From ef8ec8c336eb174f788d3d993db3772df95e5607 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Wed, 26 Feb 2025 14:52:29 +0100 Subject: [PATCH 1/2] overlay wa-linux-agent: apply patch to fix ssh public key override issue Apply patch to fix an issue when overriding ssh public key from ignition configuration. Since the fix is not available in releases of wa-linux-agent, we should apply a separate patch. See also https://github.com/Azure/WALinuxAgent/pull/3309. --- ...0002-prevent-ssh-public-key-override.patch | 26 +++++++++++++++++++ ...build => wa-linux-agent-2.9.1.1-r3.ebuild} | 1 + 2 files changed, 27 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/0002-prevent-ssh-public-key-override.patch rename sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/{wa-linux-agent-2.9.1.1-r2.ebuild => wa-linux-agent-2.9.1.1-r3.ebuild} (92%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/0002-prevent-ssh-public-key-override.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/0002-prevent-ssh-public-key-override.patch new file mode 100644 index 0000000000..d53936e351 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/0002-prevent-ssh-public-key-override.patch @@ -0,0 +1,26 @@ +From 0c8db73c3567039e50ffa7447bb093ca812dedf6 Mon Sep 17 00:00:00 2001 +Message-Id: <0c8db73c3567039e50ffa7447bb093ca812dedf6.1740577844.git.dpark@linux.microsoft.com> +From: Peyton Robertson <93797227+peytonr18@users.noreply.github.com> +Date: Tue, 28 Jan 2025 14:17:43 -0800 +Subject: [PATCH] Applying patch to prevent ssh public key override (#3309) + +--- + azurelinuxagent/common/osutil/default.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/azurelinuxagent/common/osutil/default.py b/azurelinuxagent/common/osutil/default.py +index 584515dc..746c4363 100644 +--- a/azurelinuxagent/common/osutil/default.py ++++ b/azurelinuxagent/common/osutil/default.py +@@ -346,7 +346,7 @@ GEN2_DEVICE_ID = 'f8b3781a-1e82-4818-a1c3-63d806ec15bb' + raise OSUtilError("Bad public key: {0}".format(value)) + if not value.endswith("\n"): + value += "\n" +- fileutil.write_file(path, value) ++ fileutil.write_file(path, value, append=True) + elif thumbprint is not None: + lib_dir = conf.get_lib_dir() + crt_path = os.path.join(lib_dir, thumbprint + '.crt') +-- +2.39.5 + diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r3.ebuild similarity index 92% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r3.ebuild index ee70a04763..6e932e1563 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.9.1.1-r3.ebuild @@ -30,4 +30,5 @@ S="${WORKDIR}/WALinuxAgent-${PV}" PATCHES=( "${FILESDIR}/0001-flatcar-changes.patch" + "${FILESDIR}/0002-prevent-ssh-public-key-override.patch" ) From 0da584636cee32221b04fbe42749752a5b0e16e1 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Fri, 28 Feb 2025 09:20:16 +0100 Subject: [PATCH 2/2] changelog: add changelog for bugfix in wa-linux-agent with ignition --- changelog/bugfixes/2025-02-28-walinuxagent-ignition.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/bugfixes/2025-02-28-walinuxagent-ignition.md diff --git a/changelog/bugfixes/2025-02-28-walinuxagent-ignition.md b/changelog/bugfixes/2025-02-28-walinuxagent-ignition.md new file mode 100644 index 0000000000..c80e653cec --- /dev/null +++ b/changelog/bugfixes/2025-02-28-walinuxagent-ignition.md @@ -0,0 +1 @@ +- Fix issue of wa-linux-agent overriding ssh public key from ignition configuration during provisioning ([flatcar/Flatcar#1661](https://github.com/flatcar/Flatcar/issues/1661))