diff --git a/.gitignore b/.gitignore index 417e765..6862be6 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,4 @@ sos-2.2.tar.gz /sos-audit-0.3.tgz /sos-4.3.tar.gz /sos-4.4.tar.gz +/sos-4.5.0.tar.gz diff --git a/sos-bz2125499-yum-legacy-links.patch b/sos-bz2125499-yum-legacy-links.patch deleted file mode 100644 index ad8cc50..0000000 --- a/sos-bz2125499-yum-legacy-links.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 0b81b7ef780171af4431db656809f10d1683bc4c Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Tue, 20 Sep 2022 22:11:48 +0200 -Subject: [PATCH 1/2] [dnf] Collect legacy yum config and dnf global vars - -Some systems might rely on legacy yum config with default symlinks to -dnf config - sos should collect the symlinks. - -Additionally, collect dnf global vars. - -Related: #3031 - -Signed-off-by: Pavel Moravec ---- - sos/report/plugins/dnf.py | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/sos/report/plugins/dnf.py b/sos/report/plugins/dnf.py -index 59b8de6c..82078faf 100644 ---- a/sos/report/plugins/dnf.py -+++ b/sos/report/plugins/dnf.py -@@ -55,7 +55,12 @@ class DNFPlugin(Plugin, RedHatPlugin): - '/etc/dnf/modules.d/.*.module': 'dnf_modules' - }) - -- self.add_copy_spec("/etc/dnf/") -+ self.add_copy_spec([ -+ "/etc/dnf/", -+ "/etc/yum.conf", -+ "/etc/yum/pluginconf.d/", -+ "/etc/yum/vars/", -+ ]) - self.add_copy_spec("/etc/yum.repos.d/", - tags=['yum_repos_d', 'dnf_repos_d', 'dnf_repo']) - --- -2.37.3 - - -From ff17d6486f349dcdc115e898cc50c3845578aef3 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Tue, 20 Sep 2022 22:20:51 +0200 -Subject: [PATCH 2/2] [dnf] Obfuscate all passwords from all vars - -- obfuscate also "password=.." variable values -- apply the obfuscation also to global vars dir - -Resolves: #3031 - -Signed-off-by: Pavel Moravec ---- - sos/report/plugins/dnf.py | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/sos/report/plugins/dnf.py b/sos/report/plugins/dnf.py -index 82078faf..6efc9cac 100644 ---- a/sos/report/plugins/dnf.py -+++ b/sos/report/plugins/dnf.py -@@ -125,8 +125,9 @@ class DNFPlugin(Plugin, RedHatPlugin): - self.get_modules_info(modules['output']) - - def postproc(self): -- regexp = r"(proxy_password(\s)*=(\s)*)(\S+)\n" -+ regexp = r"(password(\s)*=(\s)*)(\S+)\n" - repl = r"\1********\n" -- self.do_path_regex_sub("/etc/yum.repos.d/*", regexp, repl) -+ for f in ["/etc/yum.repos.d/*", "/etc/dnf/vars/*"]: -+ self.do_path_regex_sub(f, regexp, repl) - - # vim: set et ts=4 sw=4 : --- -2.37.3 - diff --git a/sos-bz2126089-relax-magic-dep.patch b/sos-bz2126089-relax-magic-dep.patch deleted file mode 100644 index 00bb604..0000000 --- a/sos-bz2126089-relax-magic-dep.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 4245de0b978a4d28bb8c833c2f2f5a15a260bd22 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Mon, 12 Sep 2022 15:30:16 +0200 -Subject: [PATCH] [utilities] Relax from hard dependency of python3-magic - -For compatibility reasons on some distros, sos should not have a hard -dependency on 'magic' python library. It should attempt to use it for -detection of binary file content, but should fall back to previous "read -the very first byte" method otherwise. - -Resolves: #3025 -Relates: #3021 - -Signed-off-by: Pavel Moravec ---- - requirements.txt | 1 - - setup.py | 2 +- - sos.spec | 2 +- - sos/utilities.py | 50 +++++++++++++++++++++++++++++++++++------------- - 4 files changed, 39 insertions(+), 16 deletions(-) - -diff --git a/requirements.txt b/requirements.txt -index c6ba1162..39f42161 100644 ---- a/requirements.txt -+++ b/requirements.txt -@@ -2,5 +2,4 @@ pycodestyle>=2.4.0 - coverage>=4.0.3 - Sphinx>=1.3.5 - pexpect>=4.0.0 --python_magic>=0.4.20 - pyyaml -diff --git a/setup.py b/setup.py -index 2a70802d..f2f9ecbe 100644 ---- a/setup.py -+++ b/setup.py -@@ -107,7 +107,7 @@ setup( - ], - cmdclass=cmdclass, - command_options=command_options, -- requires=['pexpect', 'python_magic', 'pyyaml'] -+ requires=['pexpect', 'pyyaml'] - ) - - -diff --git a/sos.spec b/sos.spec -index 748b9fd5..08499816 100644 ---- a/sos.spec -+++ b/sos.spec -@@ -16,7 +16,7 @@ Requires: python3-rpm - Requires: tar - Requires: xz - Requires: python3-pexpect --Requires: python3-magic -+Recommends: python3-magic - Recommends: python3-pyyaml - Obsoletes: sos-collector <= 1.9 - -diff --git a/sos/utilities.py b/sos/utilities.py -index 2046c8fd..21c815d9 100644 ---- a/sos/utilities.py -+++ b/sos/utilities.py -@@ -19,11 +19,26 @@ import tempfile - import threading - import time - import io --import magic -- - from contextlib import closing - from collections import deque - -+# try loading magic>=0.4.20 which implements detect_from_filename method -+magic_mod = False -+try: -+ import magic -+ magic.detect_from_filename(__file__) -+ magic_mod = True -+except (ImportError, AttributeError): -+ log = logging.getLogger('sos') -+ from textwrap import fill -+ msg = ("""\ -+WARNING: Failed to load 'magic' module version >= 0.4.20 which sos aims to \ -+use for detecting binary files. A less effective method will be used. It is \ -+recommended to install proper python3-magic package with the module. -+""") -+ log.warn('\n' + fill(msg, 72, replace_whitespace=False) + '\n') -+ -+ - TIMEOUT_DEFAULT = 300 - - -@@ -75,17 +90,26 @@ def file_is_binary(fname): - :returns: True if binary, else False - :rtype: ``bool`` - """ -- try: -- _ftup = magic.detect_from_filename(fname) -- _mimes = ['text/', 'inode/'] -- return ( -- _ftup.encoding == 'binary' and not -- any(_ftup.mime_type.startswith(_mt) for _mt in _mimes) -- ) -- except Exception: -- # if for some reason this check fails, don't blindly remove all files -- # but instead rely on other checks done by the component -- return False -+ if magic_mod: -+ try: -+ _ftup = magic.detect_from_filename(fname) -+ _mimes = ['text/', 'inode/'] -+ return ( -+ _ftup.encoding == 'binary' and not -+ any(_ftup.mime_type.startswith(_mt) for _mt in _mimes) -+ ) -+ except Exception: -+ pass -+ # if for some reason the above check fails or magic>=0.4.20 is not present, -+ # fail over to checking the very first byte of the file content -+ with open(fname, 'tr') as tfile: -+ try: -+ # when opened as above (tr), reading binary content will raise -+ # an exception -+ tfile.read(1) -+ return False -+ except UnicodeDecodeError: -+ return True - - - def find(file_pattern, top_dir, max_depth=None, path_pattern=None): --- -2.37.3 - diff --git a/sos-bz2130976-collect-ocp412.patch b/sos-bz2130976-collect-ocp412.patch deleted file mode 100644 index 14a85f5..0000000 --- a/sos-bz2130976-collect-ocp412.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 765f5f283bdb4747b0069f2f5d3381134b4b9a95 Mon Sep 17 00:00:00 2001 -From: Jake Hunsaker -Date: Thu, 15 Sep 2022 12:36:42 -0400 -Subject: [PATCH] [ocp] Add newly required labels to temp OCP namespace - -Newer OCP versions have a more restrictive default deployment -configuration. As such, add the required labels to the temporary -namespace/project we use for collections. - -Signed-off-by: Jake Hunsaker ---- - sos/collector/clusters/ocp.py | 23 ++++++++++++++++++++++- - 1 file changed, 22 insertions(+), 1 deletion(-) - -diff --git a/sos/collector/clusters/ocp.py b/sos/collector/clusters/ocp.py -index 06301536f..92c4e04a2 100644 ---- a/sos/collector/clusters/ocp.py -+++ b/sos/collector/clusters/ocp.py -@@ -142,12 +142,32 @@ def setup(self): - self.fmt_oc_cmd("new-project %s" % self.project) - ) - if ret['status'] == 0: -+ self._label_sos_project() - return True - - self.log_debug("Failed to create project: %s" % ret['output']) - raise Exception("Failed to create temporary project for collection. " - "\nAborting...") - -+ def _label_sos_project(self): -+ """Add pertinent labels to the temporary project we've created so that -+ our privileged containers can properly run. -+ """ -+ labels = [ -+ "security.openshift.io/scc.podSecurityLabelSync=false", -+ "pod-security.kubernetes.io/enforce=privileged" -+ ] -+ for label in labels: -+ ret = self.exec_primary_cmd( -+ self.fmt_oc_cmd( -+ f"label namespace {self.project} {label} --overwrite" -+ ) -+ ) -+ if not ret['status'] == 0: -+ raise Exception( -+ f"Error applying namespace labels: {ret['output']}" -+ ) -+ - def cleanup(self): - """Remove the project we created to execute within - """ -@@ -231,8 +251,9 @@ def get_nodes(self): - for node_name, node in self.node_dict.items(): - if roles: - for role in roles: -- if role == node['roles']: -+ if role in node['roles']: - nodes.append(node_name) -+ break - else: - nodes.append(node_name) - else: diff --git a/sos-bz2138174-clean-host-before-domain.patch b/sos-bz2138174-clean-host-before-domain.patch deleted file mode 100644 index 95602c4..0000000 --- a/sos-bz2138174-clean-host-before-domain.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 21101d80610c43a7c00de3dfaa5ff043d1f8324a Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Thu, 27 Oct 2022 18:00:28 +0200 -Subject: [PATCH] [cleaner] Apply compile_regexes after a regular parse line - -Hostname parser treats strings like 'host.domain.com' with precompiled -domain 'domain.com' in a wrong way. It first obfuscates the domain while -subsequent _parse_line skips host obfuscation. - -Calling _parse_line before _parse_line_with_compiled_regexes does clean -both the host name and the domain name well. - -Adding a unittest with a reproducer. - -Resolves: #3054 - -Signed-off-by: Pavel Moravec ---- - sos/cleaner/parsers/hostname_parser.py | 19 +++++++++++++++++++ - tests/unittests/cleaner_tests.py | 7 +++++++ - 2 files changed, 26 insertions(+) - -diff --git a/sos/cleaner/parsers/hostname_parser.py b/sos/cleaner/parsers/hostname_parser.py -index debdf182..07eb40f6 100644 ---- a/sos/cleaner/parsers/hostname_parser.py -+++ b/sos/cleaner/parsers/hostname_parser.py -@@ -8,6 +8,7 @@ - # - # See the LICENSE file in the source distribution for further information. - -+import re - from sos.cleaner.parsers import SoSCleanerParser - from sos.cleaner.mappings.hostname_map import SoSHostnameMap - -@@ -29,6 +30,24 @@ class SoSHostnameParser(SoSCleanerParser): - self.load_short_names_from_mapping() - self.mapping.set_initial_counts() - -+ def parse_line(self, line): -+ """This will be called for every line in every file we process, so that -+ every parser has a chance to scrub everything. -+ -+ We are overriding parent method since we need to swap ordering of -+ _parse_line_with_compiled_regexes and _parse_line calls. -+ """ -+ count = 0 -+ for skip_pattern in self.skip_line_patterns: -+ if re.match(skip_pattern, line, re.I): -+ return line, count -+ line, _count = self._parse_line(line) -+ count += _count -+ if self.compile_regexes: -+ line, _rcount = self._parse_line_with_compiled_regexes(line) -+ count += _rcount -+ return line, count -+ - def load_short_names_from_mapping(self): - """When we load the mapping file into the hostname map, we have to do - some dancing to get those loaded properly into the "intermediate" dicts -diff --git a/tests/unittests/cleaner_tests.py b/tests/unittests/cleaner_tests.py -index d27481c1..9759b38a 100644 ---- a/tests/unittests/cleaner_tests.py -+++ b/tests/unittests/cleaner_tests.py -@@ -171,6 +171,13 @@ class CleanerParserTests(unittest.TestCa - _test = self.host_parser.parse_line(line)[0] - self.assertNotEqual(line, _test) - -+ def test_obfuscate_whole_fqdn_for_given_domainname(self): -+ self.host_parser.load_hostname_into_map('sostestdomain.domain') -+ line = 'let obfuscate soshost.sostestdomain.domain' -+ _test = self.host_parser.parse_line(line)[0] -+ self.assertFalse('soshost' in _test) -+ self.assertFalse('sostestdomain' in _test) -+ - def test_keyword_parser_valid_line(self): - line = 'this is my foobar test line' - _test = self.kw_parser.parse_line(line)[0] --- -2.37.3 diff --git a/sos.spec b/sos.spec index 18eaea3..95eed99 100644 --- a/sos.spec +++ b/sos.spec @@ -4,8 +4,8 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.4 -Release: 4%{?dist} +Version: 4.5.0 +Release: 1%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz @@ -14,6 +14,7 @@ BuildArch: noarch Url: https://github.com/sosreport/sos BuildRequires: python3-devel BuildRequires: gettext +BuildRequires: python3-setuptools Requires: tar Requires: bzip2 Requires: xz @@ -23,10 +24,6 @@ Recommends: python3-pexpect Recommends: python3-pyyaml Conflicts: vdsm < 4.40 Obsoletes: sos-collector <= 1.9 -Patch1: sos-bz2126089-relax-magic-dep.patch -Patch2: sos-bz2125499-yum-legacy-links.patch -Patch3: sos-bz2138174-clean-host-before-domain.patch -Patch4: sos-bz2130976-collect-ocp412.patch %description @@ -38,10 +35,6 @@ support technicians and developers. %prep %setup -qn %{name}-%{version} %setup -T -D -a1 -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 %build %py3_build @@ -64,7 +57,9 @@ cd %{name}-audit-%{auditversion} DESTDIR=%{buildroot} ./install.sh cd .. -%files -f %{name}.lang +# internationalization is currently broken. Uncomment this line once fixed. +# %%files -f %%{name}.lang +%files %{_sbindir}/sos %{_sbindir}/sosreport %{_sbindir}/sos-collector @@ -109,6 +104,10 @@ of the system. Currently storage and filesystem commands are audited. %changelog +* Tue Feb 07 2023 Pavel Moravec = 4.5.0-1 +- Rebase on upstream 4.5.0 + Resolves: bz2082615 + * Thu Nov 03 2022 Pavel Moravec = 4.4-4 - [ocp] Add newly required labels to temp OCP namespace Resolves: bz2130976 diff --git a/sources b/sources index 6154f27..241f3aa 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (sos-4.4.tar.gz) = 0e040bd48463960872e7f14ac773edcce40a5bfb1e05967498c8c9dc41560dfe901c60f08aad5e2a987d5de8068b21729d2317ae99602c739aa4f78eb7f72251 +SHA512 (sos-4.5.0.tar.gz) = c38ede9c587f8aa714889f2c28e0fcc55db38d1f63826615409d5bc8c26aa7178bb1cb01922fe4212f37c6a0c66de11711d5e1df1242abc2477039d6e97c84c9 SHA512 (sos-audit-0.3.tgz) = 32597baf6350804d08179a0dbe48470a93df148e83d2e49bb3288f6bcc2d151bb1433761913bfbccd912c14de92435939fef5bcd7e091dfe33a345d61ea842ea