~fginther/cloud-init:feature/ssh_disable_users

Last commit made on 2018-08-02
Get this branch:
git clone -b feature/ssh_disable_users https://git.launchpad.net/~fginther/cloud-init
Only Francis Ginther can upload to this branch. If you are Francis Ginther please log in for upload directions.

Branch merges

Branch information

Name:
feature/ssh_disable_users
Repository:
lp:~fginther/cloud-init

Recent commits

59c8b6a... by Francis Ginther

Update documentation to include ssh_disable_users

Also updates references to disable_root_opts to cover replacement of the
$ROOT string.

0e56386... by Francis Ginther

Create users if they don't exist and update redirect message

For each user in the ssh_disable_users list, create the user account.
If a username is in both the users list and the ssh_disable_list, it
will be dropped from the ssh_disable_list. This allows adding a user to
an instance that is disabled by default in the image or vendor data.

Also update DISABLE_ROOT_OPTS to replace the 'root' user in the
redirect message with the actual username which attempted the login.

80df01d... by Francis Ginther

Add extraction of `ssh_disable_users` from the config

Also adds tests for multiple `ssh_disable_users` entries.

fec0f16... by Francis Ginther

Pass disable_root as a list of users containing "root"

The "apply_credentials" method writes a special ssh redirect message
to the root user if it is disable for ssh. This method now accepts a
list of users, applying the redirect to all in that list. The "root"
user is appended to this list if "disable_root" is set.

14cebeb... by Francis Ginther

Add unit tests for config/cc_ssh.py

These tests focus on the apply_credentials method and the ssh setup for
root and a distro default user.

3cee0bf... by Chad Smith

oracle: fix detect_openstack to report True on OracleCloud.com DMI data

The OpenStack datasource in 18.3 changed to detect data in the
init-local stage instead of init-network and attempted to redetect
OpenStackLocal datasource on Oracle across reboots. The function
detect_openstack was added to quickly detect whether a platform is
OpenStack based on dmi product_name or chassis_asset_tag and it was
a bit too strict for Oracle in checking for 'OpenStack Nova'/'Compute'
DMI product_name.

Oracle's DMI product_name reports 'SAtandard PC (i440FX + PIIX, 1996)'
and DMI chassis_asset_tag is 'OracleCloud.com'.

detect_openstack function now adds 'OracleCloud.com' as a supported value
'OracleCloud.com' to valid chassis-asset-tags for the OpenStack
datasource.

LP: #1784685

361ae34... by Scott Moser

tests: improve LXDInstance trying to workaround or catch bug.

Described in bug 1783198 we have seen some transient failures when
using pylxd -> lxd api.
This does:
 * adds a str() representation of LXDInstance
 * checks the value of the pylxd_container object on instantion
 * sets pylxd_container object to None on deletion.
 * adds retry logic to shutdown()

3146c96... by Mike Gerdts

update_metadata re-config on every boot comments and tests not quite right

The comment in update_metadata() that explains how a datasource should
enable network reconfig on every boot presumes that
EventType.BOOT_NEW_INSTANCE is a subset of EventType.BOOT. That's not
the case, and as such a datasource that needs to configure networking
when it is a new instance and every boot needs to include both event
types.

To make the situation above easier to debug, update_metadata() now
logs when it returns false.

To make it so that datasources do not need to test before appending to
the update_events['network'], it is changed from a list to a set.

test_update_metadata_only_acts_on_supported_update_events is updated
to allow datasources to support EventType.BOOT.

Author: Mike Gerdts <email address hidden>

6a9e576... by Scott Moser

tests: Collect build_info from system if available.

This adds a script to always get the /etc/cloud/build.info file
if it exists, and a hook when preparing the image to log the information
if it is available.

INFO - setting up ubuntu-cosmic (build_name=server serial=20180718)

This is just useful for debug and reproduce.

2a9d620... by Scott Moser

pylint: Fix pylint warnings reported in pylint 2.0.0.

Pylint 2.0.0 was recently released and complains more about
logging-not-lazy than it used to. I've fixed those warnings, here.

The changes in rh_subscription are more extensive. pylint may be
complaining incorrectly there, but the tests were not correctly un-doing
all of their mock/patching. This cleans those up and makes pylint happy.