From a7a3d1271163e9b09463d1a52d442803fcf92ce0 Mon Sep 17 00:00:00 2001 From: Pavel Moravec Date: Thu, 27 Jul 2023 12:23:48 +0200 Subject: [PATCH] sos updates to 8.9 Resolves: bz2226724 Signed-off-by: Pavel Moravec --- .gitignore | 1 + sos-bz2207562-clean-obfuscate-mac.patch | 57 ------------ sos-bz2218279-clean-respect-permissions.patch | 93 ------------------- sos-bz2226682-ovn-ic-db-files.patch | 42 +++++++++ sos.spec | 12 ++- sources | 2 +- 6 files changed, 51 insertions(+), 156 deletions(-) delete mode 100644 sos-bz2207562-clean-obfuscate-mac.patch delete mode 100644 sos-bz2218279-clean-respect-permissions.patch create mode 100644 sos-bz2226682-ovn-ic-db-files.patch diff --git a/.gitignore b/.gitignore index fa33d91..c18b554 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ /sos-4.5.1.tar.gz /sos-4.5.3.tar.gz /sos-4.5.4.tar.gz +/sos-4.5.6.tar.gz diff --git a/sos-bz2207562-clean-obfuscate-mac.patch b/sos-bz2207562-clean-obfuscate-mac.patch deleted file mode 100644 index 51a866d..0000000 --- a/sos-bz2207562-clean-obfuscate-mac.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 59c2660584734af92eca2eae31af3fbf5557f853 Mon Sep 17 00:00:00 2001 -From: Jan Jansky -Date: Mon, 10 Jul 2023 13:10:22 +0200 -Subject: [PATCH] [clean] Properly obfuscate MAC addresses - -Some of mac addresses was not properly obfuscated because -some collected data contains mac addresses in format -01: and parser was not ready for that. - -Also added mapper which will obfuscate mac address in case -it is in format with _ instead of : as for example - -00_50_56_87_5d_01 - -instead of - -00:50:56:87:5d:01 - -Format with _ is used for example by vmware plugin. - -Resolves: #3302 - -Signed-off-by: Jan Jansky ---- - sos/cleaner/mappings/mac_map.py | 2 +- - sos/cleaner/parsers/mac_parser.py | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/sos/cleaner/mappings/mac_map.py b/sos/cleaner/mappings/mac_map.py -index 334a6681..4ccba25a 100644 ---- a/sos/cleaner/mappings/mac_map.py -+++ b/sos/cleaner/mappings/mac_map.py -@@ -75,5 +75,5 @@ class SoSMacMap(SoSMap): - if re.match('(([0-9a-fA-F]{4}:){3}([0-9a-fA-F]){4})', item): - return self.mac6_quad_template % hextets - # match 48-bit IPv4 MAC addresses -- if re.match('([0-9a-fA-F]:?){12}', item): -+ if re.match('([0-9a-fA-F][:_]?){12}', item): - return self.mac_template % hextets -diff --git a/sos/cleaner/parsers/mac_parser.py b/sos/cleaner/parsers/mac_parser.py -index 88b0ac2e..4e790018 100644 ---- a/sos/cleaner/parsers/mac_parser.py -+++ b/sos/cleaner/parsers/mac_parser.py -@@ -25,8 +25,8 @@ IPV6_REG_4HEX = ( - ) - # aa:bb:cc:dd:ee:ff avoiding ipv6 substring matches - IPV4_REG = ( -- r'((? -Date: Wed, 28 Jun 2023 11:49:56 +0200 -Subject: [PATCH 1/2] [clean] Respect permissions of sanitised files - -When copying files we applied a substitution in, we must replace just -original file content (shutil.copyfile) and not also its stat data -(shutil.copy). - -Resolves: #3292 - -Signed-off-by: Pavel Moravec ---- - sos/cleaner/__init__.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py -index feeedf66..fbcaa9c3 100644 ---- a/sos/cleaner/__init__.py -+++ b/sos/cleaner/__init__.py -@@ -778,7 +778,7 @@ third party. - % (short_name, err), caller=arc_name) - tfile.seek(0) - if subs: -- shutil.copy(tfile.name, filename) -+ shutil.copyfile(tfile.name, filename) - tfile.close() - - _ob_short_name = self.obfuscate_string(short_name.split('/')[-1]) --- -2.31.1 - - -From fc1489a621108d3613d3337489a64950e52d77c3 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Thu, 29 Jun 2023 22:57:46 +0200 -Subject: [PATCH 2/2] [tests] add test for #3292 - -Add a test that cleaner keeps permissions of a sanitised file - -Relevant to: #3292 - -Signed-off-by: Pavel Moravec ---- - .../basic_function_tests/report_with_mask.py | 18 ++++++++++++++++++ - 1 file changed, 18 insertions(+) - -diff --git a/tests/cleaner_tests/basic_function_tests/report_with_mask.py b/tests/cleaner_tests/basic_function_tests/report_with_mask.py -index 7c4d3905..baee836a 100644 ---- a/tests/cleaner_tests/basic_function_tests/report_with_mask.py -+++ b/tests/cleaner_tests/basic_function_tests/report_with_mask.py -@@ -9,6 +9,7 @@ - from sos_tests import StageOneReportTest, StageTwoReportTest - - import re -+from os import stat - - - class ReportWithMask(StageOneReportTest): -@@ -18,6 +19,17 @@ class ReportWithMask(StageOneReportTest): - """ - - sos_cmd = '--mask -o host,networking' -+ hosts_obfuscated = None -+ -+ def pre_sos_setup(self): -+ # obfuscate a random word from /etc/hosts and ensure the updated -+ # sanitised file has same permissions (a+r) -+ try: -+ self.hosts_obfuscated = open('/etc/hosts').read().strip('#\n').split()[-1] -+ except (FileNotFoundError, IndexError) as e: -+ self.warning(f"Unable to process /etc/hosts: {e}") -+ if self.hosts_obfuscated: -+ self.sos_cmd += f' --keywords={self.hosts_obfuscated}' - - def test_mask_was_run(self): - self.assertOutputContains('Beginning obfuscation') -@@ -53,6 +65,12 @@ class ReportWithMask(StageOneReportTest): - mac = line.strip().split()[1] - assert mac.startswith('53:4f:53'), "Found unobfuscated mac addr %s" % mac - -+ def test_perms_unchanged_on_modified_file(self): -+ if self.hosts_obfuscated: -+ imode_orig = stat('/etc/hosts').st_mode -+ imode_obfuscated = stat(self.get_name_in_archive('etc/hosts')).st_mode -+ self.assertEqual(imode_orig, imode_obfuscated) -+ - - class ReportWithCleanedKeywords(StageOneReportTest): - """Testing for obfuscated keywords provided by the user --- -2.31.1 - diff --git a/sos-bz2226682-ovn-ic-db-files.patch b/sos-bz2226682-ovn-ic-db-files.patch new file mode 100644 index 0000000..82a684d --- /dev/null +++ b/sos-bz2226682-ovn-ic-db-files.patch @@ -0,0 +1,42 @@ +From 0af74a8b24ec9dab0ca0089d5b834ab9908173ac Mon Sep 17 00:00:00 2001 +From: Periyasamy Palanisamy +Date: Fri, 21 Jul 2023 15:03:01 +0530 +Subject: [PATCH] Collect db files for ovn interconnect environment + +This updates openshift_ovn plugin to collect ovn db files +when it is running with interconnect configuration. + +Signed-off-by: Periyasamy Palanisamy +--- + sos/report/plugins/openshift_ovn.py | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py +index 98522b1ed6..d81fc97aae 100644 +--- a/sos/report/plugins/openshift_ovn.py ++++ b/sos/report/plugins/openshift_ovn.py +@@ -27,7 +27,13 @@ def setup(self): + "/var/log/openvswitch/libreswan.log", + "/var/log/openvswitch/ovs-monitor-ipsec.log" + ]) ++ # Collect ovn interconnect specific files if exists. ++ self.add_copy_spec([ ++ "/var/lib/ovn-ic/etc/ovnnb_db.db", ++ "/var/lib/ovn-ic/etc/ovnsb_db.db" ++ ]) + ++ # The ovn cluster/status is not valid anymore for interconnect setup. + self.add_cmd_output([ + 'ovn-appctl -t /var/run/ovn/ovnnb_db.ctl ' + + 'cluster/status OVN_Northbound', +@@ -38,6 +44,10 @@ def setup(self): + 'ovs-appctl -t /var/run/ovn/ovn-controller.*.ctl ' + + 'ct-zone-list'], + container='ovnkube-node') ++ # Collect ovs ct-zone-list directly on host for interconnect setup. ++ self.add_cmd_output([ ++ 'ovs-appctl -t /var/run/ovn-ic/ovn-controller.*.ctl ' + ++ 'ct-zone-list']) + self.add_cmd_output([ + 'ovs-appctl -t ovs-monitor-ipsec tunnels/show', + 'ipsec status', diff --git a/sos.spec b/sos.spec index 145f9b7..0899c1b 100644 --- a/sos.spec +++ b/sos.spec @@ -4,8 +4,8 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.5.5 -Release: 2%{?dist} +Version: 4.5.6 +Release: 1%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz @@ -22,8 +22,7 @@ Recommends: python3-pexpect Recommends: python3-pyyaml Conflicts: vdsm < 4.40 Obsoletes: sos-collector -Patch1: sos-bz2218279-clean-respect-permissions.patch -Patch2: sos-bz2207562-clean-obfuscate-mac.patch +Patch1: sos-bz2226682-ovn-ic-db-files.patch %description Sos is a set of tools that gathers information about system @@ -35,7 +34,6 @@ support technicians and developers. %setup -qn %{name}-%{version} %setup -T -D -a1 -q %patch1 -p1 -%patch2 -p1 %build %py3_build @@ -108,6 +106,10 @@ of the system. Currently storage and filesystem commands are audited. %ghost /etc/audit/rules.d/40-sos-storage.rules %changelog +* Thu Jul 27 2023 Pavel Moravec = 4.5.6-1 +- Rebase sos to 4.5.6 + Resolves: bz2226724 + * Fri Jul 14 2023 Jan Jansky = 4.5.5-2 - Adding patch for mac obfuscation Resolves: bz2218279 diff --git a/sources b/sources index 0d6b38d..9e50491 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (sos-4.5.5.tar.gz) = 6731d2b9671350eeb8dd738516fa484f2b8a3eb17e9caef9ade1aeee1fe581a67e4c2ea0cc8e89838770ffc85f052e0dd6422f2121efb4a99728b1e865780c50 +SHA512 (sos-4.5.6.tar.gz) = 075b7767115dfb112b6a45f75851874c6740b133553659424cffd0a4af40fb6c6a5d5232e3c3c6a82d7868695a42e67e460067de5b9c7964d7b2ff584c091d0b SHA512 (sos-audit-0.3.tgz) = 32597baf6350804d08179a0dbe48470a93df148e83d2e49bb3288f6bcc2d151bb1433761913bfbccd912c14de92435939fef5bcd7e091dfe33a345d61ea842ea