10 changed files with 139 additions and 577 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
-SOURCES/sos-4.10.2.tar.gz
+SOURCES/sos-4.6.0.tar.gz
-SOURCES/sos-audit-0.3-1.tgz
+SOURCES/sos-audit-0.3.tgz
--- a/.sos.metadata
+++ b/.sos.metadata
@ -1,2 +1,2 @@
-b9350b4145cbd8936efe88920a70fcca46824145 SOURCES/sos-4.10.2.tar.gz
+90d8b664a4e0593d60357342bb5f73af9908e29d SOURCES/sos-4.6.0.tar.gz
-00752b68ec5e1141192a9dab7d44377b8d637bf7 SOURCES/sos-audit-0.3-1.tgz
+9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz
--- a/SOURCES/0001-python3-walrus-operator-and-rhel8-changes-only.patch
+++ b/SOURCES/0001-python3-walrus-operator-and-rhel8-changes-only.patch
@ -1,102 +0,0 @@
 --- a/sos/report/plugins/coredump.py
 +++ b/sos/report/plugins/coredump.py
@@ -72,8 +72,8 @@
             cdump = line.split()
             pid = cdump[4]
             exe = cdump[-2]
 -            if regex := self.get_option("executable"):
 -                if not re.search(regex, exe, re.I):
 +            if self.get_option("executable"):
 +                if not re.search(self.get_option("executable"), exe, re.I):
                     continue
             cinfo = self.collect_cmd_output(f"coredumpctl info {pid}")
             if cinfo['status'] != 0:
 --- a/sos/collector/sosnode.py
 +++ b/sos/collector/sosnode.py
@@ -372,7 +372,8 @@
             for line in result.splitlines():
                 if not is_list:
                     try:
 -                        if ls := line.split():
 +                        ls = line.split()
 +                        if ls:
                             res.append(ls[0])
                     except Exception as err:
                         self.log_debug(f"Error parsing sos help: {err}")
 --- a/sos/report/plugins/mongodb.py
 +++ b/sos/report/plugins/mongodb.py
@@ -87,9 +87,11 @@
     )
     def setup(self):
 -        if get_juju_info := self.path_exists('/var/lib/juju/db'):
 +        if self.path_exists('/var/lib/juju/db'):
 +            get_juju_info = self.path_exists('/var/lib/juju/db')
             self.db_folder = "/var/lib/juju/db"
 -        elif get_juju_info := self.path_exists('/var/snap/juju-db/curent/db'):
 +        elif self.path_exists('/var/snap/juju-db/curent/db'):
 +            get_juju_info = self.path_exists('/var/snap/juju-db/curent/db')
             self.db_folder = "/var/snap/juju-db/current/db"
         super().setup()
 --- a/sos/report/plugins/__init__.py	2025-08-21 12:41:10.418390705 +0200
 +++ b/sos/report/plugins/__init__.py	2025-08-21 12:55:39.546634618 +0200
@@ -2965,8 +2965,9 @@
         :rtype: ``str``
         """
         if self.container_exists(container, runtime) or \
 -           ((_runtime := self._get_container_runtime(runtime)) and
 +           ((self._get_container_runtime(runtime)) and
            runas is not None):
 +            _runtime = self._get_container_runtime(runtime)
             return _runtime.fmt_container_cmd(container, cmd, quotecmd)
         return ''
 --- a/sos/report/plugins/loki.py	2025-11-24 11:20:56.237814760 +0100
 +++ b/sos/report/plugins/loki.py	2025-11-24 11:28:37.466603011 +0100
@@ -143,7 +143,8 @@
         if self.get_option("collect-logs"):
             endpoint = self.get_option("endpoint") or "http://localhost:3100"
             self.labels = []
 -            if labels_option := self.get_option("labels"):
 +            labels_option = self.get_option("labels")
 +            if labels_option:
                 if isinstance(labels_option, str) and labels_option:
                     self.labels.extend(labels_option.split(":"))
 --- a/sos/cleaner/archives/__init__.py	2025-09-22 19:44:51.272619200 +0200
 +++ b/sos/cleaner/archives/__init__.py	2025-09-22 23:28:15.116001268 +0200
@@ -118,6 +118,8 @@ class SoSObfuscationArchive():
         self.parsers = parsers  # TODO: include this in __init__?
     def load_parser_entries(self):
 +        self.soslog = logging.getLogger('sos')
 +        self.ui_log = logging.getLogger('sos_ui')
         for parser in self.parsers:
             parser.load_map_entries()
@@ -150,6 +152,7 @@ class SoSObfuscationArchive():
         return line, count
     def obfuscate_arc_files(self, flist):
 +        self.load_parser_entries()
         for filename in flist:
             self.log_debug(f"    pid={os.getpid()}: obfuscating {filename}")
             try:
 --- a/sos/cleaner/__init__.py	2025-09-22 19:44:51.272619200 +0200
 +++ b/sos/cleaner/__init__.py	2025-09-22 23:32:17.606745778 +0200
@@ -720,10 +720,11 @@ third party.
             # based on files' sizes.
             files_obfuscated_count = total_sub_count = removed_file_count = 0
 +            # two nullification required before processes cloning
 +            archive.soslog = None
 +            archive.ui_log = None
             archive_list = [archive for i in range(self.opts.jobs)]
 -            with ProcessPoolExecutor(
 -                    max_workers=self.opts.jobs,
 -                    initializer=archive.load_parser_entries) as executor:
 +            with ProcessPoolExecutor(max_workers=self.opts.jobs) as executor:
                 futures = executor.map(obfuscate_arc_files, archive_list,
                                        [file_list[i::self.opts.jobs] for i in
                                         range(self.opts.jobs)])
--- a/SOURCES/0002-sosreport-binary.patch
+++ b/SOURCES/0002-sosreport-binary.patch
@ -1,27 +0,0 @@
 --- /dev/null	2025-10-28 14:11:21.494784405 +0100
 +++ sos-4.10.1/bin/sosreport	2025-12-04 08:46:53.277857061 +0100
@@ -0,0 +1,5 @@
 +#!/bin/bash
 +echo "sosreport binary is deprecated, use 'sos report' instead"
 +exec sos report "$@"
 +
 +# vim:ts=4 et sw=4
 --- /dev/null	2025-10-28 14:11:21.494784405 +0100
 +++ sos-4.10.1/bin/sos-collector	2025-12-04 08:48:04.661880220 +0100
@@ -0,0 +1,5 @@
 +#!/bin/bash
 +echo "sos-collector binary is deprecated, use 'sos collector' instead"
 +exec sos collector "$@"
 +
 +# vim:ts=4 et sw=4
 --- sos-4.10.1/setup.py	2025-04-15 15:17:21.938635468 +0200
 +++ sos-4.10.1/setup.py	2025-04-15 15:17:41.328198501 +0200
@@ -34,7 +34,7 @@
     maintainer_email='jacob.r.hunsaker@gmail.com',
     url='https://github.com/sosreport/sos',
     license="GPLv2+",
 -    scripts=['bin/sos'],
 +    scripts=['bin/sos', 'bin/sosreport', 'bin/sos-collector'],
     data_files=data_files,
     packages=find_packages(include=['sos', 'sos.*'])
 )
--- a/SOURCES/0003-gcp-Catch-exceptions-when-PRODUCT_PATH-doesnt-exist.patch
+++ b/SOURCES/0003-gcp-Catch-exceptions-when-PRODUCT_PATH-doesnt-exist.patch
@ -1,36 +0,0 @@
 From 178d7fb1296dbcb744867d1b8a29678d1a3b0820 Mon Sep 17 00:00:00 2001
 From: Pavel Moravec <pmoravec@redhat.com>
 Date: Mon, 26 Jan 2026 12:14:19 +0100
 Subject: [PATCH] [gcp] Catch exceptions when PRODUCT_PATH doesnt exist
 Catch exceptions when /sys/devices/virtual/dmi/id/product_name does not
 exist on a (rare) system, while user manually enabled gcp plugin.
 Closes: #4215
 Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
 ---
 sos/report/plugins/gcp.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
 diff --git a/sos/report/plugins/gcp.py b/sos/report/plugins/gcp.py
 index 24b50323..43ceec00 100644
 --- a/sos/report/plugins/gcp.py
 +++ b/sos/report/plugins/gcp.py
@@ -38,8 +38,11 @@ class GCP(Plugin, IndependentPlugin):
         Checks if this plugin should be executed based on the presence of
         GCE entry in sysfs.
         """
 -        with open(self.PRODUCT_PATH, encoding='utf-8') as sys_file:
 -            return "Google Compute Engine" in sys_file.read()
 +        try:
 +            with open(self.PRODUCT_PATH, encoding='utf-8') as sys_file:
 +                return "Google Compute Engine" in sys_file.read()
 +        except OSError:
 +            return False
     def setup(self):
         """
 -- 
 2.52.0
--- a/SOURCES/0004-aap_containerized-Carry-forward-postproc-from-other.patch
+++ b/SOURCES/0004-aap_containerized-Carry-forward-postproc-from-other.patch
@ -1,124 +0,0 @@
 From 0c237bcaf476c9b5a28165b9124e08163af707ab Mon Sep 17 00:00:00 2001
 From: Pavel Moravec <pmoravec@redhat.com>
 Date: Fri, 30 Jan 2026 21:50:52 +0100
 Subject: [PATCH] [aap_containerized] Carry forward postproc from other AAP
 plugins
 Secrets obfuscations from 2a46e99 commit must be reflected in
 containerized plugin.
 Further, fix a typo in a regexp, to properly obfuscate:
 EMAIL_HOST_PASSWORD = 'FAKESECRET!!!'
 in (both) controller's settings.
 Closes: #4213
 Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
 ---
 sos/report/plugins/aap_containerized.py | 37 +++++++++++++++++++------
 sos/report/plugins/aap_controller.py    |  4 +--
 2 files changed, 30 insertions(+), 11 deletions(-)
 diff --git a/sos/report/plugins/aap_containerized.py b/sos/report/plugins/aap_containerized.py
 index 7baa5fb3..0c85d4b2 100644
 --- a/sos/report/plugins/aap_containerized.py
 +++ b/sos/report/plugins/aap_containerized.py
@@ -41,6 +41,7 @@ class AAPContainerized(Plugin, RedHatPlugin):
     def setup(self):
         # Check if username is passed as argument
         username = self.get_option("username")
 +        self.aap_directory_name = self.get_option("directory")
         if not username:
             self._log_warn("AAP username is missing, use '-k "
                            "aap_containerized.username=<user>' to set it")
@@ -61,16 +62,15 @@ class AAPContainerized(Plugin, RedHatPlugin):
                     return
         # Grab aap installation directory under user's home
 -        if not self.get_option("directory"):
 +        if not self.aap_directory_name:
             user_home_directory = os.path.expanduser(f"~{username}")
 -            aap_directory_name = self.path_join(user_home_directory, "aap")
 -        else:
 -            aap_directory_name = self.get_option("directory")
 +            self.aap_directory_name = self.path_join(user_home_directory,
 +                                                     "aap")
         # Don't collect cert and key files from the installation directory
 -        if self.path_exists(aap_directory_name):
 +        if self.path_exists(self.aap_directory_name):
             forbidden_paths = [
 -                self.path_join(aap_directory_name, path)
 +                self.path_join(self.aap_directory_name, path)
                 for path in [
                     "containers",
                     "tls",
@@ -93,10 +93,10 @@ class AAPContainerized(Plugin, RedHatPlugin):
                 ]
             ]
             self.add_forbidden_path(forbidden_paths)
 -            self.add_copy_spec(aap_directory_name)
 +            self.add_copy_spec(self.aap_directory_name)
         else:
 -            self._log_error(f"Directory {aap_directory_name} does not exist "
 -                            "or invalid absolute path provided")
 +            self._log_error(f"Directory {self.aap_directory_name} does not "
 +                            "exist or invalid absolute path provided.")
         # Gather output of following podman commands as user
         podman_commands = [
@@ -200,6 +200,24 @@ class AAPContainerized(Plugin, RedHatPlugin):
         return False
     def postproc(self):
 +        # remove controller email password
 +        file_path = f"{self.aap_directory_name}/controller/etc/settings.py"
 +        jreg = r"(EMAIL_HOST_PASSWORD\s*=\s*)\'(.+)\'"
 +        repl = r"\1********"
 +        self.do_path_regex_sub(file_path, jreg, repl)
 +
 +        # remove gateway database password
 +        file_path = f"{self.aap_directory_name}/gateway/etc/settings.py"
 +        jreg = r"(\s*'PASSWORD'\s*:\s*)('.*')"
 +        repl = r"\1********"
 +        self.do_path_regex_sub(file_path, jreg, repl)
 +
 +        # Mask EDA optional secrets
 +        file_path = f"{self.aap_directory_name}/eda/etc/settings.yaml"
 +        regex = r"(\s*)(PASSWORD|MQ_USER_PASSWORD|SECRET_KEY)(:\s*)(.*$)"
 +        replacement = r'\1\2\3********'
 +        self.do_path_regex_sub(file_path, regex, replacement)
 +
         # Mask PASSWORD from print_settings command
         jreg = r'((["\']?PASSWORD["\']?\s*[:=]\s*)[rb]?["\'])(.*?)(["\'])'
         self.do_cmd_output_sub(
@@ -214,4 +232,5 @@ class AAPContainerized(Plugin, RedHatPlugin):
             jreg,
             r'\1**********\5')
 +
 # vim: set et ts=4 sw=4 :
 diff --git a/sos/report/plugins/aap_controller.py b/sos/report/plugins/aap_controller.py
 index afb2508c..e2b5e39e 100644
 --- a/sos/report/plugins/aap_controller.py
 +++ b/sos/report/plugins/aap_controller.py
@@ -83,12 +83,12 @@ class AAPControllerPlugin(Plugin, RedHatPlugin):
         self.do_path_regex_sub("/etc/tower/conf.d/postgres.py", jreg, repl)
         # remove email password
 -        jreg = r"(EMAIL_HOST_PASSWORD\s*=)\'(.+)\'"
 +        jreg = r"(EMAIL_HOST_PASSWORD\s*=\s*)\'(.+)\'"
         repl = r"\1********"
         self.do_path_regex_sub("/etc/tower/settings.py", jreg, repl)
         # remove email password (if customized)
 -        jreg = r"(EMAIL_HOST_PASSWORD\s*=)\'(.+)\'"
 +        jreg = r"(EMAIL_HOST_PASSWORD\s*=\s*)\'(.+)\'"
         repl = r"\1********"
         self.do_path_regex_sub("/etc/tower/conf.d/custom.py", jreg, repl)
 -- 
 2.52.0
--- a/SOURCES/0005-cleaner-Update-filename-after-converting-pem-to-text.patch
+++ b/SOURCES/0005-cleaner-Update-filename-after-converting-pem-to-text.patch
@ -1,121 +0,0 @@
 From 0c7626683ae2dcbc5f7b0f00e0980895e0e1ce0d Mon Sep 17 00:00:00 2001
 From: Pavel Moravec <pmoravec@redhat.com>
 Date: Mon, 2 Feb 2026 14:03:26 +0100
 Subject: [PATCH] [cleaner] Update filename after converting pem to text
 When converting PEM certificate to text, we need to update filename and
 short_name to the newly created file, to ensure cleaner handles the
 right file.
 Also, rename misleading short_name to rel_name as it keeps the rel.path
 to the filename.
 Closes: #4219
 Relevant: RHEL-145301
 Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
 ---
 sos/cleaner/archives/__init__.py | 34 +++++++++++++++++++-------------
 1 file changed, 20 insertions(+), 14 deletions(-)
 diff --git a/sos/cleaner/archives/__init__.py b/sos/cleaner/archives/__init__.py
 index e918e2e3..af6ed222 100644
 --- a/sos/cleaner/archives/__init__.py
 +++ b/sos/cleaner/archives/__init__.py
@@ -156,18 +156,18 @@ class SoSObfuscationArchive():
         for filename in flist:
             self.log_debug(f"    pid={os.getpid()}: obfuscating {filename}")
             try:
 -                short_name = filename.split(self.archive_name + '/')[1]
 -                if self.should_skip_file(short_name):
 +                rel_name = os.path.relpath(filename, start=self.extracted_path)
 +                if self.should_skip_file(rel_name):
                     continue
                 if (not self.keep_binary_files and
 -                        self.should_remove_file(short_name)):
 +                        self.should_remove_file(rel_name)):
                     # We reach this case if the option --keep-binary-files
                     # was not used, and the file is in a list to be removed
 -                    self.remove_file(short_name)
 +                    self.remove_file(rel_name)
                     continue
                 if (self.keep_binary_files and
                         (file_is_binary(filename) or
 -                         self.should_remove_file(short_name))):
 +                         self.should_remove_file(rel_name))):
                     # We reach this case if the option --keep-binary-files
                     # is used. In this case we want to make sure
                     # the cleaner doesn't try to clean a binary file
@@ -180,28 +180,32 @@ class SoSObfuscationArchive():
                 if is_certificate:
                     if is_certificate == "certificatekey":
                         # Always remove certificate Key files
 -                        self.remove_file(short_name)
 +                        self.remove_file(rel_name)
                         continue
                     if self.treat_certificates == "keep":
                         continue
                     if self.treat_certificates == "remove":
 -                        self.remove_file(short_name)
 +                        self.remove_file(rel_name)
                         continue
                     if self.treat_certificates == "obfuscate":
 -                        self.certificate_to_text(filename)
 +                        # since the original filename is deleted, we must
 +                        # update both "filename" and "rel_name"
 +                        filename = self.certificate_to_text(filename)
 +                        rel_name = os.path.relpath(filename,
 +                                                   start=self.extracted_path)
                 _parsers = [
                     _p for _p in self.parsers if not
                     any(
 -                        _skip.match(short_name) for _skip in _p.skip_patterns
 +                        _skip.match(rel_name) for _skip in _p.skip_patterns
                     )
                 ]
                 if not _parsers:
                     self.log_debug(
 -                        f"Skipping obfuscation of {short_name or filename} "
 +                        f"Skipping obfuscation of {rel_name or filename} "
                         f"due to matching file skip pattern"
                     )
                     continue
 -                self.log_debug(f"Obfuscating {short_name or filename}")
 +                self.log_debug(f"Obfuscating {rel_name or filename}")
                 subs = 0
                 with tempfile.NamedTemporaryFile(mode='w', dir=self.tmpdir) \
                         as tfile:
@@ -214,13 +218,13 @@ class SoSObfuscationArchive():
                                 tfile.write(line)
                             except Exception as err:
                                 self.log_debug(f"Unable to obfuscate "
 -                                               f"{short_name}: {err}")
 +                                               f"{rel_name}: {err}")
                     tfile.seek(0)
                     if subs:
                         shutil.copyfile(tfile.name, filename)
                         self.update_sub_count(subs)
 -                self.obfuscate_filename(short_name, filename)
 +                self.obfuscate_filename(rel_name, filename)
             except Exception as err:
                 self.log_debug(f"    pid={os.getpid()}: caught exception on "
@@ -309,11 +313,13 @@ class SoSObfuscationArchive():
         """Convert a certificate to text. This is used when cleaner encounters
         a certificate file and the option 'treat_certificates' is 'obfuscate'.
         """
 +        out_fn = f"{fname}.text"
         self.log_info(f"Converting certificate file '{fname}' to text")
         sos_get_command_output(
             f"openssl storeutl -noout -text -certs {str(fname)}",
 -            to_file=f"{fname}.text")
 +            to_file=out_fn)
         os.remove(fname)
 +        return out_fn
     def remove_file(self, fname):
         """Remove a file from the archive. This is used when cleaner encounters
 -- 
 2.52.0
--- a/SOURCES/0006-revert-PR4092.patch
+++ b/SOURCES/0006-revert-PR4092.patch
@ -1,49 +0,0 @@
 --- a/sos/upload/targets/__init__.py	2025-09-16 19:57:27.294642506 +0200
 +++ b/sos/upload/targets/__init__.py	2025-09-16 19:59:44.498573843 +0200
@@ -465,7 +465,7 @@
                 self.upload_password or
                 self._upload_password)
 -    def upload_sftp(self, user=None, password=None, user_dir=None):
 +    def upload_sftp(self, user=None, password=None):
         """Attempts to upload the archive to an SFTP location.
         Due to the lack of well maintained, secure, and generally widespread
@@ -540,13 +540,10 @@
             raise Exception("Unable to connect via SFTP to "
                             f"{self.get_upload_url_string()}")
 -        # certain implementations require file to be put in the user dir
 -        put_cmd = (
 -            f"put {self.upload_archive_name} "
 -            f"{f'{user_dir}/' if user_dir else ''}"
 -            f"{self._get_sftp_upload_name()}"
 -        )
 +        put_cmd = (f'put {self.upload_archive_name} '
 +                   f'{self._get_sftp_upload_name()}')
         ret.sendline(put_cmd)
 +
         put_expects = [
             '100%',
             pexpect.TIMEOUT,
 --- a/sos/upload/targets/redhat.py	2025-09-16 19:57:36.804628207 +0200
 +++ b/sos/upload/targets/redhat.py	2025-09-16 20:00:52.578728154 +0200
@@ -145,7 +145,7 @@
         return fname
     # pylint: disable=too-many-branches
 -    def upload_sftp(self, user=None, password=None, user_dir=None):
 +    def upload_sftp(self, user=None, password=None):    
         """Override the base upload_sftp to allow for setting an on-demand
         generated anonymous login for the RH SFTP server if a username and
         password are not given
@@ -217,8 +217,7 @@
                     f"{anon.status_code}): {anon.json()}"
                 )
         if _user and _token:
 -            return super().upload_sftp(user=_user, password=_token,
 -                                       user_dir=_user)
 +            return super().upload_sftp(user=_user, password=_token)
         raise Exception("Could not retrieve valid or anonymous credentials")
     def check_file_too_big(self, archive):
--- a/SOURCES/sos-SUPDEV145-ovnkube-logs.patch
+++ b/SOURCES/sos-SUPDEV145-ovnkube-logs.patch
@ -0,0 +1,126 @@
 From 43714aa5aeb3dcb0dec17dd026ca5c394cc06afd Mon Sep 17 00:00:00 2001
 From: Periyasamy Palanisamy <pepalani@redhat.com>
 Date: Fri, 11 Aug 2023 14:30:42 +0200
 Subject: [PATCH] Collect additional ovnkube node logs
 With Interconnect support in latest OVN-Kubernetes, ovnkube-nodes
 logs grew large. This commit adds the ability to collect those
 additional logs.
 Signed-off-by: Periyasamy Palanisamy <pepalani@redhat.com>
 ---
 sos/report/plugins/openshift_ovn.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py
 index d81fc97aa..2d804e9ae 100644
 --- a/sos/report/plugins/openshift_ovn.py
 +++ b/sos/report/plugins/openshift_ovn.py
@@ -30,7 +30,8 @@ def setup(self):
         # Collect ovn interconnect specific files if exists.
         self.add_copy_spec([
             "/var/lib/ovn-ic/etc/ovnnb_db.db",
 -            "/var/lib/ovn-ic/etc/ovnsb_db.db"
 +            "/var/lib/ovn-ic/etc/ovnsb_db.db",
 +            "/var/lib/ovn-ic/etc/libovsdb*log*"
         ])
         # The ovn cluster/status is not valid anymore for interconnect setup.
 From e11a594f942f9ae98aeb644c573293b391050657 Mon Sep 17 00:00:00 2001
 From: Periyasamy Palanisamy <pepalani@redhat.com>
 Date: Tue, 15 Aug 2023 11:47:20 +0200
 Subject: [PATCH] Collect ovn logs as much as possible
 The sosreport limits to collect logs at maximum of 25 MB in a given
 collection passed into add_copy_spec method. so this may lead into
 logs wouldn't have fully collected when user collected sos report
 without --all-logs option.
 Hence this commit ensures logs and dbs collected as much as possible
 when --all-logs option is not specified.
 Signed-off-by: Periyasamy Palanisamy <pepalani@redhat.com>
 ---
 sos/report/plugins/openshift_ovn.py | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)
 diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py
 index 2d804e9ae..347b15eea 100644
 --- a/sos/report/plugins/openshift_ovn.py
 +++ b/sos/report/plugins/openshift_ovn.py
@@ -20,19 +20,28 @@ class OpenshiftOVN(Plugin, RedHatPlugin):
     profiles = ('openshift',)
     def setup(self):
 +        all_logs = self.get_option("all_logs")
 +
         self.add_copy_spec([
             "/var/lib/ovn/etc/ovnnb_db.db",
             "/var/lib/ovn/etc/ovnsb_db.db",
 -            "/var/lib/openvswitch/etc/keys",
 -            "/var/log/openvswitch/libreswan.log",
 -            "/var/log/openvswitch/ovs-monitor-ipsec.log"
 -        ])
 -        # Collect ovn interconnect specific files if exists.
 +            "/var/lib/openvswitch/etc/keys"
 +        ], sizelimit=300)
 +
 +        # Collect ovn interconnect specific db files if exists.
         self.add_copy_spec([
             "/var/lib/ovn-ic/etc/ovnnb_db.db",
 -            "/var/lib/ovn-ic/etc/ovnsb_db.db",
 -            "/var/lib/ovn-ic/etc/libovsdb*log*"
 -        ])
 +            "/var/lib/ovn-ic/etc/ovnsb_db.db"
 +        ], sizelimit=300)
 +
 +        # Collect libovsdb logs in case of ovn interconnect setup.
 +        if not all_logs:
 +            self.add_copy_spec([
 +                "/var/lib/ovn-ic/etc/libovsdb.log",
 +                "/var/lib/ovn-ic/etc/libovsdb*log.gz"
 +            ], sizelimit=100)
 +        else:
 +            self.add_copy_spec("/var/lib/ovn-ic/etc/libovsdb*log*")
         # The ovn cluster/status is not valid anymore for interconnect setup.
         self.add_cmd_output([
 From 7cd6f61fd15ae7fc93d62cca927204351cdc1322 Mon Sep 17 00:00:00 2001
 From: Periyasamy Palanisamy <pepalani@redhat.com>
 Date: Wed, 30 Aug 2023 09:56:40 +0200
 Subject: [PATCH] Collect logs from ovnkube-controller container
 This enables ovn sos report plugin to collect logs ovnkube-controller
 container because ovn-kubernetes now provides option to run both
 ovnkube-node and ovnkube-controller in same container with this
 PR https://github.com/ovn-org/ovn-kubernetes/pull/3807.
 Signed-off-by: Periyasamy Palanisamy <pepalani@redhat.com>
 ---
 sos/report/plugins/openshift_ovn.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
 diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py
 index 347b15eea..cb48057d3 100644
 --- a/sos/report/plugins/openshift_ovn.py
 +++ b/sos/report/plugins/openshift_ovn.py
@@ -16,7 +16,8 @@ class OpenshiftOVN(Plugin, RedHatPlugin):
     """
     short_desc = 'Openshift OVN'
     plugin_name = "openshift_ovn"
 -    containers = ('ovnkube-master', 'ovnkube-node', 'ovn-ipsec')
 +    containers = ('ovnkube-master', 'ovnkube-node', 'ovn-ipsec',
 +                  'ovnkube-controller')
     profiles = ('openshift',)
     def setup(self):
@@ -54,6 +55,10 @@ def setup(self):
             'ovs-appctl -t /var/run/ovn/ovn-controller.*.ctl ' +
             'ct-zone-list'],
             container='ovnkube-node')
 +        self.add_cmd_output([
 +            'ovs-appctl -t /var/run/ovn/ovn-controller.*.ctl ' +
 +            'ct-zone-list'],
 +            container='ovnkube-controller')
         # Collect ovs ct-zone-list directly on host for interconnect setup.
         self.add_cmd_output([
             'ovs-appctl -t /var/run/ovn-ic/ovn-controller.*.ctl ' +
--- a/SPECS/sos.spec
+++ b/SPECS/sos.spec
@ -1,10 +1,10 @@
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
-%global auditversion 0.3-1
+%global auditversion 0.3
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
-Version: 4.10.2
+Version: 4.6.0
 Release: 2%{?dist}
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
@ -22,12 +22,7 @@ Recommends: python3-pexpect
 Recommends: python3-pyyaml
 Conflicts: vdsm < 4.40
 Obsoletes: sos-collector
-Patch1: 0001-python3-walrus-operator-and-rhel8-changes-only.patch
+Patch1: sos-SUPDEV145-ovnkube-logs.patch
 Patch2: 0002-sosreport-binary.patch
 Patch3: 0003-gcp-Catch-exceptions-when-PRODUCT_PATH-doesnt-exist.patch
 Patch4: 0004-aap_containerized-Carry-forward-postproc-from-other.patch
 Patch5: 0005-cleaner-Update-filename-after-converting-pem-to-text.patch
 Patch6: 0006-revert-PR4092.patch
 %description
 Sos is a set of tools that gathers information about system
@ -38,12 +33,8 @@ support technicians and developers.
 %prep
 %setup -qn %{name}-%{version}
 %setup -T -D -a1 -q
-%patch -P 1 -p1 
+%patch1 -p1
-%patch -P 2 -p1
+
 %patch -P 3 -p1
 %patch -P 4 -p1
 %patch -P 5 -p1
 %patch -P 6 -p1
 %build
 %py3_build
@ -67,17 +58,18 @@ mkdir -p %{buildroot}%{_sysconfdir}/sos/{cleaner,presets.d,extras.d,groups.d}
 # internationalization is currently broken. Uncomment this line once fixed.
 # %%files -f %%{name}.lang
 %files
 %{_sbindir}/sos
 %{_sbindir}/sosreport
 %{_sbindir}/sos
 %{_sbindir}/sos-collector
 %dir /etc/sos/presets.d
 %dir /etc/sos/extras.d
 %dir /etc/sos/groups.d
 /etc/tmpfiles.d/%{name}.conf
 %{python3_sitelib}/*
 %{_mandir}/man1/sosreport.1.gz
 %{_mandir}/man1/sos-clean.1.gz
 %{_mandir}/man1/sos-upload.1.gz
 %{_mandir}/man1/sos-collect.1.gz
 %{_mandir}/man1/sos-collector.1.gz
 %{_mandir}/man1/sos-help.1.gz
 %{_mandir}/man1/sos-mask.1.gz
 %{_mandir}/man1/sos-report.1.gz
@ -90,7 +82,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/sos/{cleaner,presets.d,extras.d,groups.d}
 %package audit
 Summary: Audit use of some commands for support purposes
-License: GPL-2.0-or-later
+License: GPLv2+
 Group: Application/System
 %description audit
@ -113,105 +105,8 @@ of the system. Currently storage and filesystem commands are audited.
 %{_mandir}/man8/sos-audit.sh.8.gz
 %ghost /etc/audit/rules.d/40-sos-filesystem.rules
 %ghost /etc/audit/rules.d/40-sos-storage.rules
 %license LICENSE
 %changelog
 * Thu Feb 26 2026 Jan Jansky <jjansky@redhat.com> = 4.10.2-2
 - Update to 4.10.2-2
  Resolves: RHEL-142630
 * Thu Jan 22 2026 Jan Jansky <jjansky@redhat.com> = 4.10.2-1
 - Update to 4.10.2-1
  Resolves: RHEL-142630
 * Fri Dec 05 2025 Jan Jansky <jjansky@redhat.com> = 4.10.1-2
 - Fixing sosreport and sos-collector binary
  Resolves: RHEL-121468
 * Tue Nov 25 2025 Jan Jansky <jjansky@redhat.com> = 4.10.1-1
 - Update to 4.10.1-1
  Resolves: RHEL-121468
 * Tue Sep 23 2025 Jan Jansky <jjansky@redhat.com> = 4.10.0-4
 - Update to 4.10.0-4
  Resolves: RHEL-112413
 * Wed Sep 17 2025 Jan Jansky <jjansky@redhat.com> = 4.10.0-2
 - Update to 4.10.0-2
  Resolves: RHEL-112413
 * Thu Aug 21 2025 Jan Jansky <jjansky@redhat.com> = 4.10.0-1
 - Update to 4.10.0
  Resolves: RHEL-110499
 * Fri Jul 04 2025 Jan Jansky <jjansky@redhat.com> = 4.9.2-1
 - Update to 4.9.2 in RHEL 8
  Resolves: RHEL-101716
 * Fri May 30 2025 Jan Jansky <jjansky@redhat.com> = 4.9.1-2
 - Update to 4.9.1-2 in RHEL 8
  Resolves: RHEL-86645
 * Tue Apr 15 2025 Jan Jansky <jjansky@redhat.com> = 4.9.1-1
 - Update to 4.9.1 in RHEL 8
  Resolves: RHEL-86645
 * Tue Jan 07 2025 Jan Jansky <jjansky@redhat.com> = 4.8.2-1
 - Update to 4.8.2 in RHEL 8
  Resolves: RHEL-72941
 * Wed Oct 23 2024 Jan Jansky <jjansky@redhat.com> = 4.8.1-1
 - Update to 4.8.1 in RHEL 8
  Resolves: RHEL-64160
 * Fri Sep 27 2024 Jan Jansky <jjansky@redhat.com> = 4.8.0-3
 - Added credentials obfuscation from multiple files
  Resolves: RHEL-58097
 * Sat Sep 14 2024 Pierguido Lambri <plambri@redhat.com> = 4.8.0-2
 - Resolves: RHEL-22732
  Fix wrong formatting
 * Mon Sep 09 2024 Pierguido Lambri <plambri@redhat.com> = 4.8.0-1
 - New upstream release
  Resolves: RHEL-58097
 * Wed Aug 21 2024 Pavel Moravec <pmoravec@redhat.com> = 4.7.2-2
 - reverting RHEL-22732 patch due to regressions
  Resolves: RHEL-49779
 * Fri Jun 21 2024 Pierguido Lambri <plambri@redhat.com> = 4.7.2-1
 - New upstream release
  Resolves: RHEL-40871
  Resolves: RHEL-33703
  Resolves: RHEL-22732
 * Thu May 09 2024 Pavel Moravec <pmoravec@redhat.com> = 4.7.1-3
 - [archive] Fix get_archive_root after files reordering
  Resolves: RHEL-35945
 * Mon Apr 08 2024 Jan Jansky <jjansky@redhat.com> = 4.7.1-1
 - rebase to upstream 4.7.1
  Resolves: RHEL-32104
 * Tue Feb 20 2024 Jan Jansky <jjansky@redhat.com> = 4.7.0-1
 - rebase to upstream 4.7.0
  Resolves: RHEL-26111
 * Thu Jan 11 2024 Pavel Moravec <pmoravec@redhat.com> = 4.6.1-1
 - rebase to upstream 4.6.1
  Resolves: RHEL-21173
 - [redhat] Change authentication method for RHEL
  Resolves: RHEL-21177
 * Wed Oct 18 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-5
  [pulpcore] Scrub AUTH_LDAP_BIND_PASSWORD value
  Resolves: RHEL-13697
 * Tue Oct 17 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-4
 - [pulp] Fix dynaconf obfuscation and add AUTH_LDAP_BIND_PASSWORD
  Resolves: RHEL-13697
 * Fri Sep 01 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-2
 - [openshift_ovn] Collect additional ovnkube node logs
  Resolves: SUPDEV145
`@ -1,2 +1,2 @@`
	`SOURCES/sos-4.10.2.tar.gz`	`SOURCES/sos-4.6.0.tar.gz`
	`SOURCES/sos-audit-0.3-1.tgz`	`SOURCES/sos-audit-0.3.tgz`
`@ -1,2 +1,2 @@`
	`b9350b4145cbd8936efe88920a70fcca46824145 SOURCES/sos-4.10.2.tar.gz`	`90d8b664a4e0593d60357342bb5f73af9908e29d SOURCES/sos-4.6.0.tar.gz`
	`00752b68ec5e1141192a9dab7d44377b8d637bf7 SOURCES/sos-audit-0.3-1.tgz`	`9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz`