From d4d4d5509fe4f0e29260b33a1c51bf62297ef0b9 Mon Sep 17 00:00:00 2001 From: Pavel Moravec Date: Tue, 7 Mar 2023 13:16:02 +0100 Subject: [PATCH 1/2] [cleaner] dont clean sys_tmp from final_path When generating location of final tarball, apply cleaner obfuscation to the filename but not to the tmp path itself. Otherwise sos clean --keywords tmp fails in attempt to move file to nonexisting /var/obfuscatedword0 directory. Resolves: #3160 Signed-off-by: Pavel Moravec --- sos/cleaner/__init__.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py index d3e32992..b8e4aafd 100644 --- a/sos/cleaner/__init__.py +++ b/sos/cleaner/__init__.py @@ -400,8 +400,9 @@ third party. cf.write(checksum) self.write_cleaner_log() - final_path = self.obfuscate_string( - os.path.join(self.sys_tmp, arc_path.split('/')[-1]) + final_path = os.path.join( + self.sys_tmp, + self.obfuscate_string(arc_path.split('/')[-1]) ) shutil.move(arc_path, final_path) arcstat = os.stat(final_path) -- 2.39.2 From 622a26ee2faff91df03532892ca386c39e36a5fe Mon Sep 17 00:00:00 2001 From: Pavel Moravec Date: Tue, 7 Mar 2023 17:55:19 +0100 Subject: [PATCH 2/2] [tests] add a test covering #3160 Run the cleaner tests with obfuscating (also) "tmp" to cover files handling under sys_tmp. Related to: #3160 Signed-off-by: Pavel Moravec --- tests/cleaner_tests/existing_archive.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/cleaner_tests/existing_archive.py b/tests/cleaner_tests/existing_archive.py index e13d1cae..7f31f88e 100644 --- a/tests/cleaner_tests/existing_archive.py +++ b/tests/cleaner_tests/existing_archive.py @@ -89,3 +89,22 @@ class ExistingArchiveCleanTest(StageTwoReportTest): """Ensure that the 'testuser1' user created at install is obfuscated """ self.assertFileNotHasContent('var/log/anaconda/journal.log', 'testuser1') + +class ExistingArchiveCleanTmpTest(StageTwoReportTest): + """Continuation of above tests which requires cleaning var / tmp keywords + + Note that this copies heavily from the full_report_run test. + + :avocado: tags=stagetwo + """ + + sos_cmd = '-v --keywords var,tmp,avocado --disable-parsers ip,ipv6,mac,username \ + --no-update tests/test_data/%s.tar.xz' % ARCHIVE + sos_component = 'clean' + + def test_sys_tmp_not_obfuscated(self): + """ Ensure that keywords var, tmp and avocado remains in the final archive + path despite they are parts of the --tmp-dir + """ + self.assertTrue(self.archive.startswith(os.getenv('AVOCADO_TESTS_COMMON_TMPDIR'))) + -- 2.39.2