rooptw lines, OpenStack secrets, ureport config
This commit is contained in:
parent
d36c74f467
commit
c47c38350a
40
0032-anaconda-auto-remove-rootpw-lines.patch
Normal file
40
0032-anaconda-auto-remove-rootpw-lines.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
From 95e51ffb1b5b6b283be9e3eebcf8e4a470532624 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Thu, 6 Nov 2014 06:34:35 +0100
|
||||||
|
Subject: [PATCH] anaconda: auto-remove rootpw lines
|
||||||
|
|
||||||
|
Replace that lines with:
|
||||||
|
<auto-removed line containing rootpw>
|
||||||
|
|
||||||
|
in the following files:
|
||||||
|
- backtrace
|
||||||
|
- ks.cfg
|
||||||
|
|
||||||
|
Related to #1041558
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/plugins/bugzilla_anaconda_event.conf | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/plugins/bugzilla_anaconda_event.conf b/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
index 430e5ee..923dda0 100644
|
||||||
|
--- a/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
+++ b/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
@@ -1,4 +1,13 @@
|
||||||
|
EVENT=report_Bugzilla component=anaconda
|
||||||
|
+ # remove sensitive information from the sensitive files
|
||||||
|
+ for sf in backtrace ks.cfg; do
|
||||||
|
+ if [ -f $sf ]; then
|
||||||
|
+ # blindly remove entire line
|
||||||
|
+ # filing a less usable bug is surely better than publishing passwords
|
||||||
|
+ sed 's/^.*rootpw.*$/<auto-removed line containing rootpw>/' -i $sf
|
||||||
|
+ fi
|
||||||
|
+ done
|
||||||
|
+ # file a bug in Bugzilla
|
||||||
|
reporter-bugzilla -b \
|
||||||
|
-F /etc/libreport/plugins/bugzilla_format_anaconda.conf \
|
||||||
|
-A /etc/libreport/plugins/bugzilla_formatdup_anaconda.conf
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
27
0033-wizard-put-rootpw-on-the-forbidden-words-list.patch
Normal file
27
0033-wizard-put-rootpw-on-the-forbidden-words-list.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
From ffdfc69e282ac858704bb1fe5a425420ca455db7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Thu, 6 Nov 2014 06:35:53 +0100
|
||||||
|
Subject: [PATCH] wizard: put rootpw on the forbidden words list
|
||||||
|
|
||||||
|
Related to #1041558
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/gui-wizard-gtk/forbidden_words.conf | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/src/gui-wizard-gtk/forbidden_words.conf b/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
index deab04b..1fbc1ca 100644
|
||||||
|
--- a/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
+++ b/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
@@ -23,6 +23,7 @@ PASS
|
||||||
|
password
|
||||||
|
Password
|
||||||
|
PASSWORD
|
||||||
|
+rootpw
|
||||||
|
secret
|
||||||
|
Secret
|
||||||
|
SECRET
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
45
0034-problem_data-make-ks.cfg-file-editable.patch
Normal file
45
0034-problem_data-make-ks.cfg-file-editable.patch
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
From a26eed565ac3fe0282e7fbff5a9a446d51a5ed32 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Thu, 6 Nov 2014 06:43:42 +0100
|
||||||
|
Subject: [PATCH] problem_data: make ks.cfg file editable
|
||||||
|
|
||||||
|
Otherwise the GUI will not highlight the forbidden words in that file.
|
||||||
|
|
||||||
|
Related to #1041558
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/include/internal_libreport.h | 4 ++++
|
||||||
|
src/lib/problem_data.c | 1 +
|
||||||
|
2 files changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/include/internal_libreport.h b/src/include/internal_libreport.h
|
||||||
|
index 585b807..2e75de0 100644
|
||||||
|
--- a/src/include/internal_libreport.h
|
||||||
|
+++ b/src/include/internal_libreport.h
|
||||||
|
@@ -910,6 +910,10 @@ struct dump_dir *open_directory_for_writing(
|
||||||
|
#define FILENAME_ABRT_VERSION "abrt_version"
|
||||||
|
#define FILENAME_EXPLOITABLE "exploitable"
|
||||||
|
|
||||||
|
+/* File names related to Anaconda problems
|
||||||
|
+ */
|
||||||
|
+#define FILENAME_KICKSTART_CFG "ks.cfg"
|
||||||
|
+
|
||||||
|
// Not stored as files, added "on the fly":
|
||||||
|
#define CD_DUMPDIR "Directory"
|
||||||
|
|
||||||
|
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
|
||||||
|
index fc07288..c095f6c 100644
|
||||||
|
--- a/src/lib/problem_data.c
|
||||||
|
+++ b/src/lib/problem_data.c
|
||||||
|
@@ -261,6 +261,7 @@ static const char *const editable_files[] = {
|
||||||
|
//FILENAME_COUNT ,
|
||||||
|
//FILENAME_REPORTED_TO,
|
||||||
|
//FILENAME_EVENT_LOG ,
|
||||||
|
+ FILENAME_KICKSTART_CFG,
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
static bool is_editable_file(const char *file_name)
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
@ -0,0 +1,25 @@
|
|||||||
|
From 98fba513ccf70f549dd1915628f1b780f7d4d5fc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Thu, 27 Nov 2014 09:14:46 +0100
|
||||||
|
Subject: [PATCH] ureport: uReport_ContactEmail setting can be left empty
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/plugins/report_uReport.xml.in | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/src/plugins/report_uReport.xml.in b/src/plugins/report_uReport.xml.in
|
||||||
|
index 1147880..115b403 100644
|
||||||
|
--- a/src/plugins/report_uReport.xml.in
|
||||||
|
+++ b/src/plugins/report_uReport.xml.in
|
||||||
|
@@ -23,6 +23,7 @@
|
||||||
|
<option type="text" name="uReport_ContactEmail">
|
||||||
|
<_label>Contact email address</_label>
|
||||||
|
<_description>Email address that can be used by ABRT server to inform you about news and updates</_description>
|
||||||
|
+ <allow-empty>yes</allow-empty>
|
||||||
|
</option>
|
||||||
|
<option type="bool" name="uReport_SSLVerify">
|
||||||
|
<_label>Verify SSL</_label>
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
42
0036-forbidden-words-add-OpenStack-related-strings.patch
Normal file
42
0036-forbidden-words-add-OpenStack-related-strings.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
From 1a81dfacec4f1f5ad57f642ed02d373ae54e3baf Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Thu, 27 Nov 2014 08:49:29 +0100
|
||||||
|
Subject: [PATCH] forbidden words: add OpenStack related strings
|
||||||
|
|
||||||
|
"token" - Thanks Nathan Kinder <nkinder@redhat.com>
|
||||||
|
"key" - googled for "OpenStack environment variables"
|
||||||
|
"https" - forgotten
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/gui-wizard-gtk/forbidden_words.conf | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/gui-wizard-gtk/forbidden_words.conf b/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
index 1fbc1ca..45725ce 100644
|
||||||
|
--- a/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
+++ b/src/gui-wizard-gtk/forbidden_words.conf
|
||||||
|
@@ -11,6 +11,10 @@ banking
|
||||||
|
Banking
|
||||||
|
BANKING
|
||||||
|
http://
|
||||||
|
+https://
|
||||||
|
+key
|
||||||
|
+Key
|
||||||
|
+KEY
|
||||||
|
login
|
||||||
|
Login
|
||||||
|
LOGIN
|
||||||
|
@@ -27,6 +31,9 @@ rootpw
|
||||||
|
secret
|
||||||
|
Secret
|
||||||
|
SECRET
|
||||||
|
+token
|
||||||
|
+Token
|
||||||
|
+TOKEN
|
||||||
|
username
|
||||||
|
Username
|
||||||
|
USERNAME
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
@ -0,0 +1,74 @@
|
|||||||
|
From 6e2e2da6736476c8260871988d8e44a4c7797b3f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Filak <jfilak@redhat.com>
|
||||||
|
Date: Tue, 18 Nov 2014 10:18:32 +0100
|
||||||
|
Subject: [PATCH] anaconda: mark anaconda-tb as editable file and remove rootpw
|
||||||
|
lines
|
||||||
|
|
||||||
|
anaconda-tb file contains the main information about Anaconda problems.
|
||||||
|
|
||||||
|
report-gtk won't be highlighting forbidden words, because anaconda-tb
|
||||||
|
contains many false positives words as the file is mainly composed of
|
||||||
|
log outputs.
|
||||||
|
|
||||||
|
Related to #1041558
|
||||||
|
|
||||||
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
||||||
|
---
|
||||||
|
src/gui-wizard-gtk/wizard.c | 2 +-
|
||||||
|
src/include/internal_libreport.h | 1 +
|
||||||
|
src/lib/problem_data.c | 1 +
|
||||||
|
src/plugins/bugzilla_anaconda_event.conf | 2 +-
|
||||||
|
4 files changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/gui-wizard-gtk/wizard.c b/src/gui-wizard-gtk/wizard.c
|
||||||
|
index 8d0429e..ab6123f 100644
|
||||||
|
--- a/src/gui-wizard-gtk/wizard.c
|
||||||
|
+++ b/src/gui-wizard-gtk/wizard.c
|
||||||
|
@@ -1185,7 +1185,7 @@ static void append_item_to_ls_details(gpointer name, gpointer value, gpointer da
|
||||||
|
//FIXME: use the human-readable problem_item_format(item) instead of item->content.
|
||||||
|
if (item->flags & CD_FLAG_TXT)
|
||||||
|
{
|
||||||
|
- if (item->flags & CD_FLAG_ISEDITABLE)
|
||||||
|
+ if (item->flags & CD_FLAG_ISEDITABLE && strcmp(name, FILENAME_ANACONDA_TB) != 0)
|
||||||
|
{
|
||||||
|
GtkWidget *tab_lbl = gtk_label_new((char *)name);
|
||||||
|
GtkWidget *tev = gtk_text_view_new();
|
||||||
|
diff --git a/src/include/internal_libreport.h b/src/include/internal_libreport.h
|
||||||
|
index 2e75de0..d664fa4 100644
|
||||||
|
--- a/src/include/internal_libreport.h
|
||||||
|
+++ b/src/include/internal_libreport.h
|
||||||
|
@@ -913,6 +913,7 @@ struct dump_dir *open_directory_for_writing(
|
||||||
|
/* File names related to Anaconda problems
|
||||||
|
*/
|
||||||
|
#define FILENAME_KICKSTART_CFG "ks.cfg"
|
||||||
|
+#define FILENAME_ANACONDA_TB "anaconda-tb"
|
||||||
|
|
||||||
|
// Not stored as files, added "on the fly":
|
||||||
|
#define CD_DUMPDIR "Directory"
|
||||||
|
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
|
||||||
|
index c095f6c..c57e57f 100644
|
||||||
|
--- a/src/lib/problem_data.c
|
||||||
|
+++ b/src/lib/problem_data.c
|
||||||
|
@@ -262,6 +262,7 @@ static const char *const editable_files[] = {
|
||||||
|
//FILENAME_REPORTED_TO,
|
||||||
|
//FILENAME_EVENT_LOG ,
|
||||||
|
FILENAME_KICKSTART_CFG,
|
||||||
|
+ FILENAME_ANACONDA_TB,
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
static bool is_editable_file(const char *file_name)
|
||||||
|
diff --git a/src/plugins/bugzilla_anaconda_event.conf b/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
index 923dda0..e45a10a 100644
|
||||||
|
--- a/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
+++ b/src/plugins/bugzilla_anaconda_event.conf
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
EVENT=report_Bugzilla component=anaconda
|
||||||
|
# remove sensitive information from the sensitive files
|
||||||
|
- for sf in backtrace ks.cfg; do
|
||||||
|
+ for sf in backtrace ks.cfg anaconda-tb; do
|
||||||
|
if [ -f $sf ]; then
|
||||||
|
# blindly remove entire line
|
||||||
|
# filing a less usable bug is surely better than publishing passwords
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
@ -7,7 +7,7 @@
|
|||||||
Summary: Generic library for reporting various problems
|
Summary: Generic library for reporting various problems
|
||||||
Name: libreport
|
Name: libreport
|
||||||
Version: 2.3.0
|
Version: 2.3.0
|
||||||
Release: 6%{?dist}
|
Release: 7%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
URL: https://github.com/abrt/abrt/wiki/ABRT-Project
|
URL: https://github.com/abrt/abrt/wiki/ABRT-Project
|
||||||
@ -47,6 +47,13 @@ Patch0027: 0027-testsuite-do-not-expected-ureport-exiting-on-rhsm-ce.patch
|
|||||||
Patch0029: 0029-Prevent-duplicate-values-for-CODE_-fields-being-logg.patch
|
Patch0029: 0029-Prevent-duplicate-values-for-CODE_-fields-being-logg.patch
|
||||||
#Patch0030: 0030-spec-update-the-URL.patch
|
#Patch0030: 0030-spec-update-the-URL.patch
|
||||||
Patch0031: 0031-Revert-ureport-use-rhsm-ssl-client-auth-by-default.patch
|
Patch0031: 0031-Revert-ureport-use-rhsm-ssl-client-auth-by-default.patch
|
||||||
|
Patch0032: 0032-anaconda-auto-remove-rootpw-lines.patch
|
||||||
|
Patch0033: 0033-wizard-put-rootpw-on-the-forbidden-words-list.patch
|
||||||
|
Patch0034: 0034-problem_data-make-ks.cfg-file-editable.patch
|
||||||
|
Patch0035: 0035-ureport-uReport_ContactEmail-setting-can-be-left-emp.patch
|
||||||
|
Patch0036: 0036-forbidden-words-add-OpenStack-related-strings.patch
|
||||||
|
Patch0037: 0037-anaconda-mark-anaconda-tb-as-editable-file-and-remov.patch
|
||||||
|
|
||||||
Patch1001: 0001-Temporary-Rawhide-patch-test-FAF-s-Webui2.patch
|
Patch1001: 0001-Temporary-Rawhide-patch-test-FAF-s-Webui2.patch
|
||||||
|
|
||||||
# git is need for '%%autosetup -S git' which automatically applies all the
|
# git is need for '%%autosetup -S git' which automatically applies all the
|
||||||
@ -710,6 +717,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Nov 28 2014 Jakub Filak <jfilak@redhat.com> 2.3.0-7
|
||||||
|
- anaconda: filter out rootpw lines
|
||||||
|
- highglit OpenStack related strings
|
||||||
|
- ureport: do not bother user with the configuration window
|
||||||
|
|
||||||
* Thu Nov 13 2014 Jakub Filak <jfilak@redhat.com> 2.3.0-6
|
* Thu Nov 13 2014 Jakub Filak <jfilak@redhat.com> 2.3.0-6
|
||||||
- ureport: do not use 'rhsm' SSL auth by default
|
- ureport: do not use 'rhsm' SSL auth by default
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user