rpms/libreport
7
0
Fork 0
Code Issues Pull Requests Releases Activity

rooptw lines, OpenStack secrets, ureport config

Browse Source
This commit is contained in:
Jakub Filak 2014-11-28 10:20:20 +01:00
parent d36c74f467
commit c47c38350a
7 changed files with 266 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
0032-anaconda-auto-remove-rootpw-lines.patch Normal file
View File

@ -0,0 +1,40 @@
From 95e51ffb1b5b6b283be9e3eebcf8e4a470532624 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 6 Nov 2014 06:34:35 +0100
Subject: [PATCH] anaconda: auto-remove rootpw lines
Replace that lines with:
<auto-removed line containing rootpw>
in the following files:
- backtrace
- ks.cfg
Related to #1041558
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/plugins/bugzilla_anaconda_event.conf | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/plugins/bugzilla_anaconda_event.conf b/src/plugins/bugzilla_anaconda_event.conf
index 430e5ee..923dda0 100644
--- a/src/plugins/bugzilla_anaconda_event.conf
+++ b/src/plugins/bugzilla_anaconda_event.conf
@@ -1,4 +1,13 @@
EVENT=report_Bugzilla component=anaconda
+ # remove sensitive information from the sensitive files
+ for sf in backtrace ks.cfg; do
+ if [ -f $sf ]; then
+ # blindly remove entire line
+ # filing a less usable bug is surely better than publishing passwords
+ sed 's/^.*rootpw.*$/<auto-removed line containing rootpw>/' -i $sf
+ fi
+ done
+ # file a bug in Bugzilla
reporter-bugzilla -b \
-F /etc/libreport/plugins/bugzilla_format_anaconda.conf \
-A /etc/libreport/plugins/bugzilla_formatdup_anaconda.conf
--
2.1.0

27
0033-wizard-put-rootpw-on-the-forbidden-words-list.patch Normal file
View File

@ -0,0 +1,27 @@
From ffdfc69e282ac858704bb1fe5a425420ca455db7 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 6 Nov 2014 06:35:53 +0100
Subject: [PATCH] wizard: put rootpw on the forbidden words list
Related to #1041558
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/gui-wizard-gtk/forbidden_words.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/gui-wizard-gtk/forbidden_words.conf b/src/gui-wizard-gtk/forbidden_words.conf
index deab04b..1fbc1ca 100644
--- a/src/gui-wizard-gtk/forbidden_words.conf
+++ b/src/gui-wizard-gtk/forbidden_words.conf
@@ -23,6 +23,7 @@ PASS
password
Password
PASSWORD
+rootpw
secret
Secret
SECRET
--
2.1.0

45
0034-problem_data-make-ks.cfg-file-editable.patch Normal file
View File

@ -0,0 +1,45 @@
From a26eed565ac3fe0282e7fbff5a9a446d51a5ed32 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 6 Nov 2014 06:43:42 +0100
Subject: [PATCH] problem_data: make ks.cfg file editable
Otherwise the GUI will not highlight the forbidden words in that file.
Related to #1041558
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/include/internal_libreport.h | 4 ++++
src/lib/problem_data.c | 1 +
2 files changed, 5 insertions(+)
diff --git a/src/include/internal_libreport.h b/src/include/internal_libreport.h
index 585b807..2e75de0 100644
--- a/src/include/internal_libreport.h
+++ b/src/include/internal_libreport.h
@@ -910,6 +910,10 @@ struct dump_dir *open_directory_for_writing(
#define FILENAME_ABRT_VERSION "abrt_version"
#define FILENAME_EXPLOITABLE "exploitable"
+/* File names related to Anaconda problems
+ */
+#define FILENAME_KICKSTART_CFG "ks.cfg"
+
// Not stored as files, added "on the fly":
#define CD_DUMPDIR "Directory"
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
index fc07288..c095f6c 100644
--- a/src/lib/problem_data.c
+++ b/src/lib/problem_data.c
@@ -261,6 +261,7 @@ static const char *const editable_files[] = {
//FILENAME_COUNT ,
//FILENAME_REPORTED_TO,
//FILENAME_EVENT_LOG ,
+ FILENAME_KICKSTART_CFG,
NULL
};
static bool is_editable_file(const char *file_name)
--
2.1.0

25
0035-ureport-uReport_ContactEmail-setting-can-be-left-emp.patch Normal file
View File

@ -0,0 +1,25 @@
From 98fba513ccf70f549dd1915628f1b780f7d4d5fc Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 27 Nov 2014 09:14:46 +0100
Subject: [PATCH] ureport: uReport_ContactEmail setting can be left empty
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/plugins/report_uReport.xml.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/plugins/report_uReport.xml.in b/src/plugins/report_uReport.xml.in
index 1147880..115b403 100644
--- a/src/plugins/report_uReport.xml.in
+++ b/src/plugins/report_uReport.xml.in
@@ -23,6 +23,7 @@
<option type="text" name="uReport_ContactEmail">
<_label>Contact email address</_label>
<_description>Email address that can be used by ABRT server to inform you about news and updates</_description>
+ <allow-empty>yes</allow-empty>
</option>
<option type="bool" name="uReport_SSLVerify">
<_label>Verify SSL</_label>
--
2.1.0

42
0036-forbidden-words-add-OpenStack-related-strings.patch Normal file
View File

@ -0,0 +1,42 @@
From 1a81dfacec4f1f5ad57f642ed02d373ae54e3baf Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 27 Nov 2014 08:49:29 +0100
Subject: [PATCH] forbidden words: add OpenStack related strings
"token" - Thanks Nathan Kinder <nkinder@redhat.com>
"key" - googled for "OpenStack environment variables"
"https" - forgotten
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/gui-wizard-gtk/forbidden_words.conf | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/gui-wizard-gtk/forbidden_words.conf b/src/gui-wizard-gtk/forbidden_words.conf
index 1fbc1ca..45725ce 100644
--- a/src/gui-wizard-gtk/forbidden_words.conf
+++ b/src/gui-wizard-gtk/forbidden_words.conf
@@ -11,6 +11,10 @@ banking
Banking
BANKING
http://
+https://
+key
+Key
+KEY
login
Login
LOGIN
@@ -27,6 +31,9 @@ rootpw
secret
Secret
SECRET
+token
+Token
+TOKEN
username
Username
USERNAME
--
2.1.0

74
0037-anaconda-mark-anaconda-tb-as-editable-file-and-remov.patch Normal file
View File

@ -0,0 +1,74 @@
From 6e2e2da6736476c8260871988d8e44a4c7797b3f Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Tue, 18 Nov 2014 10:18:32 +0100
Subject: [PATCH] anaconda: mark anaconda-tb as editable file and remove rootpw
lines
anaconda-tb file contains the main information about Anaconda problems.
report-gtk won't be highlighting forbidden words, because anaconda-tb
contains many false positives words as the file is mainly composed of
log outputs.
Related to #1041558
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/gui-wizard-gtk/wizard.c | 2 +-
src/include/internal_libreport.h | 1 +
src/lib/problem_data.c | 1 +
src/plugins/bugzilla_anaconda_event.conf | 2 +-
4 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/gui-wizard-gtk/wizard.c b/src/gui-wizard-gtk/wizard.c
index 8d0429e..ab6123f 100644
--- a/src/gui-wizard-gtk/wizard.c
+++ b/src/gui-wizard-gtk/wizard.c
@@ -1185,7 +1185,7 @@ static void append_item_to_ls_details(gpointer name, gpointer value, gpointer da
//FIXME: use the human-readable problem_item_format(item) instead of item->content.
if (item->flags & CD_FLAG_TXT)
{
- if (item->flags & CD_FLAG_ISEDITABLE)
+ if (item->flags & CD_FLAG_ISEDITABLE && strcmp(name, FILENAME_ANACONDA_TB) != 0)
{
GtkWidget *tab_lbl = gtk_label_new((char *)name);
GtkWidget *tev = gtk_text_view_new();
diff --git a/src/include/internal_libreport.h b/src/include/internal_libreport.h
index 2e75de0..d664fa4 100644
--- a/src/include/internal_libreport.h
+++ b/src/include/internal_libreport.h
@@ -913,6 +913,7 @@ struct dump_dir *open_directory_for_writing(
/* File names related to Anaconda problems
*/
#define FILENAME_KICKSTART_CFG "ks.cfg"
+#define FILENAME_ANACONDA_TB "anaconda-tb"
// Not stored as files, added "on the fly":
#define CD_DUMPDIR "Directory"
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
index c095f6c..c57e57f 100644
--- a/src/lib/problem_data.c
+++ b/src/lib/problem_data.c
@@ -262,6 +262,7 @@ static const char *const editable_files[] = {
//FILENAME_REPORTED_TO,
//FILENAME_EVENT_LOG ,
FILENAME_KICKSTART_CFG,
+ FILENAME_ANACONDA_TB,
NULL
};
static bool is_editable_file(const char *file_name)
diff --git a/src/plugins/bugzilla_anaconda_event.conf b/src/plugins/bugzilla_anaconda_event.conf
index 923dda0..e45a10a 100644
--- a/src/plugins/bugzilla_anaconda_event.conf
+++ b/src/plugins/bugzilla_anaconda_event.conf
@@ -1,6 +1,6 @@
EVENT=report_Bugzilla component=anaconda
# remove sensitive information from the sensitive files
- for sf in backtrace ks.cfg; do
+ for sf in backtrace ks.cfg anaconda-tb; do
if [ -f $sf ]; then
# blindly remove entire line
# filing a less usable bug is surely better than publishing passwords
--
2.1.0

14
libreport.spec
View File

@ -7,7 +7,7 @@
Summary: Generic library for reporting various problems
Name: libreport
Version: 2.3.0
Release: 6%{?dist}
Release: 7%{?dist}
License: GPLv2+
Group: System Environment/Libraries
URL: https://github.com/abrt/abrt/wiki/ABRT-Project
@ -47,6 +47,13 @@ Patch0027: 0027-testsuite-do-not-expected-ureport-exiting-on-rhsm-ce.patch
Patch0029: 0029-Prevent-duplicate-values-for-CODE_-fields-being-logg.patch
#Patch0030: 0030-spec-update-the-URL.patch
Patch0031: 0031-Revert-ureport-use-rhsm-ssl-client-auth-by-default.patch
Patch0032: 0032-anaconda-auto-remove-rootpw-lines.patch
Patch0033: 0033-wizard-put-rootpw-on-the-forbidden-words-list.patch
Patch0034: 0034-problem_data-make-ks.cfg-file-editable.patch
Patch0035: 0035-ureport-uReport_ContactEmail-setting-can-be-left-emp.patch
Patch0036: 0036-forbidden-words-add-OpenStack-related-strings.patch
Patch0037: 0037-anaconda-mark-anaconda-tb-as-editable-file-and-remov.patch
Patch1001: 0001-Temporary-Rawhide-patch-test-FAF-s-Webui2.patch
# git is need for '%%autosetup -S git' which automatically applies all the
@ -710,6 +717,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%changelog
* Fri Nov 28 2014 Jakub Filak <jfilak@redhat.com> 2.3.0-7
- anaconda: filter out rootpw lines
- highglit OpenStack related strings
- ureport: do not bother user with the configuration window
* Thu Nov 13 2014 Jakub Filak <jfilak@redhat.com> 2.3.0-6
- ureport: do not use 'rhsm' SSL auth by default