import sos-4.1-3.el8

SOURCES/sos-bz1886711-enhance-tc-hw-offload.patch

@@ -0,0 +1,32 @@
+From bbb7f8bf522960a8ca7625f539e9e5d109abb704 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Wed, 19 May 2021 08:31:45 +0200
+Subject: [PATCH] [networking] collect also tc filter show ingress
+
+Both "tc -s filter show dev %eth [|ingress]" commands required as
+they provide different output.
+
+Resolves: #2550
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ sos/report/plugins/networking.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sos/report/plugins/networking.py b/sos/report/plugins/networking.py
+index acfa027f..35646268 100644
+--- a/sos/report/plugins/networking.py
++++ b/sos/report/plugins/networking.py
+@@ -156,7 +156,8 @@ class Networking(Plugin):
+                 "ethtool --phy-statistics " + eth,
+                 "ethtool --show-priv-flags " + eth,
+                 "ethtool --show-eee " + eth,
+-                "tc -s filter show dev " + eth
++                "tc -s filter show dev " + eth,
++                "tc -s filter show dev " + eth + " ingress",
+             ], tags=eth)
+ 
+             # skip EEPROM collection by default, as it might hang or
+-- 
+2.26.3
+

SOURCES/sos-bz1925419-all-gluster-files.patch

@@ -0,0 +1,39 @@
+From 4fb834ec862228afb276ccbd45aa86c66044ea66 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Mon, 15 Mar 2021 09:09:51 +0100
+Subject: [PATCH] [gluster] collect public keys from the right dir
+
+Collection of glusterfind dir is achieved by /var/lib/gluster
+so it doesn't be collected explicitly.
+
+/var/lib/glusterd/glusterfind/.keys/ subdir is required to be
+explicitly collected, as add_copy_spec uses glob.glob() that skips
+hidden files.
+
+Resolves: #2451
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
+---
+ sos/report/plugins/gluster.py | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/sos/report/plugins/gluster.py b/sos/report/plugins/gluster.py
+index e1a89df2..952cab63 100644
+--- a/sos/report/plugins/gluster.py
++++ b/sos/report/plugins/gluster.py
+@@ -76,9 +76,8 @@ class Gluster(Plugin, RedHatPlugin):
+             "/var/lib/glusterd/",
+             # collect nfs-ganesha related configuration
+             "/run/gluster/shared_storage/nfs-ganesha/",
+-            # collect status files and public ssh keys
+-            "/var/lib/glusterd/.keys/",
+-            "/var/lib/glusterd/glusterfind/"
++            # collect public ssh keys (a_s_c skips implicit hidden files)
++            "/var/lib/glusterd/glusterfind/.keys/",
+         ] + glob.glob('/run/gluster/*tier-dht/*'))
+ 
+         if not self.get_option("all_logs"):
+-- 
+2.26.3
+

SOURCES/sos-bz1964499-obfuscate-fqdn-from-dnf-log.patch

@@ -0,0 +1,78 @@
+From b27140a9126ea82efb517d60bf1b8455aaf4f5a6 Mon Sep 17 00:00:00 2001
+From: Jake Hunsaker <jhunsake@redhat.com>
+Date: Fri, 26 Mar 2021 11:12:33 -0400
+Subject: [PATCH] [cleaner] Only skip packaging-based files for the IP parser
+
+Files primarily containing package information, e.g. `installed-rpms` or
+`installed-debs`, were previously being skipped by all parsers. In
+reality, we only need to skip these for the IP parser due to the fact
+that version numbers often generate a match for IP address regexes.
+
+This will also fix a problem where if a system was the build host for
+certain packages, the hostname would remain in these files as the
+hostname parser was previously not checking these files.
+
+Closes: #2400
+Resolves: #2464
+
+Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
+---
+ sos/cleaner/obfuscation_archive.py | 10 ----------
+ sos/cleaner/parsers/ip_parser.py   | 16 ++++++++++++++++
+ 2 files changed, 16 insertions(+), 10 deletions(-)
+
+diff --git a/sos/cleaner/obfuscation_archive.py b/sos/cleaner/obfuscation_archive.py
+index 981cc05f..84ca30cd 100644
+--- a/sos/cleaner/obfuscation_archive.py
++++ b/sos/cleaner/obfuscation_archive.py
+@@ -59,20 +59,10 @@ class SoSObfuscationArchive():
+         Returns: list of files and file regexes
+         """
+         return [
+-            'installed-debs',
+-            'installed-rpms',
+-            'sos_commands/dpkg',
+-            'sos_commands/python/pip_list',
+-            'sos_commands/rpm',
+-            'sos_commands/yum/.*list.*',
+-            'sos_commands/snappy/snap_list_--all',
+-            'sos_commands/snappy/snap_--version',
+-            'sos_commands/vulkan/vulkaninfo',
+             'sys/firmware',
+             'sys/fs',
+             'sys/kernel/debug',
+             'sys/module',
+-            'var/log/.*dnf.*',
+             r'.*\.tar$',  # TODO: support archive unpacking
+             # Be explicit with these tar matches to avoid matching commands
+             r'.*\.tar\.xz',
+diff --git a/sos/cleaner/parsers/ip_parser.py b/sos/cleaner/parsers/ip_parser.py
+index 3ea7f865..08d1cd05 100644
+--- a/sos/cleaner/parsers/ip_parser.py
++++ b/sos/cleaner/parsers/ip_parser.py
+@@ -24,6 +24,22 @@ class SoSIPParser(SoSCleanerParser):
+         # don't match package versions recorded in journals
+         r'.*dnf\[.*\]:'
+     ]
++
++    skip_files = [
++        # skip these as version numbers will frequently look like IP addresses
++        # when using regex matching
++        'installed-debs',
++        'installed-rpms',
++        'sos_commands/dpkg',
++        'sos_commands/python/pip_list',
++        'sos_commands/rpm',
++        'sos_commands/yum/.*list.*',
++        'sos_commands/snappy/snap_list_--all',
++        'sos_commands/snappy/snap_--version',
++        'sos_commands/vulkan/vulkaninfo',
++        'var/log/.*dnf.*'
++    ]
++
+     map_file_key = 'ip_map'
+     prep_map_file = 'sos_commands/networking/ip_-o_addr'
+ 
+-- 
+2.26.3
+

SOURCES/sos-bz1965001-fix-avc-copystating-proc-sys.patch

@@ -0,0 +1,135 @@
+From 206d65618f20995b168dcc63090d1e6871450e90 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Wed, 26 May 2021 15:45:26 +0200
+Subject: [PATCH] [archive] skip copying SELinux context for /proc and /sys
+ everytime
+
+A supplement of #1399 fix, now also for adding strings or special
+device files.
+
+Also adding a (vendor) test case for it.
+
+Resolves: #2560
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ sos/archive.py                           | 35 +++++++++++----------
+ tests/vendor_tests/redhat/rhbz1965001.py | 39 ++++++++++++++++++++++++
+ 2 files changed, 56 insertions(+), 18 deletions(-)
+ create mode 100644 tests/vendor_tests/redhat/rhbz1965001.py
+
+diff --git a/sos/archive.py b/sos/archive.py
+index 4dd31d75..b02b2475 100644
+--- a/sos/archive.py
++++ b/sos/archive.py
+@@ -326,6 +326,20 @@ class FileCacheArchive(Archive):
+             return None
+         return dest
+ 
++    def _copy_attributes(self, src, dest):
++        # copy file attributes, skip SELinux xattrs for /sys and /proc
++        try:
++            stat = os.stat(src)
++            if src.startswith("/sys/") or src.startswith("/proc/"):
++                shutil.copymode(src, dest)
++                os.utime(dest, ns=(stat.st_atime_ns, stat.st_mtime_ns))
++            else:
++                shutil.copystat(src, dest)
++            os.chown(dest, stat.st_uid, stat.st_gid)
++        except Exception as e:
++            self.log_debug("caught '%s' setting attributes of '%s'"
++                           % (e, dest))
++
+     def add_file(self, src, dest=None):
+         with self._path_lock:
+             if not dest:
+@@ -348,18 +362,7 @@ class FileCacheArchive(Archive):
+                     else:
+                         self.log_info("File %s not collected: '%s'" % (src, e))
+ 
+-                # copy file attributes, skip SELinux xattrs for /sys and /proc
+-                try:
+-                    stat = os.stat(src)
+-                    if src.startswith("/sys/") or src.startswith("/proc/"):
+-                        shutil.copymode(src, dest)
+-                        os.utime(dest, ns=(stat.st_atime_ns, stat.st_mtime_ns))
+-                    else:
+-                        shutil.copystat(src, dest)
+-                    os.chown(dest, stat.st_uid, stat.st_gid)
+-                except Exception as e:
+-                    self.log_debug("caught '%s' setting attributes of '%s'"
+-                                   % (e, dest))
++                self._copy_attributes(src, dest)
+                 file_name = "'%s'" % src
+             else:
+                 # Open file case: first rewind the file to obtain
+@@ -388,11 +391,7 @@ class FileCacheArchive(Archive):
+                 content = content.decode('utf8', 'ignore')
+             f.write(content)
+             if os.path.exists(src):
+-                try:
+-                    shutil.copystat(src, dest)
+-                except OSError as e:
+-                    self.log_error("Unable to add '%s' to archive: %s" %
+-                                   (dest, e))
++                self._copy_attributes(src, dest)
+             self.log_debug("added string at '%s' to FileCacheArchive '%s'"
+                            % (src, self._archive_root))
+ 
+@@ -501,7 +500,7 @@ class FileCacheArchive(Archive):
+                     self.log_info("add_node: %s - mknod '%s'" % (msg, dest))
+                     return
+                 raise e
+-            shutil.copystat(path, dest)
++            self._copy_attributes(path, dest)
+ 
+     def name_max(self):
+         if 'PC_NAME_MAX' in os.pathconf_names:
+diff --git a/tests/vendor_tests/redhat/rhbz1965001.py b/tests/vendor_tests/redhat/rhbz1965001.py
+new file mode 100644
+index 00000000..aa16ba81
+--- /dev/null
++++ b/tests/vendor_tests/redhat/rhbz1965001.py
+@@ -0,0 +1,39 @@
++# This file is part of the sos project: https://github.com/sosreport/sos
++#
++# This copyrighted material is made available to anyone wishing to use,
++# modify, copy, or redistribute it subject to the terms and conditions of
++# version 2 of the GNU General Public License.
++#
++# See the LICENSE file in the source distribution for further information.
++
++
++import tempfile
++import shutil
++from sos_tests import StageOneReportTest
++
++
++class rhbz1965001(StageOneReportTest):
++    """
++    Copying /proc/sys/vm/{compact_memory,drop_caches} must ignore SELinux
++    context, otherwise an attempt to set the context to files under some
++    directories like /tmp raises an AVC denial, and an ERROR
++    "Unable to add '...' to archive: [Errno 13] Permission denied: '...'
++    is raise.
++
++    https://bugzilla.redhat.com/show_bug.cgi?id=1965001
++
++    :avocado: enable
++    :avocado: tags=stageone
++    """
++
++    sos_cmd = '-o system'
++    # it is crucial to run the test case with --tmp-dir=/tmp/... as that is
++    # (an example of) directory exhibiting the relabel permission deny.
++    # /var/tmp directory allows those relabels.
++    #
++    # the directory shouldn't exist at this moment, otherwise
++    # "check to prevent multiple setUp() runs" in sos_tests.py would fail
++    _tmpdir = '/tmp/rhbz1965001_avocado_test'
++
++    def test_no_permission_denied(self):
++        self.assertSosLogNotContains("Permission denied")
+-- 
+2.26.3
+

SOURCES/sos-bz1967613-sssd-common.patch

@@ -0,0 +1,36 @@
+From 630dfbee936050698d33b59abd1e243c44e50af8 Mon Sep 17 00:00:00 2001
+From: Jan Jansky <jjansky@redhat.com>
+Date: Thu, 3 Jun 2021 15:04:57 +0200
+Subject: [PATCH] [sssd] sssd plugin when sssd-common
+
+We have reports that sssd logs are not
+collected, when we investigated
+we found associate wants to collect
+sssd related logs also when only
+sssd-common package is installed.
+
+We got this confirmed by sbr-idm.
+
+Resolves: #2571
+
+Signed-off-by: Jan Jansky <jjansky@redhat.com>
+---
+ sos/report/plugins/sssd.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sos/report/plugins/sssd.py b/sos/report/plugins/sssd.py
+index 17933935..6f98e90c 100644
+--- a/sos/report/plugins/sssd.py
++++ b/sos/report/plugins/sssd.py
+@@ -19,7 +19,7 @@ class Sssd(Plugin):
+ 
+     plugin_name = "sssd"
+     profiles = ('services', 'security', 'identity')
+-    packages = ('sssd',)
++    packages = ('sssd', 'sssd-common')
+ 
+     def setup(self):
+         self.add_copy_spec([
+-- 
+2.26.3
+

SPECS/sos.spec

@@ -5,7 +5,7 @@
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
 Version: 4.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
 Source1: sos-audit-%{auditversion}.tgz
@@ -31,6 +31,12 @@ Patch8: sos-bz1956673-pulpcore-plugin.patch
 Patch9: sos-bz1959413-saphana-traceback.patch
 Patch10: sos-bz1961458-collect-nstat.patch
 Patch11: sos-bz1961229-snapper-plugin-and-allocation-failures.patch
+Patch12: sos-bz1925419-all-gluster-files.patch
+Patch13: sos-bz1964499-obfuscate-fqdn-from-dnf-log.patch
+Patch14: sos-bz1886711-enhance-tc-hw-offload.patch
+Patch15: sos-bz1965001-fix-avc-copystating-proc-sys.patch
+Patch16: sos-bz1967613-sssd-common.patch
+Patch17: sos-bz1973675-ocp-cluster-cleaner.patch
 
 
 %description
@@ -53,6 +59,12 @@ support technicians and developers.
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
 
 %build
 %py3_build
@@ -116,6 +128,20 @@ of the system. Currently storage and filesystem commands are audited.
 %ghost /etc/audit/rules.d/40-sos-storage.rules
 
 %changelog
+* Mon Jun 21 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-3
+- [gluster] collect public keys from the right dir
+  Resolves: bz1925419
+- [cleaner] Only skip packaging-based files for the IP parse
+  Resolves: bz1964499
+- [networking] collect also tc filter show ingress
+  Resolves: bz1886711
+- [archive] skip copying SELinux context for /proc and /sys
+  Resolves: bz1965001
+- [sssd] sssd plugin when sssd-common
+  Resolves: bz1967613
+- Various OCP/cluster/cleanup enhancements
+  Resolves: bz1973675
+
 * Tue May 18 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-2
 - Load maps from all archives before obfuscation
   Resolves: bz1930181