From 7a99dea94856f5db712cbcbe1c3a8d84bc5bd5ec Mon Sep 17 00:00:00 2001 From: "Anderson, Craig (ca846m)" Date: Wed, 7 Apr 2021 11:58:05 -0700 Subject: [PATCH] Properly handle machine-ids /etc/machind-id needed to be removed from the image for cloud-init to generate it, no simply blank. /var/lib/dbus/machine-id needed to be symlinked to /etc/machine-id, otherwise dbus was storing its ID into the generic image. Some NIC drivers use this for generating unique MAC addresses, so duplicating these IDs could cause duplicate MAC addressing. Also correct spelling of "finalize". Change-Id: Iaabd0730c4e6d2ae47e5ff1c25adc1b6eb65533b --- .../roles/osconfig/tasks/banners.yaml | 4 ++-- .../roles/osconfig/tasks/finalise-rootfs.yaml | 5 ---- .../roles/osconfig/tasks/finalize-rootfs.yaml | 24 +++++++++++++++++++ .../playbooks/roles/osconfig/tasks/main.yaml | 4 ++-- .../roles/osconfig/tasks/systemd.yaml | 4 ---- 5 files changed, 28 insertions(+), 13 deletions(-) delete mode 100644 image-builder/assets/playbooks/roles/osconfig/tasks/finalise-rootfs.yaml create mode 100644 image-builder/assets/playbooks/roles/osconfig/tasks/finalize-rootfs.yaml diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/banners.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/banners.yaml index c7c02da..ab65eac 100644 --- a/image-builder/assets/playbooks/roles/osconfig/tasks/banners.yaml +++ b/image-builder/assets/playbooks/roles/osconfig/tasks/banners.yaml @@ -5,7 +5,7 @@ owner: root group: root mode: '0644' -- name: "Finalise | Reset MOTD" +- name: "Finalize | Reset MOTD" file: state: "{{ item }}" path: "/etc/update-motd.d/" @@ -15,7 +15,7 @@ loop: - absent - directory -- name: "Finalise | Remove MOTD News config" +- name: "Finalize | Remove MOTD News config" file: state: "absent" path: "/etc/default/motd-news" diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/finalise-rootfs.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/finalise-rootfs.yaml deleted file mode 100644 index 1252379..0000000 --- a/image-builder/assets/playbooks/roles/osconfig/tasks/finalise-rootfs.yaml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "Finalise | Removing .pyc files" - shell: - cmd: | - find "/usr/" "/var/" \( -name "*.pyc" -o -name "__pycache__" \) -delete - apt -y clean diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/finalize-rootfs.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/finalize-rootfs.yaml new file mode 100644 index 0000000..c3aa6fc --- /dev/null +++ b/image-builder/assets/playbooks/roles/osconfig/tasks/finalize-rootfs.yaml @@ -0,0 +1,24 @@ +- name: "Finalize | Removing .pyc files" + shell: + cmd: | + find "/usr/" "/var/" \( -name "*.pyc" -o -name "__pycache__" \) -delete + apt -y clean + +- name: "Finalize | Ensure no /etc/machine-id is delivered in image" + file: + path: /etc/machine-id + state: absent + +- name: "Finalize | remove /var/lib/dbus/machine-id" + file: + path: /var/lib/dbus/machine-id + state: absent + +- name: "Finalize | symlink /var/lib/dbus/machine-id to /etc/machine-id" + file: + src: /etc/machine-id + dest: /var/lib/dbus/machine-id + owner: root + group: root + state: link + force: yes diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/main.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/main.yaml index 0357f02..2ed6c66 100644 --- a/image-builder/assets/playbooks/roles/osconfig/tasks/main.yaml +++ b/image-builder/assets/playbooks/roles/osconfig/tasks/main.yaml @@ -61,5 +61,5 @@ include_tasks: file-permissions.yaml # Context-independent cleanup tasks -- name: "finalise rootfs" - include_tasks: finalise-rootfs.yaml +- name: "finalize rootfs" + include_tasks: finalize-rootfs.yaml diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/systemd.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/systemd.yaml index 43db5d3..f7f1845 100644 --- a/image-builder/assets/playbooks/roles/osconfig/tasks/systemd.yaml +++ b/image-builder/assets/playbooks/roles/osconfig/tasks/systemd.yaml @@ -1,7 +1,3 @@ -- name: "Systemd | Remove machine id" - copy: - content: "" - dest: "/etc/machine-id" - name: "Systemd | Link systemd to /sbin/init" file: src: /bin/systemd