Auto sync2gitlab import of sos-4.3-3.el8.src.rpm

sos-bz2093993-vdsm-set-use-devicesfile-zero.patch

@@ -0,0 +1,40 @@
+From 7d1ee59fc659467e6860e72322e976ddc5c17db3 Mon Sep 17 00:00:00 2001
+From: Juan Orti Alcaine <jortialc@redhat.com>
+Date: Mon, 6 Jun 2022 16:35:51 +0200
+Subject: [PATCH] [vdsm] Set LVM option use_devicesfile=0
+
+Since RHV 4.4 SP1, vdsm configures LVM to use devicesfile, causing that
+the LVM filter configuration used by sos is ignored.
+
+This change disables the use of the devicesfile, so that the information
+of the devices used for RHV storage domains can be collected.
+
+Fixes: RHBZ#2093993
+
+Signed-off-by: Juan Orti <jortialc@redhat.com>
+---
+ sos/report/plugins/vdsm.py | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/sos/report/plugins/vdsm.py b/sos/report/plugins/vdsm.py
+index ee5befbb1..146d223c2 100644
+--- a/sos/report/plugins/vdsm.py
++++ b/sos/report/plugins/vdsm.py
+@@ -29,7 +29,8 @@
+ # use_lvmetad is set to 0 in order not to show cached, old lvm metadata.
+ # use_lvmetad=0
+ #
+-# preferred_names and filter config values are set to capture Vdsm devices.
++# preferred_names, use_devicesfile and filter config values are set to
++# capture Vdsm devices.
+ # preferred_names=[ '^/dev/mapper/' ]
+ # filter=[ 'a|^/dev/mapper/.*|', 'r|.*|' ]
+ LVM_CONFIG = """
+@@ -43,6 +44,7 @@
+     ignore_suspended_devices=1
+     write_cache_state=0
+     disable_after_error_count=3
++    use_devicesfile=0
+     filter=["a|^/dev/disk/by-id/dm-uuid-mpath-|", "r|.+|"]
+ }
+ """

sos-bz2099598-forbidden-path-efficient.patch

@@ -0,0 +1,116 @@
+From 1dc3625fabea7331570f713fd1c87ac812d72d92 Mon Sep 17 00:00:00 2001
+From: Jake Hunsaker <jhunsake@redhat.com>
+Date: Wed, 18 May 2022 13:39:38 -0400
+Subject: [PATCH] [Plugin] Make forbidden path checks more efficient
+
+Forbidden path checks have up until now worked by taking a given file
+path (potentially with globs), expanding that against all discovered
+files that actually exist on the system, and then comparing a potential
+collection path against that list.
+
+While this works, and works reasonably fast for most scenarios, it isn't
+very efficient and causes significant slow downs when a non-standard
+configuration is in play - e.g. thousands of block devices which sos
+would individually have to compare against tens of thousands of paths
+for every path the `block` plugin wants to collect.
+
+Improve this by first not expanding the forbidden path globs, but taking
+them as distinct patterns, translating from shell-style (to maintain
+historical precedent of using globs to specify paths to be skipped) to
+python regex patterns as needed. Second, use `re` to handle our pattern
+matching for comparison against the distinct patterns provided by a
+plugin to skip.
+
+Closes: #2938
+
+Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
+---
+ sos/report/plugins/__init__.py | 20 +++++++++-----------
+ sos/report/plugins/cgroups.py  |  6 ++----
+ sos/report/plugins/pulpcore.py |  2 +-
+ sos/report/plugins/rhui.py     |  2 +-
+ 4 files changed, 13 insertions(+), 17 deletions(-)
+
+diff --git a/sos/report/plugins/__init__.py b/sos/report/plugins/__init__.py
+index 2a42e6b0a..ba1397a8a 100644
+--- a/sos/report/plugins/__init__.py
++++ b/sos/report/plugins/__init__.py
+@@ -46,11 +46,6 @@ def _mangle_command(command, name_max):
+     return mangledname
+ 
+ 
+-def _path_in_path_list(path, path_list):
+-    return any((p == path or path.startswith(os.path.abspath(p)+os.sep)
+-                for p in path_list))
+-
+-
+ def _node_type(st):
+     """ return a string indicating the type of special node represented by
+     the stat buffer st (block, character, fifo, socket).
+@@ -1407,7 +1402,9 @@ def _get_dest_for_srcpath(self, srcpath):
+         return None
+ 
+     def _is_forbidden_path(self, path):
+-        return _path_in_path_list(path, self.forbidden_paths)
++        return any(
++            re.match(forbid, path) for forbid in self.forbidden_paths
++        )
+ 
+     def _is_policy_forbidden_path(self, path):
+         return any([
+@@ -1495,14 +1492,12 @@ def _do_copy_path(self, srcpath, dest=None):
+             'symlink': "no"
+         })
+ 
+-    def add_forbidden_path(self, forbidden, recursive=False):
++    def add_forbidden_path(self, forbidden):
+         """Specify a path, or list of paths, to not copy, even if it's part of
+         an ``add_copy_spec()`` call
+ 
+         :param forbidden: A filepath to forbid collection from
+         :type forbidden: ``str`` or a ``list`` of strings
+-
+-        :param recursive: Should forbidden glob be applied recursively
+         """
+         if isinstance(forbidden, str):
+             forbidden = [forbidden]
+@@ -1512,8 +1507,11 @@ def add_forbidden_path(self, forbidden, recursive=False):
+ 
+         for forbid in forbidden:
+             self._log_info("adding forbidden path '%s'" % forbid)
+-            for path in glob.glob(forbid, recursive=recursive):
+-                self.forbidden_paths.append(path)
++            if "*" in forbid:
++                # calling translate() here on a dir-level path will break the
++                # re.match() call during path comparison
++                forbid = fnmatch.translate(forbid)
++            self.forbidden_paths.append(forbid)
+ 
+     def set_option(self, optionname, value):
+         """Set the named option to value. Ensure the original type of the
+diff --git a/sos/report/plugins/pulpcore.py b/sos/report/plugins/pulpcore.py
+index 6c4237cae..f6bc194c7 100644
+--- a/sos/report/plugins/pulpcore.py
++++ b/sos/report/plugins/pulpcore.py
+@@ -89,7 +89,7 @@ class PulpCore(Plugin, IndependentPlugin
+             "/etc/pki/pulp/*"
+         ])
+         # skip collecting certificate keys
+-        self.add_forbidden_path("/etc/pki/pulp/**/*.key", recursive=True)
++        self.add_forbidden_path("/etc/pki/pulp/**/*.key")
+ 
+         self.add_cmd_output("rq info -u redis://localhost:6379/8",
+                             env={"LC_ALL": "en_US.UTF-8"},
+diff --git a/sos/report/plugins/rhui.py b/sos/report/plugins/rhui.py
+index add024613..8063fd51c 100644
+--- a/sos/report/plugins/rhui.py
++++ b/sos/report/plugins/rhui.py
+@@ -30,7 +30,7 @@ def setup(self):
+             "/var/log/rhui/*",
+         ])
+         # skip collecting certificate keys
+-        self.add_forbidden_path("/etc/pki/rhui/**/*.key", recursive=True)
++        self.add_forbidden_path("/etc/pki/rhui/**/*.key")
+ 
+         # call rhui-manager commands with 1m timeout and
+         # with an env. variable ensuring that "RHUI Username:"

sos.spec

@@ -5,7 +5,7 @@
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
 Version: 4.3
-Release: 2%{?dist}
+Release: 3%{?dist}
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
 Source1: sos-audit-%{auditversion}.tgz
@@ -31,6 +31,8 @@ Patch7: sos-bz2079484-list-plugins-ignore-options.patch
 Patch8: sos-bz2079486-timeouted-exec-cmd-exception.patch
 Patch9: sos-bz2058279-ocp-backports.patch
 Patch10: sos-bz2092969-openshift-ovn-disabled.patch
+Patch11: sos-bz2093993-vdsm-set-use-devicesfile-zero.patch
+Patch12: sos-bz2099598-forbidden-path-efficient.patch
 
 
 %description
@@ -52,6 +54,8 @@ support technicians and developers.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
+%patch12 -p1
 
 
 %build
@@ -120,6 +124,12 @@ of the system. Currently storage and filesystem commands are audited.
 %ghost /etc/audit/rules.d/40-sos-storage.rules
 
 %changelog
+* Mon Aug 29 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-3
+- [vdsm] Set LVM option use_devicesfile=0
+  Resolves: bz2093993
+- [Plugin] Make forbidden path checks more efficient
+  Resolves: bz2099598
+
 * Thu Jun 16 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-2
 - [ovirt] answer files: Filter out all password keys
   Resolves: bz2095263