metalefty/sos
1
0
Fork 0
forked from rpms/sos
Code Pull Requests Activity

import UBI sos-4.10.1-2.el8_10

Browse Source
This commit is contained in:
eabdullin 2026-01-06 18:49:57 +00:00
parent d6f98c0e3f
commit a86f542cfd
14 changed files with 207 additions and 251 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/sos-4.10.0.tar.gz
SOURCES/sos-4.10.1.tar.gz
SOURCES/sos-audit-0.3-1.tgz

2
.sos.metadata
View File

@ -1,2 +1,2 @@
6042daa19f01ecf2f1e331ae70482653fd500d1f SOURCES/sos-4.10.0.tar.gz
9e592633b8ac40cfd84c08b33d3f213edaadfb08 SOURCES/sos-4.10.1.tar.gz
00752b68ec5e1141192a9dab7d44377b8d637bf7 SOURCES/sos-audit-0.3-1.tgz

101
SOURCES/0001-cleaner-Make-cleaner-s-obfuscate_file-properly-worki.patch
View File

@ -1,101 +0,0 @@
From 3efc8888852225396ebb4f0f9ae95edf4e5badfa Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Wed, 20 Aug 2025 20:07:05 +0200
Subject: [PATCH] [cleaner] Make cleaner's obfuscate_file properly working
The fix is three-fold:
- obfuscate_file must clean file content and not filename
- cleaner's main_archive must be populated by parsers first
- obfuscate_file dont need short_name as it is always called with
implicit value of short_name that cleaner will strip itself
Closes: #4109
Closes: #4110
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/cleaner/__init__.py | 7 ++++---
sos/collector/__init__.py | 9 +++------
sos/report/__init__.py | 9 +++------
3 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py
index 4a1470b5..dcd60c66 100644
--- a/sos/cleaner/__init__.py
+++ b/sos/cleaner/__init__.py
@@ -537,7 +537,7 @@ third party.
logfile.write(line)
if archive:
- self.obfuscate_file(log_name, short_name="sos_logs/cleaner.log")
+ self.obfuscate_file(log_name)
self.archive.add_file(log_name, dest="sos_logs/cleaner.log")
def get_new_checksum(self, archive_path):
@@ -678,6 +678,7 @@ third party.
for prepper in self.get_preppers():
for archive in self.report_paths:
self._prepare_archive_with_prepper(archive, prepper)
+ self.main_archive.set_parsers(self.parsers)
def obfuscate_report(self, archive): # pylint: disable=too-many-branches
"""Individually handle each archive or directory we've discovered by
@@ -784,8 +785,8 @@ third party.
self.ui_log.info("Exception while processing "
f"{archive.archive_name}: {err}")
- def obfuscate_file(self, filename, short_name):
- self.main_archive.obfuscate_filename(filename, short_name)
+ def obfuscate_file(self, filename):
+ self.main_archive.obfuscate_arc_files([filename])
def obfuscate_symlinks(self, archive):
"""Iterate over symlinks in the archive and obfuscate their names.
diff --git a/sos/collector/__init__.py b/sos/collector/__init__.py
index 7a414501..e6b55f20 100644
--- a/sos/collector/__init__.py
+++ b/sos/collector/__init__.py
@@ -1405,16 +1405,13 @@ this utility or remote systems that it connects to.
if do_clean:
_dir = os.path.join(self.tmpdir, self.archive._name)
cleaner.obfuscate_file(
- os.path.join(_dir, 'sos_logs', 'sos.log'),
- short_name='sos.log'
+ os.path.join(_dir, 'sos_logs', 'sos.log')
)
cleaner.obfuscate_file(
- os.path.join(_dir, 'sos_logs', 'ui.log'),
- short_name='ui.log'
+ os.path.join(_dir, 'sos_logs', 'ui.log')
)
cleaner.obfuscate_file(
- os.path.join(_dir, 'sos_reports', 'manifest.json'),
- short_name='manifest.json'
+ os.path.join(_dir, 'sos_reports', 'manifest.json')
)
arc_name = self.archive.finalize(method=None)
diff --git a/sos/report/__init__.py b/sos/report/__init__.py
index 074afcff..9fb94d6a 100644
--- a/sos/report/__init__.py
+++ b/sos/report/__init__.py
@@ -1571,13 +1571,10 @@ class SoSReport(SoSComponent):
# Now, separately clean the log files that cleaner also wrote to
if do_clean:
_dir = os.path.join(self.tmpdir, self.archive._name)
- cleaner.obfuscate_file(os.path.join(_dir, 'sos_logs', 'sos.log'),
- short_name='sos.log')
- cleaner.obfuscate_file(os.path.join(_dir, 'sos_logs', 'ui.log'),
- short_name='ui.log')
+ cleaner.obfuscate_file(os.path.join(_dir, 'sos_logs', 'sos.log'))
+ cleaner.obfuscate_file(os.path.join(_dir, 'sos_logs', 'ui.log'))
cleaner.obfuscate_file(
- os.path.join(_dir, 'sos_reports', 'manifest.json'),
- short_name='manifest.json'
+ os.path.join(_dir, 'sos_reports', 'manifest.json')
)
# Now, just (optionally) pack the report and print work outcome; let
--
2.49.0

12
SOURCES/sos-python36-walrus-operator.patch → SOURCES/0001-python3-walrus-operator.patch
View File

@ -52,3 +52,15 @@
return _runtime.fmt_container_cmd(container, cmd, quotecmd)
return ''
--- a/sos/report/plugins/loki.py 2025-11-24 11:20:56.237814760 +0100
+++ b/sos/report/plugins/loki.py 2025-11-24 11:28:37.466603011 +0100
@@ -143,7 +143,8 @@
if self.get_option("collect-logs"):
endpoint = self.get_option("endpoint") or "http://localhost:3100"
self.labels = []
- if labels_option := self.get_option("labels"):
+ labels_option = self.get_option("labels")
+ if labels_option:
if isinstance(labels_option, str) and labels_option:
self.labels.extend(labels_option.split(":"))

72
SOURCES/0002-openstack_nova-Improve-scrubbing.patch
View File

@ -1,72 +0,0 @@
From 6378a4ee9fa3eeaf384bd87fc87e24a0c5608658 Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Tue, 19 Aug 2025 09:08:15 +0200
Subject: [PATCH] [openstack_nova] Improve scrubbing
Improve postproc obfuscation in two ways:
- apply postproc also to /var/lib/openstack/config/nova on RedHatNova
- obfuscate just password from transport_url, not the whole URL
Closes: #4108
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/report/plugins/openstack_nova.py | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/sos/report/plugins/openstack_nova.py b/sos/report/plugins/openstack_nova.py
index 728aed1e..2635866e 100644
--- a/sos/report/plugins/openstack_nova.py
+++ b/sos/report/plugins/openstack_nova.py
@@ -29,6 +29,7 @@ class OpenStackNova(Plugin):
var_puppet_gen = "/var/lib/config-data/puppet-generated/nova"
service_name = "openstack-nova-api.service"
apachepkg = None
+ postproc_dirs = ["/etc/nova/",]
def setup(self):
@@ -141,12 +142,13 @@ class OpenStackNova(Plugin):
self.add_copy_spec(specs)
def apply_regex_sub(self, regexp, subst):
- """ Apply regex substitution """
- self.do_path_regex_sub("/etc/nova/*", regexp, subst)
- for npath in ['', '_libvirt', '_metadata', '_placement']:
- self.do_path_regex_sub(
- f"{self.var_puppet_gen}{npath}/etc/nova/*",
- regexp, subst)
+ """ Apply regex substitution to all sensitive dirs """
+ for _dir in self.postproc_dirs:
+ self.do_path_regex_sub(f"{_dir}/*", regexp, subst)
+ for npath in ['', '_libvirt', '_metadata', '_placement']:
+ self.do_path_regex_sub(
+ f"{self.var_puppet_gen}{npath}{_dir}/*",
+ regexp, subst)
def postproc(self):
protect_keys = [
@@ -155,10 +157,9 @@ class OpenStackNova(Plugin):
"xenapi_connection_password", "password", "host_password",
"vnc_password", "admin_password", "connection_password",
"memcache_secret_key", "s3_secret_key",
- "metadata_proxy_shared_secret", "fixed_key", "transport_url",
- "rbd_secret_uuid"
+ "metadata_proxy_shared_secret", "fixed_key", "rbd_secret_uuid"
]
- connection_keys = ["connection", "sql_connection"]
+ connection_keys = ["connection", "sql_connection", "transport_url"]
join_con_keys = "|".join(connection_keys)
@@ -214,6 +215,7 @@ class RedHatNova(OpenStackNova, RedHatPlugin):
apachepkg = "httpd"
nova = False
packages = ('openstack-selinux',)
+ postproc_dirs = ["/etc/nova/", "/var/lib/openstack/config/nova"]
def setup(self):
super().setup()
--
2.49.0

27
SOURCES/0002-sosreport-binary.patch Normal file
View File

@ -0,0 +1,27 @@
--- /dev/null 2025-10-28 14:11:21.494784405 +0100
+++ sos-4.10.1/bin/sosreport 2025-12-04 08:46:53.277857061 +0100
@@ -0,0 +1,5 @@
+#!/bin/bash
+echo "sosreport binary is deprecated, use 'sos report' instead"
+exec sos report "$@"
+
+# vim:ts=4 et sw=4
--- /dev/null 2025-10-28 14:11:21.494784405 +0100
+++ sos-4.10.1/bin/sos-collector 2025-12-04 08:48:04.661880220 +0100
@@ -0,0 +1,5 @@
+#!/bin/bash
+echo "sos-collector binary is deprecated, use 'sos collector' instead"
+exec sos collector "$@"
+
+# vim:ts=4 et sw=4
--- sos-4.10.1/setup.py 2025-04-15 15:17:21.938635468 +0200
+++ sos-4.10.1/setup.py 2025-04-15 15:17:41.328198501 +0200
@@ -34,7 +34,7 @@
maintainer_email='jacob.r.hunsaker@gmail.com',
url='https://github.com/sosreport/sos',
license="GPLv2+",
- scripts=['bin/sos'],
+ scripts=['bin/sos', 'bin/sosreport', 'bin/sos-collector'],
data_files=data_files,
packages=find_packages(include=['sos', 'sos.*'])
)

36
SOURCES/0003-component-Fix-regression-57bbc89-in-toolbox-containe.patch
View File

@ -1,36 +0,0 @@
From c0e514894b2c35c2b36f247f8b84dd4311034fb6 Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Fri, 12 Sep 2025 11:36:02 +0200
Subject: [PATCH] [component] Fix regression 57bbc89 in toolbox containers
57bbc89 commit set tmpdir to source the dir from Policy. Which means
HOST sysroot directory is newly applied already in
LinuxPolicy._container_init method.
Removed lines mimic the same in a worse way, so let drop them here.
Resolves: #4116
Closes: #4118
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/component.py | 3 ---
1 file changed, 3 deletions(-)
diff --git a/sos/component.py b/sos/component.py
index a110c270..3e53fe3d 100644
--- a/sos/component.py
+++ b/sos/component.py
@@ -170,9 +170,6 @@ class SoSComponent():
else:
tmpdir = os.getenv('TMPDIR', None) or self.policy.get_tmp_dir(None)
- if os.getenv('HOST', None) and os.getenv('container', None):
- tmpdir = os.path.join(os.getenv('HOST'), tmpdir.lstrip('/'))
-
# no standard library method exists for this, so call out to stat to
# avoid bringing in a dependency on psutil
self.tmpfstype = shell_out(
--
2.49.0

0
SOURCES/0004-revert-PR4092.patch → SOURCES/0003-revert-PR4092.patch
View File

0
SOURCES/0005-cleaner-rhel8.patch → SOURCES/0004-cleaner-rhel8.patch
View File

60
SOURCES/0005-pulpcore-RFE-export-table-contents-as-CSV.patch Normal file
View File

@ -0,0 +1,60 @@
From 6402b4240929b334c31a38a9c86e16e0b6a9e4dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pablo=20Fern=C3=A1ndez=20Rodr=C3=ADguez?=
<pafernan@redhat.com>
Date: Fri, 21 Nov 2025 12:32:30 +0100
Subject: [PATCH] [pulpcore] RFE export table contents as CSV
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Resolves: #4152
Signed-off-by: Pablo Fernández Rodríguez <pafernan@redhat.com>
---
sos/report/plugins/pulpcore.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/sos/report/plugins/pulpcore.py b/sos/report/plugins/pulpcore.py
index ffd53e01..4b126e78 100644
--- a/sos/report/plugins/pulpcore.py
+++ b/sos/report/plugins/pulpcore.py
@@ -127,14 +127,15 @@ class PulpCore(Plugin, IndependentPlugin):
"AND table_schema = 'public' AND column_name NOT IN"
" ('args', 'kwargs', 'enc_args', 'enc_kwargs'))"
" TO STDOUT;")
- col_out = self.exec_cmd(self.build_query_cmd(_query), env=self.env,
+ col_out = self.exec_cmd(self.build_query_cmd(_query, csv=False),
+ env=self.env,
runas=self.runas,
container=self.in_container)
columns = col_out['output'] if col_out['status'] == 0 else '*'
_query = (f"select {columns} from {table} where pulp_last_updated"
f"> NOW() - interval '{task_days} days' order by"
" pulp_last_updated")
- _cmd = self.build_query_cmd(_query)
+ _cmd = self.build_query_cmd(_query, csv=True)
self.add_cmd_output(_cmd, env=self.env, suggest_filename=table,
runas=self.runas, container=self.in_container)
@@ -152,7 +153,8 @@ class PulpCore(Plugin, IndependentPlugin):
"pg_total_relation_size(reltoastrelid) AS toast_bytes "
"FROM pg_class c LEFT JOIN pg_namespace n ON "
"n.oid = c.relnamespace WHERE relkind = 'r') a) a order by "
- "total_bytes DESC"
+ "total_bytes DESC",
+ csv=False
)
self.add_cmd_output(_cmd, suggest_filename='pulpcore_db_tables_sizes',
env=self.env, runas=self.runas,
@@ -168,7 +170,7 @@ class PulpCore(Plugin, IndependentPlugin):
"""
if csv:
query = f"COPY ({query}) TO STDOUT " \
- "WITH (FORMAT 'csv', DELIMITER ',', HEADER)"
+ "WITH (FORMAT 'csv', DELIMITER ';', HEADER)"
_dbcmd = "psql --no-password -h %s -p %s -U %s -d %s -c %s"
return _dbcmd % (self.dbhost, self.dbport,
self.dbuser, self.dbname, quote(query))
--
2.51.1

31
SOURCES/0006-cleaner-Mask-IPv6-addresses-with-trailing-or.patch Normal file
View File

@ -0,0 +1,31 @@
From 1c1ee1ac676961fecfc5513fa4f90656401b3aaa Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Wed, 5 Nov 2025 11:53:57 +0100
Subject: [PATCH] [cleaner] Mask IPv6 addresses with trailing ':' or '\'
Additionally, fix missing backslash in subnet identification.
Resolves: #4154
Closes: #4155
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/cleaner/parsers/ipv6_parser.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sos/cleaner/parsers/ipv6_parser.py b/sos/cleaner/parsers/ipv6_parser.py
index bfb860c7..315241f5 100644
--- a/sos/cleaner/parsers/ipv6_parser.py
+++ b/sos/cleaner/parsers/ipv6_parser.py
@@ -27,7 +27,7 @@ class SoSIPv6Parser(SoSCleanerParser):
# a trailing prefix for the network bits.
r"(?<![:\\.\\-a-z0-9])((([0-9a-f]{1,4})(:[0-9a-f]{1,4}){7})|"
r"(([0-9a-f]{1,4}(:[0-9a-f]{0,4}){0,5}))([^.])::(([0-9a-f]{1,4}"
- r"(:[0-9a-f]{1,4}){0,5})?)(/\d{1,3})?)(?![:\\a-z0-9])"
+ r"(:[0-9a-f]{1,4}){0,5})?)(\/\d{1,3})?)(?!([a-z0-9]|:[a-z0-9]))"
]
parser_skip_files = [
'etc/dnsmasq.conf.*',
--
2.51.1

58
SOURCES/0007-plugin_aws-fix-unable-to-get-metadata-in-aws.py.patch Normal file
View File

@ -0,0 +1,58 @@
From d78e7000d0c91ba0b6b7a56fc931bce3094d0bc9 Mon Sep 17 00:00:00 2001
From: Frank Liang <xiliang@redhat.com>
Date: Wed, 3 Dec 2025 00:21:06 +0800
Subject: [PATCH] [plugin_aws]fix unable to get metadata in aws.py
- exec_cmd() cmd type is a str, cannot execute when
it is a list
- removed spaces after X-aws-ec2-metadata-token and
X-aws-ec2-metadata-token-ttl-seconds
Signed-off-by: Frank Liang <xiliang@redhat.com>
---
sos/report/plugins/aws.py | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/sos/report/plugins/aws.py b/sos/report/plugins/aws.py
index 602e88e4..ba819bed 100644
--- a/sos/report/plugins/aws.py
+++ b/sos/report/plugins/aws.py
@@ -41,21 +41,19 @@ class Aws(Plugin, IndependentPlugin):
# Try to get an IMDSv2 token
token_url = 'http://169.254.169.254/latest/api/token'
- token_cmd = [
- 'curl', '-sS', '-X', 'PUT', '-H',
- 'X-aws-ec2-metadata-token-ttl-seconds: 21600',
- token_url]
+ token_cmd = f'curl -sS -X PUT -H \
+ X-aws-ec2-metadata-token-ttl-seconds:21600 {token_url}'
try:
- token = self.exec_cmd(token_cmd, timeout=1)
+ token = self.exec_cmd(token_cmd, timeout=1)['output']
except Exception:
token = ''
# Add header only if token retrieval succeeded
- token_header = []
+ token_header = ''
if token:
- token_header = ['-H', f'X-aws-ec2-metadata-token: {token}']
+ token_header = f'-H X-aws-ec2-metadata-token:{token}'
# List of metadata paths we want to get
metadata_paths = [
@@ -73,7 +71,7 @@ class Aws(Plugin, IndependentPlugin):
meta_url = base_url + path
safe_name = path.replace('/', '_')
self.add_cmd_output(
- ['curl', '-sS'] + token_header + [meta_url],
+ f'curl -sS {token_header} {meta_url}',
suggest_filename=f'aws_metadata_{safe_name}.txt'
)
--
2.51.1

31
SOURCES/sosreport-binary.patch
View File

@ -1,31 +0,0 @@
--- /dev/null 2025-04-03 01:35:45.132999852 +0200
+++ sos-4.10.0/bin/sosreport 2025-04-15 13:54:04.924751581 +0200
@@ -0,0 +1,6 @@
+#!/usr/bin/python3
+msg = ("sosreport binary is deprecated, use 'sos report' instead")
+print(msg)
+exit(1)
+
+# vim:ts=4 et sw=4
--- /dev/null 2025-04-03 01:35:45.132999852 +0200
+++ sos-4.10.0/bin/sos-collector 2025-04-15 15:10:17.780281627 +0200
@@ -0,0 +1,6 @@
+#!/usr/bin/python3
+msg = ("sos-collector binary is deprecated, use 'sos collector' instead")
+print(msg)
+exit(1)
+
+# vim:ts=4 et sw=4
--- sos-4.9.2/setup.py 2025-04-15 15:17:21.938635468 +0200
+++ sos-4.9.2/setup.py 2025-04-15 15:17:41.328198501 +0200
@@ -34,7 +34,7 @@
maintainer_email='jacob.r.hunsaker@gmail.com',
url='https://github.com/sosreport/sos',
license="GPLv2+",
- scripts=['bin/sos'],
+ scripts=['bin/sos', 'bin/sosreport', 'bin/sos-collector'],
data_files=data_files,
packages=find_packages(include=['sos', 'sos.*'])
)

26
SPECS/sos.spec
View File

@ -4,8 +4,8 @@
Summary: A set of tools to gather troubleshooting information from a system
Name: sos
Version: 4.10.0
Release: 4%{?dist}
Version: 4.10.1
Release: 2%{?dist}
Group: Applications/System
Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
Source1: sos-audit-%{auditversion}.tgz
@ -22,13 +22,13 @@ Recommends: python3-pexpect
Recommends: python3-pyyaml
Conflicts: vdsm < 4.40
Obsoletes: sos-collector
Patch1: sos-python36-walrus-operator.patch
Patch2: sosreport-binary.patch
Patch3: 0001-cleaner-Make-cleaner-s-obfuscate_file-properly-worki.patch
Patch4: 0002-openstack_nova-Improve-scrubbing.patch
Patch5: 0003-component-Fix-regression-57bbc89-in-toolbox-containe.patch
Patch6: 0004-revert-PR4092.patch
Patch7: 0005-cleaner-rhel8.patch
Patch1: 0001-python3-walrus-operator.patch
Patch2: 0002-sosreport-binary.patch
Patch3: 0003-revert-PR4092.patch
Patch4: 0004-cleaner-rhel8.patch
Patch5: 0005-pulpcore-RFE-export-table-contents-as-CSV.patch
Patch6: 0006-cleaner-Mask-IPv6-addresses-with-trailing-or.patch
Patch7: 0007-plugin_aws-fix-unable-to-get-metadata-in-aws.py.patch
%description
Sos is a set of tools that gathers information about system
@ -118,6 +118,14 @@ of the system. Currently storage and filesystem commands are audited.
%license LICENSE
%changelog
* Fri Dec 05 2025 Jan Jansky <jjansky@redhat.com> = 4.10.1-2
- Fixing sosreport and sos-collector binary
Resolves: RHEL-121468
* Tue Nov 25 2025 Jan Jansky <jjansky@redhat.com> = 4.10.1-1
- Update to 4.10.1-1
Resolves: RHEL-121468
* Tue Sep 23 2025 Jan Jansky <jjansky@redhat.com> = 4.10.0-4
- Update to 4.10.0-4
Resolves: RHEL-112413