retry imds polling on requests.Timeout. * config: On ubuntu select cloud archive mirrors for armel, armhf, arm64. * dhclient-hook: Clean it up, add tests and fix a bug on 'down' event. * doc: Change dns_nameserver property to dns_nameservers. * docs: Remove colon from network v1 config example. * instance-data: Add standard keys platform and subplatform. Refactor ec2. * instance-data: Fallback to instance-data.json if sensitive is absent. * logs: collect-logs ignore instance-data-sensitive.json on non-root user * net: Ephemeral*Network: Add connectivity check via URL. * net: Ignore nics that have "zero" mac address. * net: Render 'metric' values in per-subnet routes. * NoCloud: Allow top level 'network' key in network-config. * ovf: Fix ovf network config generation gateway/routes. * ovf: Identify label iso9660 filesystems with label 'OVF ENV'. * query: Better error when missing read permission on instance-data. * resizefs: Prefix discovered devpath with '/dev/' when path does not exist. * systemd: On SUSE ensure cloud-init.service runs before wicked. * tools: Add cloud-id command line utility. * Update detection of openSUSE variants. * write_files: Add support for appending to files. - Fix a decoding error that could cause persisting the metadata to fail. (bsc#1101894) - Fix a problem that could cause static network to be configured with BOOTPROTO=none. (bsc#1114160) - Changes from 18.4 (bsc#1087331, bsc#1097388, bsc#1111427, bsc#1095627): * Avoid Python 3 dependency when building for distros with Python 2 support. * Add dhcp-client as requirement as cloud-init uses dhclient to setup a temporary network for metadata retrieval. (fate#327672) * Use ds._crawled_metadata instance attribute if set when writing instance-data.json. * ec2: Update crawled metadata and add standardized keys. * lxd: Adjust to snap installed lxd. * Add support for Infiniband network interfaces (IPoIB). * cli: Add cloud-init query subcommand to query instance metadata. * stages: Fix bug causing datasource to have incorrect sys_cfg. * net_util: Ensure static configurations have netmask in translate_network result. * Fall back to root:root on syslog permissions if other options fail. * OpenStack: Support setting mac address on bond. * EphemeralIPv4Network: Be more explicit when adding default route. * OpenStack: Support reading of newer versions of metadata. * OpenStack: Fix a bug that was causing causing 'latest' version to be used from network. * user-data: Use jinja template to render instance-data.json in cloud-config. * config: Disable ssh access to a configured user account. * sysconfig: Refactor sysconfig to accept distro specific templates paths. * hyperv_reporting_handler: Simplify threaded publisher. * VMWare: Fix a network config bug in vm with static IPv4 and no gateway. * logging: Add logging config type hyperv for reporting via Azure KVP * Add datasource Oracle Compute Infrastructure (OCI). * azure: Allow azure to generate network configuration from IMDS per boot. * Scaleway: Add network configuration to the DataSource. * netplan: Correctly render macaddress on a bonds and bridges when provided. * tools: Add 'net-convert' subcommand command to 'cloud-init devel'. * Use typeset or local in profile.d scripts. * OpenNebula: Fix null gateway6. * tools: add '--debug' to tools/net-convert.py * update_metadata: A datasource can support network re-config every boot. * Retry on failed import of gpg receive keys. * tools: Fix run-container when neither source or binary package requested. - Changes from 18.3: * Explicitly prevent `sudo` access for user module. * lxd: Delete default network and detach device if lxd-init created them. * openstack: Avoid unneeded metadata probe on non-openstack platforms. * stages: Fix tracebacks if a module stage is undefined or empty. * Be safer on string/bytes when writing multipart user-data to disk. * Fix get_proc_env for pids that have non-utf8 content in environment. * netplan: Fix mtu if provided by network config for all rendered types. * subp: Support combine_capture argument. * util: Add get_linux_distro function to replace platform.dist * Do not use the systemd_prefix macro, not available in this environment. * openstack: Allow discovery in init-local using dhclient in a sandbox. * yaml_load/schema: Add invalid line and column nums to error message. * Azure: Ignore NTFS mount errors when checking ephemeral drive. * cc_mounts: Do not add devices to fstab that are already present. * ds-identify: Ensure that we have certain tokens in PATH. * read_file_or_url: Move to url_helper, fix bug in its FileResponse. * ds-identify: Recognize container-other as a container. * ds-identify: Remove duplicate call to is_ds_enabled. * azure: Add reported ready marker file. * netinfo: Fix netdev_pformat when a nic does not have an address assigned. * collect-logs: Add -v flag, write to stderr, limit journal to single boot. * IBMCloud: Disable config-drive and nocloud only if IBMCloud is enabled. * Add reporting events and log_time around early source of blocking time. * IBMCloud: recognize provisioning environment during debug boots. * net: Detect unstable network names and trigger a settle if needed. * sysconfig: dhcp6 subnet type should not imply dhcpv4. * schema: In validation, raise ImportError if strict but no jsonschema. * set_passwords: Add newline to end of sshd config, only restart if updated. * net: Depend on iproute2's ip instead of net-tools ifconfig or route. * renderer: Support unicode in render_from_file. * Implement ntp client spec with auto support for distro selection. * apport: Add Brightbox, IBM, LXD, and OpenTelekomCloud to list of clouds. * tests: Fix ec2 integration network metadata validation. * cc_resizefs, util: Handle no /dev/zfs. - The distribution indicator is set to SUSE during template expansion. Do not replace anything set to Ubuntu. - Do not run cloud-init after network-online, this breaks functionality in cloud-init. Certain parts of the code running in this phase expect to run before the network is on-line. - Root should not be enabled by default. Image builders/users that want root access by default should provide an appropriate configuration file during image build or image setup. - Set distribution default to OpenSUSE/SLES. (bsc#1099340) - Run metadata detection after network-online. (bsc#1097388) - Properly accumulate all the defined routes for a given network device. Previously only the last defined route was written to the routes file. (bsc#1132692) - Write the udev rules to a different file than the default. (bsc#1125950) - Settle udev if not all configured devices are in the device tree to avoid race a condition between udev and cloud-init. (bsc#1125950) Changes in dhcp: - No changes, just being released together to be included in CaaS Platform. This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1681=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): dhcp-4.3.3-11.9.1 dhcp-client-4.3.3-11.9.1 dhcp-client-debuginfo-4.3.3-11.9.1 dhcp-debuginfo-4.3.3-11.9.1 dhcp-debugsource-4.3.3-11.9.1 dhcp-devel-4.3.3-11.9.1 dhcp-doc-4.3.3-11.9.1 dhcp-relay-4.3.3-11.9.1 dhcp-relay-debuginfo-4.3.3-11.9.1 dhcp-server-4.3.3-11.9.1 dhcp-server-debuginfo-4.3.3-11.9.1 - openSUSE Leap 42.3 (x86_64): cloud-init-18.5-40.1 cloud-init-config-suse-18.5-40.1 cloud-init-doc-18.5-40.1 References: https://bugzilla.suse.com/1087331 https://bugzilla.suse.com/1095627 https://bugzilla.suse.com/1097388 https://bugzilla.suse.com/1099340 https://bugzilla.suse.com/1101894 https://bugzilla.suse.com/1111427 https://bugzilla.suse.com/1114160 https://bugzilla.suse.com/1116767 https://bugzilla.suse.com/1119397 https://bugzilla.suse.com/1121878 https://bugzilla.suse.com/1123694 https://bugzilla.suse.com/1125950 https://bugzilla.suse.com/1125992 https://bugzilla.suse.com/1126101 https://bugzilla.suse.com/1132692