Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package google-guest-agent for openSUSE:Factory checked in at 2021-04-01 14:17:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/google-guest-agent (Old) and /work/SRC/openSUSE:Factory/.google-guest-agent.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "google-guest-agent" Thu Apr 1 14:17:54 2021 rev:3 rq:882391 version:20210223.01 Changes: -------- --- /work/SRC/openSUSE:Factory/google-guest-agent/google-guest-agent.changes 2021-01-13 18:35:36.198425825 +0100 +++ /work/SRC/openSUSE:Factory/.google-guest-agent.new.2401/google-guest-agent.changes 2021-04-01 14:19:17.772154661 +0200 @@ -1,0 +2,11 @@ +Wed Mar 31 12:53:34 UTC 2021 - John Paul Adrian Glaubitz <[email protected]> + +- Update to version 20210223.01 (bsc#1183414, bsc#1183415) + * add a match block to sshd_config for SAs (#99) + * add ipv6 forwarded ip support (#101) + * call restorecon on ssh host keys (#98) + * Include startup and shutdown in preset (#96) + * set metadata URL earlier (#94) +- Fix activation logic of systemd services (bsc#1182793) + +------------------------------------------------------------------- Old: ---- guest-agent-20201211.00.tar.gz New: ---- guest-agent-20210223.01.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ google-guest-agent.spec ++++++ --- /var/tmp/diff_new_pack.4SuA6T/_old 2021-04-01 14:19:18.772155996 +0200 +++ /var/tmp/diff_new_pack.4SuA6T/_new 2021-04-01 14:19:18.776156001 +0200 @@ -24,7 +24,7 @@ %global import_path %{provider_prefix} Name: google-guest-agent -Version: 20201211.00 +Version: 20210223.01 Release: 0 Summary: Google Cloud Guest Agent License: Apache-2.0 @@ -91,24 +91,32 @@ %service_del_preun google-guest-agent.service google-shutdown-scripts.service google-startup-scripts.service %post - %service_add_post google-guest-agent.service google-shutdown-scripts.service google-startup-scripts.service - # Handle enabling of services during an upgrade from the old google-compute-engine-init package - if [ "$1" == "1" ] && ! [ -e /.buildenv ] || systemctl is-enabled -q google-accounts-daemon.service 2>/dev/null ; then - systemctl enable google-guest-agent.service + if [ "$1" == "1" ] && ! [ -e /.buildenv ] && systemctl is-enabled -q google-accounts-daemon.service 2>/dev/null ; then + mktemp --suffix ".google-accounts-daemon-enabled" if systemctl is-active --quiet google-accounts-daemon.service ; then - systemctl stop google-accounts-daemon.service - systemctl start google-guest-agent.service + mktemp --suffix ".google-accounts-daemon-active" fi fi - if [ "$1" == "1" ] && ! [ -e /.buildenv ] || systemctl is-enabled -q google-startup-scripts 2>/dev/null ; then + if [ "$1" == "1" ] && ! [ -e /.buildenv ] && systemctl is-enabled -q google-startup-scripts.service 2>/dev/null ; then mktemp --suffix ".google-startup-scripts" fi - if [ "$1" == "1" ] && ! [ -e /.buildenv ] || systemctl is-enabled -q google-shutdown-scripts 2>/dev/null ; then + if [ "$1" == "1" ] && ! [ -e /.buildenv ] && systemctl is-enabled -q google-shutdown-scripts.service 2>/dev/null ; then mktemp --suffix ".google-shutdown-scripts" fi + %service_add_post google-guest-agent.service google-shutdown-scripts.service google-startup-scripts.service + %posttrans + if ! [ -e /.buildenv ] && [ -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-accounts-daemon-enabled ] ; then + systemctl enable google-guest-agent.service + rm -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-accounts-daemon-enabled + if [ -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-accounts-daemon-enabled ] ; then + systemctl stop google-accounts-daemon.service + systemctl start google-guest-agent.service + rm -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-accounts-daemon-active + fi + fi if ! [ -e /.buildenv ] && [ -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-startup-scripts ] ; then rm -f /tmp/tmp\.[A-Z,a-z,0-9]*\.google-startup-scripts systemctl enable google-startup-scripts.service ++++++ _service ++++++ --- /var/tmp/diff_new_pack.4SuA6T/_old 2021-04-01 14:19:18.812156049 +0200 +++ /var/tmp/diff_new_pack.4SuA6T/_new 2021-04-01 14:19:18.812156049 +0200 @@ -3,8 +3,8 @@ <param name="url">https://github.com/GoogleCloudPlatform/guest-agent/</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">20201211.00</param> - <param name="revision">20201211.00</param> + <param name="versionformat">20210223.01</param> + <param name="revision">20210223.01</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> @@ -15,6 +15,6 @@ <param name="basename">guest-agent</param> </service> <service name="go_modules" mode="disabled"> - <param name="archive">guest-agent-20201211.00.tar.gz</param> + <param name="archive">guest-agent-20210223.01.tar.gz</param> </service> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.4SuA6T/_old 2021-04-01 14:19:18.832156076 +0200 +++ /var/tmp/diff_new_pack.4SuA6T/_new 2021-04-01 14:19:18.832156076 +0200 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/GoogleCloudPlatform/guest-agent/</param> - <param name="changesrevision">399ec8f758f25fb44270b6f674df00c091beea11</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">daa3b0c9a622fb60e46a1d1c59aba3e66767daee</param></service></servicedata> \ No newline at end of file ++++++ guest-agent-20201211.00.tar.gz -> guest-agent-20210223.01.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/90-google-guest-agent.preset new/guest-agent-20210223.01/90-google-guest-agent.preset --- old/guest-agent-20201211.00/90-google-guest-agent.preset 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/90-google-guest-agent.preset 2021-02-23 23:46:14.000000000 +0100 @@ -1 +1,3 @@ enable google-guest-agent.service +enable google-shutdown-scripts.service +enable google-startup-scripts.service diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/addresses.go new/guest-agent-20210223.01/google_guest_agent/addresses.go --- old/guest-agent-20201211.00/google_guest_agent/addresses.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/addresses.go 2021-02-23 23:46:14.000000000 +0100 @@ -308,6 +308,7 @@ continue } wantIPs := ni.ForwardedIps + wantIPs = append(wantIPs, ni.ForwardedIpv6s...) if config.Section("IpForwarding").Key("target_instance_ips").MustBool(true) { wantIPs = append(wantIPs, ni.TargetInstanceIps...) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/instance_setup.go new/guest-agent-20210223.01/google_guest_agent/instance_setup.go --- old/guest-agent-20201211.00/google_guest_agent/instance_setup.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/instance_setup.go 2021-02-23 23:46:14.000000000 +0100 @@ -47,7 +47,6 @@ // - Run `google_optimize_local_ssd` script. // - Run `google_set_multiqueue` script. // TODO incorporate these scripts into the agent. liamh@12-11-19 - setMetadataURL() if runtime.GOOS == "windows" { msg := "Could not set default route to metadata" @@ -264,6 +263,7 @@ logger.Warningf("Generated key is malformed, not uploading") } } + runCmd(exec.Command("restorecon", "-FR", hostKeyDir)) return nil } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/main.go new/guest-agent-20210223.01/google_guest_agent/main.go --- old/guest-agent-20201211.00/google_guest_agent/main.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/main.go 2021-02-23 23:46:14.000000000 +0100 @@ -130,6 +130,8 @@ opts.Writers = []io.Writer{&serialPort{"COM1"}} } + setMetadataURL() + var err error newMetadata, err = getMetadata(ctx, false) if err == nil { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/metadata.go new/guest-agent-20210223.01/google_guest_agent/metadata.go --- old/guest-agent-20201211.00/google_guest_agent/metadata.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/metadata.go 2021-02-23 23:46:14.000000000 +0100 @@ -102,6 +102,7 @@ type networkInterfaces struct { ForwardedIps []string + ForwardedIpv6s []string TargetInstanceIps []string IPAliases []string Mac string diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/oslogin.go new/guest-agent-20210223.01/google_guest_agent/oslogin.go --- old/guest-agent-20201211.00/google_guest_agent/oslogin.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/oslogin.go 2021-02-23 23:46:14.000000000 +0100 @@ -171,6 +171,8 @@ authorizedKeysUser = "AuthorizedKeysCommandRunAs root" twoFactorAuthMethods = "RequiredAuthentications2 publickey,keyboard-interactive" } + matchblock1 := `Match User sa_*` + matchblock2 := ` AuthenticationMethods publickey` filtered := filterGoogleLines(string(sshConfig)) @@ -181,6 +183,9 @@ } osLoginBlock = append(osLoginBlock, googleBlockEnd) filtered = append(osLoginBlock, filtered...) + if twofactor { + filtered = append(filtered, googleBlockStart, matchblock1, matchblock2, googleBlockEnd) + } } return strings.Join(filtered, "\n") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20201211.00/google_guest_agent/oslogin_test.go new/guest-agent-20210223.01/google_guest_agent/oslogin_test.go --- old/guest-agent-20201211.00/google_guest_agent/oslogin_test.go 2020-12-11 18:41:10.000000000 +0100 +++ new/guest-agent-20210223.01/google_guest_agent/oslogin_test.go 2021-02-23 23:46:14.000000000 +0100 @@ -184,6 +184,8 @@ authorizedKeysCommand := "AuthorizedKeysCommand /usr/bin/google_authorized_keys" authorizedKeysUser := "AuthorizedKeysCommandUser root" twoFactorAuthMethods := "AuthenticationMethods publickey,keyboard-interactive" + matchblock1 := `Match User sa_*` + matchblock2 := ` AuthenticationMethods publickey` var tests = []struct { contents, want []string @@ -205,6 +207,10 @@ challengeResponseEnable, googleBlockEnd, "line1", + googleBlockStart, + matchblock1, + matchblock2, + googleBlockEnd, }, enable: true, twofactor: true, @@ -226,6 +232,10 @@ googleBlockEnd, "line1", "line3", + googleBlockStart, + matchblock1, + matchblock2, + googleBlockEnd, }, enable: true, twofactor: true, ++++++ vendor.tar.gz ++++++
