sos updates to 8.9
Resolves: bz2226724 Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
This commit is contained in:
parent
82638f57e9
commit
a7a3d12711
1
.gitignore
vendored
1
.gitignore
vendored
@ -6,3 +6,4 @@
|
|||||||
/sos-4.5.1.tar.gz
|
/sos-4.5.1.tar.gz
|
||||||
/sos-4.5.3.tar.gz
|
/sos-4.5.3.tar.gz
|
||||||
/sos-4.5.4.tar.gz
|
/sos-4.5.4.tar.gz
|
||||||
|
/sos-4.5.6.tar.gz
|
||||||
|
@ -1,57 +0,0 @@
|
|||||||
From 59c2660584734af92eca2eae31af3fbf5557f853 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Jan Jansky <jjansky@redhat.com>
|
|
||||||
Date: Mon, 10 Jul 2023 13:10:22 +0200
|
|
||||||
Subject: [PATCH] [clean] Properly obfuscate MAC addresses
|
|
||||||
|
|
||||||
Some of mac addresses was not properly obfuscated because
|
|
||||||
some collected data contains mac addresses in format
|
|
||||||
01:<mac> and parser was not ready for that.
|
|
||||||
|
|
||||||
Also added mapper which will obfuscate mac address in case
|
|
||||||
it is in format with _ instead of : as for example
|
|
||||||
|
|
||||||
00_50_56_87_5d_01
|
|
||||||
|
|
||||||
instead of
|
|
||||||
|
|
||||||
00:50:56:87:5d:01
|
|
||||||
|
|
||||||
Format with _ is used for example by vmware plugin.
|
|
||||||
|
|
||||||
Resolves: #3302
|
|
||||||
|
|
||||||
Signed-off-by: Jan Jansky <jjansky@redhat.com>
|
|
||||||
---
|
|
||||||
sos/cleaner/mappings/mac_map.py | 2 +-
|
|
||||||
sos/cleaner/parsers/mac_parser.py | 4 ++--
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/sos/cleaner/mappings/mac_map.py b/sos/cleaner/mappings/mac_map.py
|
|
||||||
index 334a6681..4ccba25a 100644
|
|
||||||
--- a/sos/cleaner/mappings/mac_map.py
|
|
||||||
+++ b/sos/cleaner/mappings/mac_map.py
|
|
||||||
@@ -75,5 +75,5 @@ class SoSMacMap(SoSMap):
|
|
||||||
if re.match('(([0-9a-fA-F]{4}:){3}([0-9a-fA-F]){4})', item):
|
|
||||||
return self.mac6_quad_template % hextets
|
|
||||||
# match 48-bit IPv4 MAC addresses
|
|
||||||
- if re.match('([0-9a-fA-F]:?){12}', item):
|
|
||||||
+ if re.match('([0-9a-fA-F][:_]?){12}', item):
|
|
||||||
return self.mac_template % hextets
|
|
||||||
diff --git a/sos/cleaner/parsers/mac_parser.py b/sos/cleaner/parsers/mac_parser.py
|
|
||||||
index 88b0ac2e..4e790018 100644
|
|
||||||
--- a/sos/cleaner/parsers/mac_parser.py
|
|
||||||
+++ b/sos/cleaner/parsers/mac_parser.py
|
|
||||||
@@ -25,8 +25,8 @@ IPV6_REG_4HEX = (
|
|
||||||
)
|
|
||||||
# aa:bb:cc:dd:ee:ff avoiding ipv6 substring matches
|
|
||||||
IPV4_REG = (
|
|
||||||
- r'((?<!([0-9a-fA-F\'\"]:)|::)(([^:\-])?([0-9a-fA-F]{2}([:-])){5}'
|
|
||||||
- r'([0-9a-fA-F]){2}(\'|\")?(\/|\,|\-|\.|\s|$)))'
|
|
||||||
+ r'((?<!([0-9a-fA-F\'\"]:)|::)'
|
|
||||||
+ r'(([^:\-])?(([0-9a-fA-F]{2}([:\-\_])){5,6}([0-9a-fA-F]{2}))))'
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,93 +0,0 @@
|
|||||||
From cca04c1e1fdc97632cdefdc1d1d7a3dea9cb4aea Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pavel Moravec <pmoravec@redhat.com>
|
|
||||||
Date: Wed, 28 Jun 2023 11:49:56 +0200
|
|
||||||
Subject: [PATCH 1/2] [clean] Respect permissions of sanitised files
|
|
||||||
|
|
||||||
When copying files we applied a substitution in, we must replace just
|
|
||||||
original file content (shutil.copyfile) and not also its stat data
|
|
||||||
(shutil.copy).
|
|
||||||
|
|
||||||
Resolves: #3292
|
|
||||||
|
|
||||||
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
||||||
---
|
|
||||||
sos/cleaner/__init__.py | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py
|
|
||||||
index feeedf66..fbcaa9c3 100644
|
|
||||||
--- a/sos/cleaner/__init__.py
|
|
||||||
+++ b/sos/cleaner/__init__.py
|
|
||||||
@@ -778,7 +778,7 @@ third party.
|
|
||||||
% (short_name, err), caller=arc_name)
|
|
||||||
tfile.seek(0)
|
|
||||||
if subs:
|
|
||||||
- shutil.copy(tfile.name, filename)
|
|
||||||
+ shutil.copyfile(tfile.name, filename)
|
|
||||||
tfile.close()
|
|
||||||
|
|
||||||
_ob_short_name = self.obfuscate_string(short_name.split('/')[-1])
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
||||||
|
|
||||||
From fc1489a621108d3613d3337489a64950e52d77c3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pavel Moravec <pmoravec@redhat.com>
|
|
||||||
Date: Thu, 29 Jun 2023 22:57:46 +0200
|
|
||||||
Subject: [PATCH 2/2] [tests] add test for #3292
|
|
||||||
|
|
||||||
Add a test that cleaner keeps permissions of a sanitised file
|
|
||||||
|
|
||||||
Relevant to: #3292
|
|
||||||
|
|
||||||
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
||||||
---
|
|
||||||
.../basic_function_tests/report_with_mask.py | 18 ++++++++++++++++++
|
|
||||||
1 file changed, 18 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tests/cleaner_tests/basic_function_tests/report_with_mask.py b/tests/cleaner_tests/basic_function_tests/report_with_mask.py
|
|
||||||
index 7c4d3905..baee836a 100644
|
|
||||||
--- a/tests/cleaner_tests/basic_function_tests/report_with_mask.py
|
|
||||||
+++ b/tests/cleaner_tests/basic_function_tests/report_with_mask.py
|
|
||||||
@@ -9,6 +9,7 @@
|
|
||||||
from sos_tests import StageOneReportTest, StageTwoReportTest
|
|
||||||
|
|
||||||
import re
|
|
||||||
+from os import stat
|
|
||||||
|
|
||||||
|
|
||||||
class ReportWithMask(StageOneReportTest):
|
|
||||||
@@ -18,6 +19,17 @@ class ReportWithMask(StageOneReportTest):
|
|
||||||
"""
|
|
||||||
|
|
||||||
sos_cmd = '--mask -o host,networking'
|
|
||||||
+ hosts_obfuscated = None
|
|
||||||
+
|
|
||||||
+ def pre_sos_setup(self):
|
|
||||||
+ # obfuscate a random word from /etc/hosts and ensure the updated
|
|
||||||
+ # sanitised file has same permissions (a+r)
|
|
||||||
+ try:
|
|
||||||
+ self.hosts_obfuscated = open('/etc/hosts').read().strip('#\n').split()[-1]
|
|
||||||
+ except (FileNotFoundError, IndexError) as e:
|
|
||||||
+ self.warning(f"Unable to process /etc/hosts: {e}")
|
|
||||||
+ if self.hosts_obfuscated:
|
|
||||||
+ self.sos_cmd += f' --keywords={self.hosts_obfuscated}'
|
|
||||||
|
|
||||||
def test_mask_was_run(self):
|
|
||||||
self.assertOutputContains('Beginning obfuscation')
|
|
||||||
@@ -53,6 +65,12 @@ class ReportWithMask(StageOneReportTest):
|
|
||||||
mac = line.strip().split()[1]
|
|
||||||
assert mac.startswith('53:4f:53'), "Found unobfuscated mac addr %s" % mac
|
|
||||||
|
|
||||||
+ def test_perms_unchanged_on_modified_file(self):
|
|
||||||
+ if self.hosts_obfuscated:
|
|
||||||
+ imode_orig = stat('/etc/hosts').st_mode
|
|
||||||
+ imode_obfuscated = stat(self.get_name_in_archive('etc/hosts')).st_mode
|
|
||||||
+ self.assertEqual(imode_orig, imode_obfuscated)
|
|
||||||
+
|
|
||||||
|
|
||||||
class ReportWithCleanedKeywords(StageOneReportTest):
|
|
||||||
"""Testing for obfuscated keywords provided by the user
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
42
sos-bz2226682-ovn-ic-db-files.patch
Normal file
42
sos-bz2226682-ovn-ic-db-files.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
From 0af74a8b24ec9dab0ca0089d5b834ab9908173ac Mon Sep 17 00:00:00 2001
|
||||||
|
From: Periyasamy Palanisamy <pepalani@redhat.com>
|
||||||
|
Date: Fri, 21 Jul 2023 15:03:01 +0530
|
||||||
|
Subject: [PATCH] Collect db files for ovn interconnect environment
|
||||||
|
|
||||||
|
This updates openshift_ovn plugin to collect ovn db files
|
||||||
|
when it is running with interconnect configuration.
|
||||||
|
|
||||||
|
Signed-off-by: Periyasamy Palanisamy <pepalani@redhat.com>
|
||||||
|
---
|
||||||
|
sos/report/plugins/openshift_ovn.py | 10 ++++++++++
|
||||||
|
1 file changed, 10 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py
|
||||||
|
index 98522b1ed6..d81fc97aae 100644
|
||||||
|
--- a/sos/report/plugins/openshift_ovn.py
|
||||||
|
+++ b/sos/report/plugins/openshift_ovn.py
|
||||||
|
@@ -27,7 +27,13 @@ def setup(self):
|
||||||
|
"/var/log/openvswitch/libreswan.log",
|
||||||
|
"/var/log/openvswitch/ovs-monitor-ipsec.log"
|
||||||
|
])
|
||||||
|
+ # Collect ovn interconnect specific files if exists.
|
||||||
|
+ self.add_copy_spec([
|
||||||
|
+ "/var/lib/ovn-ic/etc/ovnnb_db.db",
|
||||||
|
+ "/var/lib/ovn-ic/etc/ovnsb_db.db"
|
||||||
|
+ ])
|
||||||
|
|
||||||
|
+ # The ovn cluster/status is not valid anymore for interconnect setup.
|
||||||
|
self.add_cmd_output([
|
||||||
|
'ovn-appctl -t /var/run/ovn/ovnnb_db.ctl ' +
|
||||||
|
'cluster/status OVN_Northbound',
|
||||||
|
@@ -38,6 +44,10 @@ def setup(self):
|
||||||
|
'ovs-appctl -t /var/run/ovn/ovn-controller.*.ctl ' +
|
||||||
|
'ct-zone-list'],
|
||||||
|
container='ovnkube-node')
|
||||||
|
+ # Collect ovs ct-zone-list directly on host for interconnect setup.
|
||||||
|
+ self.add_cmd_output([
|
||||||
|
+ 'ovs-appctl -t /var/run/ovn-ic/ovn-controller.*.ctl ' +
|
||||||
|
+ 'ct-zone-list'])
|
||||||
|
self.add_cmd_output([
|
||||||
|
'ovs-appctl -t ovs-monitor-ipsec tunnels/show',
|
||||||
|
'ipsec status',
|
12
sos.spec
12
sos.spec
@ -4,8 +4,8 @@
|
|||||||
|
|
||||||
Summary: A set of tools to gather troubleshooting information from a system
|
Summary: A set of tools to gather troubleshooting information from a system
|
||||||
Name: sos
|
Name: sos
|
||||||
Version: 4.5.5
|
Version: 4.5.6
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
|
Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
|
||||||
Source1: sos-audit-%{auditversion}.tgz
|
Source1: sos-audit-%{auditversion}.tgz
|
||||||
@ -22,8 +22,7 @@ Recommends: python3-pexpect
|
|||||||
Recommends: python3-pyyaml
|
Recommends: python3-pyyaml
|
||||||
Conflicts: vdsm < 4.40
|
Conflicts: vdsm < 4.40
|
||||||
Obsoletes: sos-collector
|
Obsoletes: sos-collector
|
||||||
Patch1: sos-bz2218279-clean-respect-permissions.patch
|
Patch1: sos-bz2226682-ovn-ic-db-files.patch
|
||||||
Patch2: sos-bz2207562-clean-obfuscate-mac.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Sos is a set of tools that gathers information about system
|
Sos is a set of tools that gathers information about system
|
||||||
@ -35,7 +34,6 @@ support technicians and developers.
|
|||||||
%setup -qn %{name}-%{version}
|
%setup -qn %{name}-%{version}
|
||||||
%setup -T -D -a1 -q
|
%setup -T -D -a1 -q
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%py3_build
|
%py3_build
|
||||||
@ -108,6 +106,10 @@ of the system. Currently storage and filesystem commands are audited.
|
|||||||
%ghost /etc/audit/rules.d/40-sos-storage.rules
|
%ghost /etc/audit/rules.d/40-sos-storage.rules
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jul 27 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.6-1
|
||||||
|
- Rebase sos to 4.5.6
|
||||||
|
Resolves: bz2226724
|
||||||
|
|
||||||
* Fri Jul 14 2023 Jan Jansky <jjansky@redhat.com> = 4.5.5-2
|
* Fri Jul 14 2023 Jan Jansky <jjansky@redhat.com> = 4.5.5-2
|
||||||
- Adding patch for mac obfuscation
|
- Adding patch for mac obfuscation
|
||||||
Resolves: bz2218279
|
Resolves: bz2218279
|
||||||
|
2
sources
2
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (sos-4.5.5.tar.gz) = 6731d2b9671350eeb8dd738516fa484f2b8a3eb17e9caef9ade1aeee1fe581a67e4c2ea0cc8e89838770ffc85f052e0dd6422f2121efb4a99728b1e865780c50
|
SHA512 (sos-4.5.6.tar.gz) = 075b7767115dfb112b6a45f75851874c6740b133553659424cffd0a4af40fb6c6a5d5232e3c3c6a82d7868695a42e67e460067de5b9c7964d7b2ff584c091d0b
|
||||||
SHA512 (sos-audit-0.3.tgz) = 32597baf6350804d08179a0dbe48470a93df148e83d2e49bb3288f6bcc2d151bb1433761913bfbccd912c14de92435939fef5bcd7e091dfe33a345d61ea842ea
|
SHA512 (sos-audit-0.3.tgz) = 32597baf6350804d08179a0dbe48470a93df148e83d2e49bb3288f6bcc2d151bb1433761913bfbccd912c14de92435939fef5bcd7e091dfe33a345d61ea842ea
|
||||||
|
Loading…
Reference in New Issue
Block a user