particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Extend information gathered by image-info tool

Browse source 
This is a preparation for defining EC2 images for RHEL-8.5.0. These
extensions to image-info tool represent modifications done to the
official EC2 images currently produced as RHEL release. It is important
to be able to analyse these aspects of images, before we define them in
osbuild-composer, to ensure that the resulting images will be consistent
with the current state.

- Read non-empty lines from /etc/hosts file and add them to the report.
- Read content of /etc/machine-id and add it to the report.
- Read uncommented key/values from /etc/systemd/logind.conf and add them
  to the report.
- Read all ifcfg-* files from /etc/sysconfig/network-scripts/ and add
  their values to the report.
- Read content of /etc/locale.conf and add it to the report.
- Read SELinux configuration from /etc/selinux/config and add it to the
  report.
- Inspect the filesystem tree for SELinux context mismatches and add
  them to the report.
- Read configuration files from /etc/modprobe.d/ and for now report only
  all blacklisted kernel modules.
- Read RHSM configuration from /etc/rhsm/rhsm.conf and add it to the
  report.
- Read cloud-init configuration from /etc/cloud/cloud.conf and add it to
  the report.
- Read all *.conf files from /etc/dracut.conf.d/ and add their content to
  the report.
- Read VC and X11 keyboard configuration and add it to the report.
- Read specific configuration directives from Chrony configuration and
  add them to the report. Specifically 'server', 'pool', 'peer' and
  'leapsectz'.
- Read drop-in configurations for *.service unit files from
  /etc/systemd/system/ and add them to the report.
- Read all configuration files from /etc/tmpfiles.d/ and add them to the
  report.
- Read all configuration files from /etc/sysctl.d/ and add them to the
  report.
- Read the Tuned active profile and profile mode and add them to the
  report.
- Read all configuration files from /etc/security/limits.d and add them
  to the report.
- Read sudoers configuration from /etc/sudoers and files in
  /etc/sudoers.d/ and add uncommented lines to the report. No
  sophisticated parsing is done, because the configuration format
  grammar is too complicated for the purpose of image-info.
- Read udev rules configuration files from /etc/udev/rules.d/ and add
  them to the report.
- Read DNF configuration and defined vars and add them to the report.
- Read profile ID and enabled features used by authselect.
- Enable SELinux, extended attributes and POSIX ACLs support when
  unpacking 'tar' image type to prevent potential mismatches

Regenerate all image test cases to reflect changes in the image-info
output. Modify the distro-arch-imagetype-map.json to cover all
combinations currently covered by existing image test cases.

Add doc strings to all read_* functions.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
This commit is contained in:
Tomas Hozza 2021-05-13 13:07:42 +02:00 committed by Ondřej Budai
parent 2cabaa5477
commit a2d4ba715f
71 changed files with 156472 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

170
test/data/manifests/rhel_8-aarch64-qcow2-boot.json
View file

@ -9508,6 +9508,88 @@
]
},
"image-info": {
"/etc/cloud/cloud.conf": {
"cloud_config_modules": [
"mounts",
"locale",
"set-passwords",
"rh_subscription",
"yum-add-repo",
"package-update-upgrade-install",
"timezone",
"puppet",
"chef",
"salt-minion",
"mcollective",
"disable-ec2-metadata",
"runcmd"
],
"cloud_final_modules": [
"rightscale_userdata",
"scripts-per-once",
"scripts-per-boot",
"scripts-per-instance",
"scripts-user",
"ssh-authkey-fingerprints",
"keys-to-console",
"phone-home",
"final-message",
"power-state-change"
],
"cloud_init_modules": [
"disk_setup",
"migrator",
"bootcmd",
"write-files",
"growpart",
"resizefs",
"set_hostname",
"update_hostname",
"update_etc_hosts",
"rsyslog",
"users-groups",
"ssh"
],
"disable_root": 1,
"disable_vmware_customization": false,
"mount_default_fields": [
null,
null,
"auto",
"defaults,nofail,x-systemd.requires=cloud-init.service",
"0",
"2"
],
"resize_rootfs_tmp": "/dev",
"ssh_deletekeys": 1,
"ssh_genkeytypes": null,
"ssh_pwauth": 0,
"syslog_fix_perms": null,
"system_info": {
"default_user": {
"gecos": "Cloud User",
"groups": [
"adm",
"systemd-journal"
],
"lock_passwd": true,
"name": "cloud-user",
"shell": "/bin/bash",
"sudo": [
"ALL=(ALL) NOPASSWD:ALL"
]
},
"distro": "rhel",
"paths": {
"cloud_dir": "/var/lib/cloud",
"templates_dir": "/etc/cloud/templates"
},
"ssh_svcname": "sshd"
},
"users": [
"default"
]
},
"boot-environment": {
"kernelopts": "root=UUID=0bd700f8-090f-4556-b797-b340297ea1bd console=ttyS0 console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
},
@ -9525,6 +9607,14 @@
"version": "4.18.0-240.el8.aarch64"
}
],
"chrony": {
"leapsectz": [
"right/UTC"
],
"pool": [
"2.rhel.pool.ntp.org iburst"
]
},
"default-target": "graphical.target",
"fstab": [
[
@ -9594,10 +9684,18 @@
"video:x:39:",
"wheel:x:10:"
],
"hosts": [
"127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4",
"::1 localhost localhost.localdomain localhost6 localhost6.localdomain6"
],
"image-format": {
"type": "qcow2",
"compat": "1.1"
"compat": "1.1",
"type": "qcow2"
},
"locale": {
"LANG": "en_US"
},
"machine-id": "",
"os-release": {
"ANSI_COLOR": "0;31",
"BUG_REPORT_URL": "https://bugzilla.redhat.com/",
@ -10076,7 +10174,7 @@
"bootable": false,
"fstype": "vfat",
"label": "EFI\\ System",
"partuuid": "848A0E81-8E27-3441-85F7-7E5FAF20422D",
"partuuid": "DFE3F6BA-B0BD-9A4B-80AD-A2E34C100427",
"size": 498073600,
"start": 1048576,
"type": "C12A7328-F81F-11D2-BA4B-00A0C93EC93B",
@ -10086,7 +10184,7 @@
"bootable": false,
"fstype": "xfs",
"label": null,
"partuuid": "81D03690-D42A-304B-B182-C6A325DDE031",
"partuuid": "87A2D6D1-31BB-6040-9CBA-A3278386C808",
"size": 3794779648,
"start": 500170752,
"type": "0FC63DAF-8483-4772-8E79-3D69D8477DE4",
@ -10133,6 +10231,47 @@
"subscription-manager": {
"enabled": false
}
},
"rhsm.conf": {
"logging": {
"default_log_level": "INFO"
},
"rhsm": {
"auto_enable_yum_plugins": "1",
"baseurl": "https://cdn.redhat.com",
"ca_cert_dir": "/etc/rhsm/ca/",
"consumercertdir": "/etc/pki/consumer",
"entitlementcertdir": "/etc/pki/entitlement",
"full_refresh_on_yum": "0",
"inotify": "1",
"manage_repos": "1",
"package_profile_on_trans": "0",
"pluginconfdir": "/etc/rhsm/pluginconf.d",
"plugindir": "/usr/share/rhsm-plugins",
"productcertdir": "/etc/pki/product",
"repo_ca_cert": "/etc/rhsm/ca/redhat-uep.pem",
"repomd_gpg_url": "",
"report_package_profile": "1"
},
"rhsmcertd": {
"autoattachinterval": "1440",
"certcheckinterval": "240",
"disable": "0",
"splay": "1"
},
"server": {
"hostname": "subscription.rhsm.redhat.com",
"insecure": "0",
"no_proxy": "",
"port": "443",
"prefix": "/subscription",
"proxy_hostname": "",
"proxy_password": "",
"proxy_port": "",
"proxy_scheme": "http",
"proxy_user": "",
"ssl_verify_depth": "3"
}
}
},
"rpm-verify": {
@ -10150,6 +10289,12 @@
},
"missing": []
},
"selinux": {
"policy": {
"SELINUX": "enforcing",
"SELINUXTYPE": "targeted"
}
},
"services-disabled": [
"arp-ethers.service",
"chrony-dnssrv@.timer",
@ -10230,6 +10375,23 @@
"tuned.service",
"unbound-anchor.timer"
],
"sudoers": {
"/etc/sudoers": [
"Defaults !visiblepw",
"Defaults always_set_home",
"Defaults match_group_by_gid",
"Defaults always_query_group_plugin",
"Defaults env_reset",
"Defaults env_keep = \"COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS\"",
"Defaults env_keep += \"MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE\"",
"Defaults env_keep += \"LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES\"",
"Defaults env_keep += \"LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE\"",
"Defaults env_keep += \"LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY\"",
"Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin",
"root\tALL=(ALL) \tALL",
"%wheel\tALL=(ALL)\tALL"
]
},
"timezone": "UTC"
}
}