.gitignore

@@ -1,2 +1,2 @@
-SOURCES/sos-4.7.1.tar.gz
+SOURCES/sos-4.6.1.tar.gz
 SOURCES/sos-audit-0.3.tgz

.sos.metadata

@@ -1,2 +1,2 @@
-9ced981872d308e13c5dc47fee21071592ceefc2 SOURCES/sos-4.7.1.tar.gz
+b6999d34ade3b3d0b88390ab525d31c6a8dc2950 SOURCES/sos-4.6.1.tar.gz
 9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz

SOURCES/sos-RHEL-21178-device-auth.patch

@@ -0,0 +1,502 @@
+From c1a08482f9f724395102be22d94382cbda14dbce Mon Sep 17 00:00:00 2001
+From: Jose Castillo <jcastillo@redhat.com>
+Date: Mon, 9 Oct 2023 16:28:15 +0100
+Subject: [PATCH] [redhat] Change authentication method for RHEL
+
+The authentication method for RHEL uploads to the
+customer portal is changing in 2024 to Device Auth
+tokens, from user/password basic authorization.
+To accomplish this, one new class is created:
+DeviceAuth (deviceauth.py), that takes care of
+managing OID token authentication.
+
+Closes: RH: SUPDEV-63
+
+Signed-off-by: Jose Castillo <jcastillo@redhat.com>
+---
+ sos/policies/auth/__init__.py  | 210 +++++++++++++++++++++++++++++++++
+ sos/policies/distros/redhat.py | 121 ++++++++++++++-----
+ 2 files changed, 300 insertions(+), 31 deletions(-)
+ create mode 100644 sos/policies/auth/__init__.py
+
+diff --git a/sos/policies/auth/__init__.py b/sos/policies/auth/__init__.py
+new file mode 100644
+index 000000000..5b62a4953
+--- /dev/null
++++ b/sos/policies/auth/__init__.py
+@@ -0,0 +1,210 @@
++# Copyright (C) 2023 Red Hat, Inc., Jose Castillo <jcastillo@redhat.com>
++
++# This file is part of the sos project: https://github.com/sosreport/sos
++#
++# This copyrighted material is made available to anyone wishing to use,
++# modify, copy, or redistribute it subject to the terms and conditions of
++# version 2 of the GNU General Public License.
++#
++# See the LICENSE file in the source distribution for further information.
++
++import logging
++try:
++    import requests
++    REQUESTS_LOADED = True
++except ImportError:
++    REQUESTS_LOADED = False
++import time
++from datetime import datetime, timedelta
++
++DEVICE_AUTH_CLIENT_ID = "sos-tools"
++GRANT_TYPE_DEVICE_CODE = "urn:ietf:params:oauth:grant-type:device_code"
++
++logger = logging.getLogger("sos")
++
++
++class DeviceAuthorizationClass:
++    """
++    Device Authorization Class
++    """
++
++    def __init__(self, client_identifier_url, token_endpoint):
++
++        self._access_token = None
++        self._access_expires_at = None
++        self.__device_code = None
++
++        self.client_identifier_url = client_identifier_url
++        self.token_endpoint = token_endpoint
++        self._use_device_code_grant()
++
++    def _use_device_code_grant(self):
++        """
++        Start the device auth flow. In the future we will
++        store the tokens in an in-memory keyring.
++
++        """
++
++        self._request_device_code()
++        print(
++            "Please visit the following URL to authenticate this"
++            f" device: {self._verification_uri_complete}"
++        )
++        self.poll_for_auth_completion()
++
++    def _request_device_code(self):
++        """
++        Initialize new Device Authorization Grant attempt by
++        requesting a new device code.
++
++        """
++        data = "client_id={}".format(DEVICE_AUTH_CLIENT_ID)
++        headers = {'content-type': 'application/x-www-form-urlencoded'}
++        if not REQUESTS_LOADED:
++            raise Exception("python3-requests is not installed and is required"
++                            " for obtaining device auth token.")
++        try:
++            res = requests.post(
++                self.client_identifier_url,
++                data=data,
++                headers=headers)
++            res.raise_for_status()
++            response = res.json()
++            self._user_code = response.get("user_code")
++            self._verification_uri = response.get("verification_uri")
++            self._interval = response.get("interval")
++            self.__device_code = response.get("device_code")
++            self._verification_uri_complete = response.get(
++                "verification_uri_complete")
++        except requests.HTTPError as e:
++            raise requests.HTTPError("HTTP request failed "
++                                     "while attempting to acquire the tokens."
++                                     f"Error returned was {res.status_code} "
++                                     f"{e}")
++
++    def poll_for_auth_completion(self):
++        """
++        Continuously poll OIDC token endpoint until the user is successfully
++        authenticated or an error occurs.
++
++        """
++        token_data = {'grant_type': GRANT_TYPE_DEVICE_CODE,
++                      'client_id': DEVICE_AUTH_CLIENT_ID,
++                      'device_code': self.__device_code}
++
++        if not REQUESTS_LOADED:
++            raise Exception("python3-requests is not installed and is required"
++                            " for obtaining device auth token.")
++        while self._access_token is None:
++            time.sleep(self._interval)
++            try:
++                check_auth_completion = requests.post(self.token_endpoint,
++                                                      data=token_data)
++
++                status_code = check_auth_completion.status_code
++
++                if status_code == 200:
++                    logger.info("The SSO authentication is successful")
++                    self._set_token_data(check_auth_completion.json())
++                if status_code not in [200, 400]:
++                    raise Exception(status_code, check_auth_completion.text)
++                if status_code == 400 and \
++                    check_auth_completion.json()['error'] not in \
++                        ("authorization_pending", "slow_down"):
++                    raise Exception(status_code, check_auth_completion.text)
++            except requests.exceptions.RequestException as e:
++                logger.error(f"Error was found while posting a request: {e}")
++
++    def _set_token_data(self, token_data):
++        """
++        Set the class attributes as per the input token_data received.
++        In the future we will persist the token data in a local,
++        in-memory keyring, to avoid visting the browser frequently.
++        :param token_data: Token data containing access_token, refresh_token
++        and their expiry etc.
++        """
++        self._access_token = token_data.get("access_token")
++        self._access_expires_at = datetime.utcnow() + \
++            timedelta(seconds=token_data.get("expires_in"))
++        self._refresh_token = token_data.get("refresh_token")
++        self._refresh_expires_in = token_data.get("refresh_expires_in")
++        if self._refresh_expires_in == 0:
++            self._refresh_expires_at = datetime.max
++        else:
++            self._refresh_expires_at = datetime.utcnow() + \
++                timedelta(seconds=self._refresh_expires_in)
++
++    def get_access_token(self):
++        """
++        Get the valid access_token at any given time.
++        :return: Access_token
++        :rtype: string
++        """
++        if self.is_access_token_valid():
++            return self._access_token
++        else:
++            if self.is_refresh_token_valid():
++                self._use_refresh_token_grant()
++                return self._access_token
++            else:
++                self._use_device_code_grant()
++                return self._access_token
++
++    def is_access_token_valid(self):
++        """
++        Check the validity of access_token. We are considering it invalid 180
++        sec. prior to it's exact expiry time.
++        :return: True/False
++
++        """
++        return self._access_token and self._access_expires_at and \
++            self._access_expires_at - timedelta(seconds=180) > \
++            datetime.utcnow()
++
++    def is_refresh_token_valid(self):
++        """
++        Check the validity of refresh_token. We are considering it invalid
++        180 sec. prior to it's exact expiry time.
++
++        :return: True/False
++
++        """
++        return self._refresh_token and self._refresh_expires_at and \
++            self._refresh_expires_at - timedelta(seconds=180) > \
++            datetime.utcnow()
++
++    def _use_refresh_token_grant(self, refresh_token=None):
++        """
++        Fetch the new access_token and refresh_token using the existing
++        refresh_token and persist it.
++        :param refresh_token: optional param for refresh_token
++
++        """
++        if not REQUESTS_LOADED:
++            raise Exception("python3-requests is not installed and is required"
++                            " for obtaining device auth token.")
++        refresh_token_data = {'client_id': DEVICE_AUTH_CLIENT_ID,
++                              'grant_type': 'refresh_token',
++                              'refresh_token': self._refresh_token if not
++                              refresh_token else refresh_token}
++
++        refresh_token_res = requests.post(self.token_endpoint,
++                                          data=refresh_token_data)
++
++        if refresh_token_res.status_code == 200:
++            self._set_token_data(refresh_token_res.json())
++
++        elif refresh_token_res.status_code == 400 and 'invalid' in\
++                refresh_token_res.json()['error']:
++            logger.warning("Problem while fetching the new tokens from refresh"
++                           " token grant - {} {}."
++                           " New Device code will be requested !".format
++                           (refresh_token_res.status_code,
++                            refresh_token_res.json()['error']))
++            self._use_device_code_grant()
++        else:
++            raise Exception(
++                "Something went wrong while using the "
++                "Refresh token grant for fetching tokens:"
++                f" Returned status code {refresh_token_res.status_code}"
++                f" and error {refresh_token_res.json()['error']}")
+diff --git a/sos/policies/distros/redhat.py b/sos/policies/distros/redhat.py
+index bdbe8f952..02cc4cc2f 100644
+--- a/sos/policies/distros/redhat.py
++++ b/sos/policies/distros/redhat.py
+@@ -12,6 +12,7 @@
+ import os
+ import sys
+ import re
++from sos.policies.auth import DeviceAuthorizationClass
+ 
+ from sos.report.plugins import RedHatPlugin
+ from sos.presets.redhat import (RHEL_PRESETS, ATOMIC_PRESETS, RHV, RHEL,
+@@ -51,6 +52,10 @@ class RedHatPolicy(LinuxPolicy):
+     default_container_runtime = 'podman'
+     sos_pkg_name = 'sos'
+     sos_bin_path = '/usr/sbin'
++    client_identifier_url = "https://sso.redhat.com/auth/"\
++        "realms/redhat-external/protocol/openid-connect/auth/device"
++    token_endpoint = "https://sso.redhat.com/auth/realms/"\
++        "redhat-external/protocol/openid-connect/token"
+ 
+     def __init__(self, sysroot=None, init=None, probe_runtime=True,
+                  remote_exec=None):
+@@ -228,6 +233,7 @@ class RHELPolicy(RedHatPolicy):
+ """ + disclaimer_text + "%(vendor_text)s\n")
+     _upload_url = RH_SFTP_HOST
+     _upload_method = 'post'
++    _device_token = None
+ 
+     def __init__(self, sysroot=None, init=None, probe_runtime=True,
+                  remote_exec=None):
+@@ -266,24 +272,23 @@ def check(cls, remote=''):
+ 
+     def prompt_for_upload_user(self):
+         if self.commons['cmdlineopts'].upload_user:
+-            return
+-        # Not using the default, so don't call this prompt for RHCP
+-        if self.commons['cmdlineopts'].upload_url:
+-            super(RHELPolicy, self).prompt_for_upload_user()
+-            return
+-        if not self.get_upload_user():
+-            if self.case_id:
+-                self.upload_user = input(_(
+-                    "Enter your Red Hat Customer Portal username for "
+-                    "uploading [empty for anonymous SFTP]: ")
+-                )
+-            else:   # no case id provided => failover to SFTP
+-                self.upload_url = RH_SFTP_HOST
+-                self.ui_log.info("No case id provided, uploading to SFTP")
+-                self.upload_user = input(_(
+-                    "Enter your Red Hat Customer Portal username for "
+-                    "uploading to SFTP [empty for anonymous]: ")
+-                )
++            self.ui_log.info(
++                _("The option --upload-user has been deprecated in favour"
++                  " of device authorization in RHEL")
++            )
++        if not self.case_id:
++            # no case id provided => failover to SFTP
++            self.upload_url = RH_SFTP_HOST
++            self.ui_log.info("No case id provided, uploading to SFTP")
++
++    def prompt_for_upload_password(self):
++        # With OIDC we don't ask for user/pass anymore
++        if self.commons['cmdlineopts'].upload_pass:
++            self.ui_log.info(
++                _("The option --upload-pass has been deprecated in favour"
++                  " of device authorization in RHEL")
++            )
++        return
+ 
+     def get_upload_url(self):
+         if self.upload_url:
+@@ -292,10 +297,42 @@ def get_upload_url(self):
+             return self.commons['cmdlineopts'].upload_url
+         elif self.commons['cmdlineopts'].upload_protocol == 'sftp':
+             return RH_SFTP_HOST
++        elif not self.commons['cmdlineopts'].case_id:
++            self.ui_log.info("No case id provided, uploading to SFTP")
++            return RH_SFTP_HOST
+         else:
+             rh_case_api = "/support/v1/cases/%s/attachments"
+             return RH_API_HOST + rh_case_api % self.case_id
+ 
++    def _get_upload_https_auth(self):
++        str_auth = "Bearer {}".format(self._device_token)
++        return {'Authorization': str_auth}
++
++    def _upload_https_post(self, archive, verify=True):
++        """If upload_https() needs to use requests.post(), use this method.
++
++        Policies should override this method instead of the base upload_https()
++
++        :param archive:     The open archive file object
++        """
++        files = {
++            'file': (archive.name.split('/')[-1], archive,
++                     self._get_upload_headers())
++        }
++        # Get the access token at this point. With this,
++        # we cover the cases where report generation takes
++        # longer than the token timeout
++        RHELAuth = DeviceAuthorizationClass(
++                self.client_identifier_url,
++                self.token_endpoint
++            )
++        self._device_token = RHELAuth.get_access_token()
++        self.ui_log.info("Device authorized correctly. Uploading file to "
++                         f"{self.get_upload_url_string()}")
++        return requests.post(self.get_upload_url(), files=files,
++                             headers=self._get_upload_https_auth(),
++                             verify=verify)
++
+     def _get_upload_headers(self):
+         if self.get_upload_url().startswith(RH_API_HOST):
+             return {'isPrivate': 'false', 'cache-control': 'no-cache'}
+@@ -332,15 +369,38 @@ def upload_sftp(self):
+                             " for obtaining SFTP auth token.")
+         _token = None
+         _user = None
++
++        # We may have a device token already if we attempted
++        # to upload via http but the upload failed. So
++        # lets check first if there isn't one.
++        if not self._device_token:
++            try:
++                RHELAuth = DeviceAuthorizationClass(
++                    self.client_identifier_url,
++                    self.token_endpoint
++                )
++            except Exception as e:
++                # We end up here if the user cancels the device
++                # authentication in the web interface
++                if "end user denied" in str(e):
++                    self.ui_log.info(
++                        "Device token authorization "
++                        "has been cancelled by the user."
++                    )
++            else:
++                self._device_token = RHELAuth.get_access_token()
++        if self._device_token:
++            self.ui_log.info("Device authorized correctly. Uploading file to"
++                             f" {self.get_upload_url_string()}")
++
+         url = RH_API_HOST + '/support/v2/sftp/token'
+-        # we have a username and password, but we need to reset the password
+-        # to be the token returned from the auth endpoint
+-        if self.get_upload_user() and self.get_upload_password():
+-            auth = self.get_upload_https_auth()
+-            ret = requests.post(url, auth=auth, timeout=10)
++        ret = None
++        if self._device_token:
++            headers = self._get_upload_https_auth()
++            ret = requests.post(url, headers=headers, timeout=10)
+             if ret.status_code == 200:
+                 # credentials are valid
+-                _user = self.get_upload_user()
++                _user = json.loads(ret.text)['username']
+                 _token = json.loads(ret.text)['token']
+             else:
+                 self.ui_log.debug(
+@@ -351,8 +411,7 @@ def upload_sftp(self):
+                     "Unable to retrieve Red Hat auth token using provided "
+                     "credentials. Will try anonymous."
+                 )
+-        # we either do not have a username or password/token, or both
+-        if not _token:
++        else:
+             adata = {"isAnonymous": True}
+             anon = requests.post(url, data=json.dumps(adata), timeout=10)
+             if anon.status_code == 200:
+@@ -368,7 +427,6 @@ def upload_sftp(self):
+                     f"DEBUG: anonymous request failed (status: "
+                     f"{anon.status_code}): {anon.json()}"
+                 )
+-
+         if _user and _token:
+             return super(RHELPolicy, self).upload_sftp(user=_user,
+                                                        password=_token)
+@@ -380,17 +438,18 @@ def upload_archive(self, archive):
+         """
+         try:
+             if self.upload_url and self.upload_url.startswith(RH_API_HOST) and\
+-              (not self.get_upload_user() or not self.get_upload_password()):
++                    (not self.get_upload_user() or
++                     not self.get_upload_password()):
+                 self.upload_url = RH_SFTP_HOST
+             uploaded = super(RHELPolicy, self).upload_archive(archive)
+-        except Exception:
++        except Exception as e:
+             uploaded = False
+             if not self.upload_url.startswith(RH_API_HOST):
+                 raise
+             else:
+                 self.ui_log.error(
+-                    _(f"Upload to Red Hat Customer Portal failed. Trying "
+-                      f"{RH_SFTP_HOST}")
++                    _(f"Upload to Red Hat Customer Portal failed due to "
++                      f"{e}. Trying {RH_SFTP_HOST}")
+                 )
+                 self.upload_url = RH_SFTP_HOST
+                 uploaded = super(RHELPolicy, self).upload_archive(archive)
+From d338a232cd7c829ca8ca5e5febef51035d1f7da5 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Wed, 10 Jan 2024 16:47:44 +0100
+Subject: [PATCH] [build] Bump version to 4.6.1
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ docs/conf.py    | 4 ++--
+ sos.spec        | 5 ++++-
+ sos/__init__.py | 2 +-
+ 3 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/docs/conf.py b/docs/conf.py
+index 5f105373e..57d1b9297 100644
+--- a/docs/conf.py
++++ b/docs/conf.py
+@@ -59,9 +59,9 @@
+ # built documents.
+ #
+ # The short X.Y version.
+-version = '4.6.0'
++version = '4.6.1'
+ # The full version, including alpha/beta/rc tags.
+-release = '4.6.0'
++release = '4.6.1'
+ 
+ # The language for content autogenerated by Sphinx. Refer to documentation
+ # for a list of supported languages.
+diff --git a/sos.spec b/sos.spec
+index b575b5232..a08e2857b 100644
+--- a/sos.spec
++++ b/sos.spec
+@@ -1,6 +1,6 @@
+ Summary: A set of tools to gather troubleshooting information from a system
+ Name: sos
+-Version: 4.6.0
++Version: 4.6.1
+ Release: 1%{?dist}
+ Source0: https://github.com/sosreport/sos/archive/%{name}-%{version}.tar.gz
+ License: GPL-2.0-or-later
+@@ -90,6 +90,9 @@ rm -rf %{buildroot}/usr/config/
+ %config(noreplace) %{_sysconfdir}/sos/sos.conf
+ 
+ %changelog
++* Wed Jan 10 2024 Pavel Moravec <pmoravec@redhat.com> = 4.6.1
++- New upstream release
++
+ * Thu Aug 17 2023 Jake Hunsaker <jacob.r.hunsaker@gmail.com> = 4.6.0
+ - New upstream release
+ 
+diff --git a/sos/__init__.py b/sos/__init__.py
+index 78e452676..18d18c4c7 100644
+--- a/sos/__init__.py
++++ b/sos/__init__.py
+@@ -14,7 +14,7 @@
+ This module houses the i18n setup and message function. The default is to use
+ gettext to internationalize messages.
+ """
+-__version__ = "4.6.0"
++__version__ = "4.6.1"
+ 
+ import os
+ import sys

SOURCES/sos-RHEL-35945-sos-clean-on-archive.patch

@@ -1,30 +0,0 @@
-From a0c2586e230c9600d3d3f70ab89c9f6eb52ed3ed Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Tue, 23 Apr 2024 11:00:11 +0200
-Subject: [PATCH] [archive] Fix get_archive_root after files reordering
-
-Commit d5d8c21 reordered files in the archive, such that the first
-member is not the archive root directory further more. Let change the
-get_archive_root method accordingly to prevent self.archive_root being
-empty.
-
-Resolves: #3616
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/cleaner/archives/__init__.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sos/cleaner/archives/__init__.py b/sos/cleaner/archives/__init__.py
-index f7c5eb587..0fa1ef43f 100644
---- a/sos/cleaner/archives/__init__.py
-+++ b/sos/cleaner/archives/__init__.py
-@@ -104,7 +104,7 @@ def get_archive_root(self):
-             if toplevel.isdir():
-                 return toplevel.name
-             else:
--                return os.sep
-+                return os.path.dirname(toplevel.name) or os.sep
-         return os.path.abspath(self.archive_path)
- 
-     def report_msg(self, msg):

SOURCES/sos-almalinux-branding.patch

@@ -0,0 +1,36 @@
+diff -aruN sos-4.3/sos/policies/distros/redhat.py sos-4.3.alma/sos/policies/distros/redhat.py
+--- sos-4.3/sos/policies/distros/redhat.py	2022-02-15 07:20:20.000000000 +0300
++++ sos-4.3.alma/sos/policies/distros/redhat.py	2022-10-24 10:54:24.000000000 +0300
+@@ -435,6 +435,16 @@
+     vendor_urls = [('Community Website', 'https://www.centos.org/')]
+ 
+ 
++class AlmaLinuxPolicy(RHELPolicy):
++    distro = "AlmaLinux"
++    vendor = "AlmaLinux OS Foundation"
++    vendor_urls = [
++        ('Distribution Website', 'https://www.almalinux.org/'),
++        ('Commercial Support', 'https://tuxcare.com/linux-support-services/')
++    ]
++
++
++
+ class RedHatAtomicPolicy(RHELPolicy):
+     distro = "Red Hat Atomic Host"
+     msg = _("""\
+@@ -592,6 +602,15 @@
+     vendor_urls = [('Community Website', 'https://www.centos.org/')]
+ 
+ 
++class AlmaLinuxAtomicPolicy(RedHatAtomicPolicy):
++    distro = "AlmaLinux Atomic Host"
++    vendor = "AlmaLinux OS Foundation"
++    vendor_urls = [
++        ('Distribution Website', 'https://www.almalinux.org/'),
++        ('Commercial Support', 'https://tuxcare.com/linux-support-services/')
++    ]
++
++
+ class FedoraPolicy(RedHatPolicy):
+     """
+     The policy for Fedora based systems, regardless of spin/edition. This

SPECS/sos.spec

@@ -4,8 +4,8 @@
 
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
-Version: 4.7.1
-Release: 2%{?dist}
+Version: 4.6.1
+Release: 1%{?dist}.alma.1
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
 Source1: sos-audit-%{auditversion}.tgz
@@ -21,8 +21,11 @@ Recommends: python3-magic
 Recommends: python3-pexpect
 Recommends: python3-pyyaml
 Conflicts: vdsm < 4.40
-Obsoletes: sos-collector
-Patch1: sos-RHEL-35945-sos-clean-on-archive.patch
+Obsoletes: sos-collector <= 1.9
+Patch1: sos-RHEL-21178-device-auth.patch
+
+# AlmaLinux patches
+Patch1000: sos-almalinux-branding.patch
 
 %description
 Sos is a set of tools that gathers information about system
@@ -35,51 +38,52 @@ support technicians and developers.
 %setup -T -D -a1 -q
 %patch1 -p1
 
+# AlmaLinux patches
+%patch1000 -p1
 
 %build
 %py3_build         
 
 %install
 %py3_install '--install-scripts=%{_sbindir}'
-rm -f %{buildroot}/usr/config/sos.conf
-rm -f %{buildroot}/usr/config/tmpfilesd-sos-rh.conf
-install -Dm644 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+
+install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}
+install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/cleaner
+install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/presets.d
+install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/groups.d
+install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/extras.d
 install -d -m 755 %{buildroot}%{_sysconfdir}/tmpfiles.d/
+install -m 644 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
 install -m 644 tmpfiles/tmpfilesd-sos-rh.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf
 
+rm -rf %{buildroot}/usr/config/
+
 %find_lang %{name} || echo 0
 
 cd %{name}-audit-%{auditversion}
 DESTDIR=%{buildroot} ./install.sh
 cd ..
 
-mkdir -p %{buildroot}%{_sysconfdir}/sos/{cleaner,presets.d,extras.d,groups.d}
-
 # internationalization is currently broken. Uncomment this line once fixed.
 # %%files -f %%{name}.lang
 %files
-%{_sbindir}/sosreport
 %{_sbindir}/sos
+%{_sbindir}/sosreport
 %{_sbindir}/sos-collector
+#%dir /etc/sos/cleaner
 %dir /etc/sos/presets.d
 %dir /etc/sos/extras.d
 %dir /etc/sos/groups.d
-/etc/tmpfiles.d/%{name}.conf
+%{_sysconfdir}/tmpfiles.d/%{name}.conf
 %{python3_sitelib}/*
-%{_mandir}/man1/sosreport.1.gz
-%{_mandir}/man1/sos-clean.1.gz
-%{_mandir}/man1/sos-collect.1.gz
-%{_mandir}/man1/sos-collector.1.gz
-%{_mandir}/man1/sos-help.1.gz
-%{_mandir}/man1/sos-mask.1.gz
-%{_mandir}/man1/sos-report.1.gz
-%{_mandir}/man1/sos.1.gz
+%{_mandir}/man1/*
 %{_mandir}/man5/sos.conf.5.gz
 %doc AUTHORS README.md
 %license LICENSE
 %config(noreplace) %{_sysconfdir}/sos/sos.conf
 %config(noreplace) %{_sysconfdir}/sos/cleaner
 
+
 %package audit
 Summary: Audit use of some commands for support purposes
 License: GPLv2+
@@ -89,7 +93,7 @@ Group: Application/System
 
 Sos-audit provides configuration files for the Linux Auditing System
 to track the use of some commands capable of changing the configuration
-of the system. Currently storage and filesystem commands are audited.
+of the system.  Currently storage and filesystem commands are audited.
 
 %post audit
 %{_sbindir}/sos-audit.sh
@@ -106,407 +110,302 @@ of the system. Currently storage and filesystem commands are audited.
 %ghost /etc/audit/rules.d/40-sos-filesystem.rules
 %ghost /etc/audit/rules.d/40-sos-storage.rules
 
+
 %changelog
-* Thu May 09 2024 Pavel Moravec <pmoravec@redhat.com> = 4.7.1-2
-- [archive] Fix get_archive_root after files reordering
-  Resolves: RHEL-35945
-
-* Mon Apr 08 2024 Jan Jansky <jjansky@redhat.com> = 4.7.1-1
-- rebase to upstream 4.7.1
-  Resolves: RHEL-32104
-
-* Tue Feb 20 2024 Jan Jansky <jjansky@redhat.com> = 4.7.0-1
-- rebase to upstream 4.7.0
-  Resolves: RHEL-26111
+* Thu Feb 08 2023 Eduard Abdullin <eabdullin@almalinux.org> - 4.6.1-1.alma.1
+- Debrand for AlmaLinux
 
 * Thu Jan 11 2024 Pavel Moravec <pmoravec@redhat.com> = 4.6.1-1
 - rebase to upstream 4.6.1
-  Resolves: RHEL-21173
+  Resolves: RHEL-21174
 - [redhat] Change authentication method for RHEL
-  Resolves: RHEL-21177
+  Resolves: RHEL-21178
 
 * Wed Oct 18 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-5
   [pulpcore] Scrub AUTH_LDAP_BIND_PASSWORD value
-  Resolves: RHEL-13697
+  Resolves: RHEL-13701
 
 * Tue Oct 17 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-4
 - [pulp] Fix dynaconf obfuscation and add AUTH_LDAP_BIND_PASSWORD
-  Resolves: RHEL-13697
+  Resolves: RHEL-13701
+
+* Thu Oct 12 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-3
+- [greenboot] seperate logs to a standalone plugin; enhance [microshift]
+  Resolves: SUPDEV148
 
 * Fri Sep 01 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-2
 - [openshift_ovn] Collect additional ovnkube node logs
   Resolves: SUPDEV145
 
 * Wed Aug 23 2023 Jan Jansky <jjansky@redhat.com> = 4.6.0-1
+- [ultrapath] Add new plugin for Huawei UltraPath
+  Resolves: bz2187407
 - [cleaner] Use data filter for extraction
-  Resolves: bz2218873
+  Resolves: bz2217906
+- [discovery] Enable the plugin by containers
+  Resolves: bz2222134
 
 * Thu Jul 27 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.6-1
-- Rebase sos to 4.5.6
-  Resolves: bz2226724
-
-* Fri Jul 14 2023 Jan Jansky <jjansky@redhat.com> = 4.5.5-2
-- Adding patch for mac obfuscation
-  Resolves: bz2218279
-  Resolves: bz2216608
-  Resolves: bz2207562
-
+- Collect db files for ovn interconnect environment
+  Resolves: bz2226682
+* Fri Jul 14 2023 Jan Jansky <jjansky@redhat.com> - 4.5.5-2
+- Adding patch for cleaning mac addresses
+  Resolves: bz2217943
 * Mon Jul 03 2023 Jan Jansky <jjansky@redhat.com> = 4.5.5-1
-- [clean] Respect permissions of sanitised files
-  Resolves: bz2218279
-- [plugin] Fix exception when calling os.makedirs
-  Resolves: bz2216608
-- [cleaner] Enhance trailing characters list after AMC address
-  Resolves: bz2207562
+- Rebase on upstream 4.5.5
+  Resolves: bz2217943
 
-* Thu Jun 01 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.4-1
-- [plugins] collect strings before commands
-  Resolves: bz2203141
-- [collector] collect report from primary node if in node_list
-  Resolves: bz2186460
-- [powerpc] collect invscout logs
-  Resolves: bz2210543
-- [rhc] New plugin for RHC
-  Resolves: bz2196649
+* Tue May 31 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.4-1
+- [specfile] add runtime requirement to python3-setuptools
+  Resolves: bz2207776
 
-* Fri May 05 2023 Jan Jansky <jjansky@redhat.com> = 4.5.3-1
+* Thu May 04 2023 Jan Jansky <jjansky@redhat.com> = 4.5.3-1
+- [unpackaged] Print unpackaged symlinks instead of targets
+  Resolves: bz2169684
 - [report] Ignore case when scrubbing via do_file_sub
-  Resolves: bz2143272
-- [subscription_manager] Scrub proxy passwords from repo_server_val
-  Resolves: bz2177282
-- [virsh] Scrub passwords in virt-manager logs
-  Resolves: bz2184062
-
+  Resolves: bz2174254
+- [powerpc]: To collect lparnumascore logs
+  Resolves: bz2177984
 * Wed Mar 08 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.1-3
 - Rebase on upstream 4.5.1
-  Resolves: bz2175806
-- [composer] Capure /etc/osbuild-composer file
-  Resolves: bz2169776
-- [ostree] Collect "ostree fsck" under plugin specific opt
-  Resolves: bz2161533
-- [iprconfig] guard whole plugin by sg kmod predicate
-  Resolves: bz2176086
-- [cleaner] dont clean sys_tmp from final_path
-  Resolves: bz2176218
+  Resolves: bz2175808
+- [microshift] Fix microshift get and add commands
+  Resolves: bz2175650
 
 * Tue Feb 07 2023 Pavel Moravec <pmoravec@redhat.com> = 4.5.0-1
 - Rebase on upstream 4.5.0
-  Resolves: bz2082614
+  Resolves: bz2082615
 
 * Thu Nov 03 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-4
 - [ocp] Add newly required labels to temp OCP namespace
-  Resolves: bz2130922
+  Resolves: bz2130976
 
 * Fri Oct 28 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-3
 - [cleaner] Apply compile_regexes after a regular parse line
-  Resolves: bz2138173
+  Resolves: bz2138174
 
 * Thu Sep 22 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-2
 - [utilities] Relax from hard dependency of python3-magic
-  Resolves: bz2129038
+  Resolves: bz2126089
 - [dnf] Collect legacy yum config symlinks, properly obfuscate pwds
-  Resolves: bz2100154
+  Resolves: bz2125499
 
 * Fri Sep 09 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-1
 - Rebase on upstream 4.4
-  Resolves: bz2082614
+  Resolves: bz2082615
 - [redhat] Honour credential-less --upload-url on RedHat distro properly
-  Resolves: bz2059572
-- [sos] Fix unhandled exception when concurrently removing temp dir
-  Resolves: bz2088439
-- [specfile] drop python3-libxml2 dependency
-  Resolves: bz2125486
+  Resolves: bz2059573
 - [md] Restrict data capture to raid members
-  Resolves: bz2125485
-- [cleaner] Use compiled regex lists for parsers by default
-  Resolves: bz2043233
-- [cgroups] not collect memory.kmem.slabinfo
-  Resolves: bz1995120
-- [report] Fix loop devices data gathering
-  Resolves: bz2010735
-- [insights] Collect /var/lib/insights
-  Resolves: bz2103233
-- [candlepin] collect information about SCA
-  Resolves: bz2060925
-- [manpages] Clarify --upload-directory applicable to FTP protocol only
-  Resolves: bz2063259
-- [cleaner] Dont obfuscate tmpdir path of local private_map
-  Resolves: bz2064815
-- [fibrechannel] collect Cisco fnic statistics
-  Resolves: bz2074715
-- [pulpcore] Collect db_tables_sizes
-  Resolves: bz2081433
-- [fibrechannel]: Update fibrechannel plugin to collect HBA logs
-  Resolves: bz2089591
-- [arcconf]: Update arcconf plugin to collect UART logs
-  Resolves: bz2090283
-- [pulpcore] Stop collecting commands relevant to old taskig system
-  Resolves: bz2093191
-- [dnf,yum] Merge plugins into dnf, remove yum plugin
-  Resolves: bz2100154
-- [policies] Simplify flow in _container_init()
-  Resolves: bz2100480
-- [pacemaker] Update collect cluster profile for pacemaker
-  Resolves: bz2065821
+  Resolves: bz2062283
+- [sos] Fix unhandled exception when concurrently removing temp dir
+  Resolves: bz2088440
 
 * Mon Aug 29 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-3
 - [vdsm] Set LVM option use_devicesfile=0
-  Resolves: bz2093993
+  Resolves: bz2122355
 - [Plugin] Make forbidden path checks more efficient
-  Resolves: bz2099598
+  Resolves: bz2122354
 
 * Thu Jun 16 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-2
-- [ovirt] answer files: Filter out all password keys
-  Resolves: bz2095263
-- [plugins] Allow 'str' PlugOpt type to accept any value
-  Resolves: bz2079485
-- [tigervnc] Update collections for newer versions of TigerVNC
-  Resolves: bz2062908
-- [pacemaker] Redesign node enumeration logic
-  Resolves: bz2065805
-- crio: switch from parsing output in table format to json
-  Resolves: bz2092969
-- [report] Honor plugins' hardcoded plugin_timeout
-  Resolves: bz2079187
-- [report] --list-plugins should report used, not default,
-  Resolves: bz2079484
+- [ocp, openshift] Re-align API collection options and rename
+  Resolves: bz2065563
 - [utilities] Close file only when storing to file
-  Resolves: bz2079486
-- [presets] Adjust OCP preset options, more OCP backports
-  Resolves: bz2058279
+  Resolves: bz2079492
+- [report] --list-plugins should report used, not default,
+  Resolves: bz2079490
+- [report] Honor plugins' hardcoded plugin_timeout
+  Resolves: bz2079188
+- crio: switch from parsing output in table format to json
+  Resolves: bz2097674
+- [pacemaker] Redesign node enumeration logic
+  Resolves: bz2082914
+- [tigervnc] Update collections for newer versions of TigerVNC
+  Resolves: bz2066181
+- [plugins] Allow 'str' PlugOpt type to accept any value
+  Resolves: bz2079491
+- [ovirt] answer files: Filter out all password keys
+  Resolves: bz2095267
 
-* Mon Apr 04 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-1
+* Thu Mar 24 2022 Pavel Moravec <pmoravec@redhat.com> = 4.3-1
 - Rebase on upstream 4.3
-  Resolves: bz2055002
+  Resolves: 2055003
 - [sapnw] Fix IndexError exception
-  Resolves: bz1992938
+  Resolves: 2065551
+- [subscription_manager] collect syspurpose data via sub-man
+  Resolves: 2002333
 - [Plugin, utilities] Allow writing command output directly to disk
-  Resolves: bz1726023
+  Resolves: 2065564
 - [Ceph] Add support for containerized Ceph setup
-  Resolves: bz1882544
+  Resolves: 2065562
 - [unbound] Add new plugin for Unbound DNS resolver
-  Resolves: bz2018228
+  Resolves: 2065560
 - [discovery] Add new discovery plugin
-  Resolves: bz2018549
-- [vdsm] Exclude /var/lib/vdsm/storage/transient_disks
-  Resolves: bz2029154
+  Resolves: 2065558
+- [system] Collect glibc tuning decisions
+  Resolves: 2032913
 
 * Wed Feb 23 2022 Pavel Moravec <pmoravec@redhat.com> = 4.2-15
 - [sosnode] Handle downstream versioning for runtime option
-  Resolves: bz2036697
+  Resolves: bz2037350
 - [options] Fix logging on plugopts in effective sos command
-  Resolves: bz2054882
+  Resolves: bz2054883
 - [report] Honor plugins' hardcoded plugin_timeout
-  Resolves: bz2055547
+  Resolves: bz2055548
 - [policies] Set fallback to None sysroot, don't chroot to '/'
-  Resolves: bz1873185
+  Resolves: bz2011537
 - [ovn_central] Rename container responsable of Red Hat
-  Resolves: bz2042966
+  Resolves: bz2043488
 
 * Wed Jan 26 2022 Pavel Moravec <pmoravec@redhat.com> = 4.2-13
 - [virsh] Catch parsing exception
-  Resolves: bz2041488
+  Resolves: bz2041855
 
 * Tue Jan 25 2022 Pavel Moravec <pmoravec@redhat.com> = 4.2-12
 - [foreman] Use psql-msgpack-decode wrapper for dynflow >= 1.6
-  Resolves: bz2043102
+  Resolves: bz2043104
 - [virsh] Call virsh commands in the foreground / with a TTY
-  Resolves: bz2041488
+  Resolves: bz2041855
 - [ovn_central] Account for Red Hat ovn package naming
-  Resolves: bz2042966
+  Resolves: bz2043488
 - [clean,parsers] Build regex lists for static items only once
-  Resolves: bz2036697
+  Resolves: bz2037350
 
 * Mon Jan 10 2022 Pavel Moravec <pmoravec@redhat.com> = 4.2-11
 - [report] Add journal logs for NetworkManager plugin
-  Resolves: bz2036697
+  Resolves: bz2037350
 
 * Fri Jan 07 2022 Pavel Moravec <pmoravec@redhat.com> = 4.2-9
 - add oc transport, backport various PRs for OCP
-  Resolves: bz2036697
+  Resolves: bz2037350
 - [report] Provide better warning about estimate-mode
-  Resolves: bz1873185
+  Resolves: bz2011537
 - [hostname] Fix loading and detection of long base domains
-  Resolves: bz2023867
+  Resolves: bz2024893
 
 * Sun Dec 19 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-8
 - [rhui] New log folder
-  Resolves: bz2030741
+  Resolves: bz2031777
 - nvidia]:Patch to update nvidia plugin for GPU info
-  Resolves: bz2025403
+  Resolves: bz2034001
 - [hostname] Fix edge case for new hosts in a known subdomain
-  Resolves: bz2023867
+  Resolves: bz2024893
 
 * Wed Dec 08 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-7
 - [hostname] Simplify case matching for domains
-  Resolves: bz2023867
+  Resolves: bz2024893
 
 * Tue Nov 30 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-6
 - [redhat] Fix broken URI to upload to customer portal
-  Resolves: bz2025610
+  Resolves: bz2025611
 
 * Mon Nov 22 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-5
 - [clean,hostname_parser] Source /etc/hosts for obfuscation
-  Resolves: bz2023867
+  Resolves: bz2024893
 - [clean, hostname] Fix unintentionally case sensitive
-  Resolves: bz2023863
+  Resolves: bz2024892
 - [redhat] update SFTP API version to v2
-  Resolves: bz2025610
+  Resolves: bz2025611
 
 * Tue Nov 16 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-4
 - [report] Calculate sizes of dirs, symlinks and manifest in
-  Resolves: bz1873185
+  Resolves: bz2011537
 - [report] shutdown threads for timeouted plugins
-  Resolves: bz2012857
+  Resolves: bz2012859
 - [report] fix filter_namespace per pattern
-  Resolves: bz2020777
+  Resolves: bz2020778
 - Ensure specific plugin timeouts are only set
-  Resolves: bz2018033
+  Resolves: bz2023481
 
 * Wed Nov 03 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-2
 - [firewall_tables] call iptables -t <table> based on nft
-  Resolves: bz2005195
+  Resolves: bz2011536
 - [report] Count with sos_logs and sos_reports in
-  Resolves: bz1873185
+  Resolves: bz2011537
 - [foreman] Collect puma status and stats
-  Resolves: bz2011506
+  Resolves: bz2011507
 - [report] Overwrite pred=None before refering predicate
-  Resolves: bz2012856
+  Resolves: bz2012858
 - [openvswitch] add commands for offline analysis
-  Resolves: bz2004929
+  Resolves: bz2019697
 
 * Wed Oct 06 2021 Pavel Moravec <pmoravec@redhat.com> = 4.2-1
 - Rebase on upstream 4.2
-  Resolves: bz1998133
+  Resolves: bz1998134
 - [report] Implement --estimate-only
-  Resolves: bz1873185
+  Resolves: bz2011537
 - [omnipath_client] Opacapture to run only with allow changes
-  Resolves: bz1998433
+  Resolves: bz2011534
 - [unpackaged] deal with recursive loop of symlinks properly
-  Resolves: bz1998521
+  Resolves: bz2011533
 - [networking] prevent iptables-save commands to load nf_tables
-  Resolves: bz2001096
+  Resolves: bz2011538
 - [kernel] Capture Pressure Stall Information
-  Resolves: bz2002145
+  Resolves: bz2011535
 - [processor] Apply sizelimit to /sys/devices/system/cpu/cpuX
-  Resolves: bz2011413
+  Resolves: bz1869561
 
-* Wed Aug 11 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-5
+* Wed Aug 11 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-8
 - [report,collect] unify --map-file arguments
-  Resolves: bz1923938
+  Resolves: bz1985985
 - [rhui] add new plugin for RHUI 4
-  Resolves: bz1665947
+  Resolves: bz1992859
 - [username parser] Load usernames from `last` for LDAP users
-  Resolves: bz1985037
+  Resolves: bz1992861
 
-* Mon Jul 26 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-4
-- [options] allow variant option names in config file
-  Resolves: bz1923938
-- [plugins] Set default predicate instead of None
-  Resolves: bz1985986
-- [MigrationResults] collect info about conversions
-  Resolves: bz1959598
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 4.1-7
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Mon Jun 21 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-3
-- [gluster] collect public keys from the right dir
-  Resolves: bz1925419
-- [cleaner] Only skip packaging-based files for the IP parse
-  Resolves: bz1964499
+* Tue Jul 27 2021 Pavel Moravec <pmoravec@redhat.com> - 4.1-6
 - [networking] collect also tc filter show ingress
-  Resolves: bz1886711
-- [archive] skip copying SELinux context for /proc and /sys
-  Resolves: bz1965001
+  Resolves: bz1985976
+- [cleaner] Only skip packaging-based files for the IP parser
+  Resolves: bz1985982
 - [sssd] sssd plugin when sssd-common
-  Resolves: bz1967613
+  Resolves: bz1967718
 - Various OCP/cluster/cleanup enhancements
-  Resolves: bz1973675
+  Resolves: bz1985983
+- [options] allow variant option names in config file
+  Resolves: bz1985985
+- [plugins] Set default predicate instead of None
+  Resolves: bz1938874
+- [MigrationResults] collect info about conversions and
+  Resolves: bz1959779
 
-* Tue May 18 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-2
+* Wed Jun 02 2021 Pavel Moravec <pmoravec@redhat.com> - 4.1-4
+- [archive] skip copying SELinux context for /proc and /sys everytime
+  Resolves: bz1965002
 - Load maps from all archives before obfuscation
-  Resolves: bz1930181
+  Resolves: bz1967110
 - Multiple fixes in man pages
-  Resolves: bz1935603
+  Resolves: bz1967111
 - [ds] Mask password and encryption keys in ldif files
-  Resolves: bz1937298
+  Resolves: bz1967112
 - [report] add --cmd-timeout option
-  Resolves: bz1937418
+  Resolves: bz1967113
 - [cups] Add gathering cups-browsed logs
-  Resolves: bz1939963
+  Resolves: bz1967114
 - [sssd] Collect memory cache / individual logfiles
-  Resolves: bz1940502
+  Resolves: bz1967115
 - Collect ibmvNIC dynamic_debugs
-  Resolves: bz1942276
+  Resolves: bz1967116
 - [pulpcore] add plugin for pulp-3
-  Resolves: bz1956673
+  Resolves: bz1967117
 - [saphana] remove redundant unused argument of get_inst_info
-  Resolves: bz1959413
+  Resolves: bz1967118
 - [networking] Add nstat command support
-  Resolves: bz1961458
+  Resolves: bz1967119
 - [snapper] add a new plugin
-  Resolves: bz1961229
+  Resolves: bz1967120
 
-* Mon Apr 26 2021 Pavel Moravec <pmoravec@redhat.com> = 4.1-1
-- Rebase on upstream 4.1
-  Resolves: bz1928679
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 4.1-4
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 
-* Tue Feb 16 2021 Pavel Moravec <pmoravec@redhat.com> = 4.0-8
-- Automatically create directory for sos-cleaner default_mapping
-  Resolves: bz1923937
+* Thu Apr 01 2021 Pavel Moravec <pmoravec@redhat.com> - 4.1-3
+- adding sos-audit
+- [gluster] Add glusterd public keys and status files
+  Resolves: bz1925419 
 
-* Fri Jan 29 2021 Pavel Moravec <pmoravec@redhat.com> = 4.0-7
-- [kdump] Gather the file kexec-dmesg.log
-  Resolves: bz1887402
-- [Policy] Handle additional FTP authentication issues
-  Resolves: bz1916729
+* Wed Mar 10 2021 Sandro Bonazzola <sbonazzo@redhat.com> - 4.1-1
+- Rebase to 4.1
 
-* Thu Jan 21 2021 Pavel Moravec <pmoravec@redhat.com> = 4.0-6
-- [networking] Collect 'ethtool -e <device>' conditionally only
-  Resolves: bz1917196
-
-* Wed Jan 06 2021 Pavel Moravec <pmoravec@redhat.com> = 4.0-5
-- [component] honour plugopts from config file
-  Resolves: bz1912889
-- [collector] declare sysroot for each component
-  Resolves: bz1912821
-- [plugins] Dont stop collecting by empty specfile when sizelimit=0
-  Resolves: bz1912910
-
-* Mon Jan 04 2021 Pavel Moravec <pmoravec@redhat.com> = 4.0-4
-- [component] Use sysroot from Policy when opts doesn't specify it
-  Resolves: bz1881118
-
-* Mon Dec 14 2020 Pavel Moravec <pmoravec@redhat.com> = 4.0-3
-- [ovirt] collect /etc/pki/ovirt-engine/.truststore
-  Resolves: bz1848095
-- [collector] allow overriding plain --cluster-type
-  Resolves: bz1895316
-- [component] Add log verbosity from presets
-  Resolves: bz1904045
-- [options] Fix --log-size=0 being ignored and unreported
-  Resolves: bz1905657
-- [report] collect broken symlinks
-  Resolves: bz1906598
-
-* Thu Oct 29 2020 Pavel Moravec <pmoravec@redhat.com> = 4.0-2
-- [cleaner] more streamlined sanitize_item method
-  Resolves: bz1827801
-- [openstack_ironic] Missing ironic-inspector configs
-  Resolves: bz1874295
-- Add support to collect hardware component logs
-  Resolves: bz1880372
-- [crio] collect /etc/crio/crio.conf.d/
-  Resolves: bz1881118
-- [policy] Handle additional failure conditions for FTP uploads
-  Resolves: bz1882368
-- [filesys] never collect content of /proc/fs/panfs
-  Resolves: bz1886782
-- [kdump] Collect new kdump logfiles
-  Resolves: bz1887390
-- [stratis] Collect key list and report engine
-  Resolves: bz1888012
-- return tmp-dir with absolute path
-  Resolves: bz1891562
-
-* Tue Oct 13 2020 Pavel Moravec <pmoravec@redhat.com> = 4.0-1
-- Rebase on upstream 4.0
-  Resolves: bz1827801