diff options
| author | Pavel Moravec <pmoravec@redhat.com> | 2021-06-22 12:58:03 +0200 |
|---|---|---|
| committer | Jake Hunsaker <jhunsake@redhat.com> | 2021-06-22 11:09:25 -0400 |
| commit | 94b9b90c818eb18f0ca8d78fe063dc5b0677c885 (patch) | |
| tree | 7f1c5e1cf24b046ee54525cb9c413dc8b7b361cb | |
| parent | 98c3e33deac1b3a7214f46059867947c4a04f63d (diff) | |
| download | sos-94b9b90c818eb18f0ca8d78fe063dc5b0677c885.tar.gz | |
[rhui] add plugin to RHUI
Add a new/revoked plugin for RHUI (newly based on python3 and pulp-3).
Edditionally, collect /etc/pki/pulp certificates except for RSA keys.
Resolves: #2590
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
| -rw-r--r-- | sos/report/plugins/pulpcore.py | 7 | ||||
| -rw-r--r-- | sos/report/plugins/rhui.py | 49 |
2 files changed, 55 insertions, 1 deletions
diff --git a/sos/report/plugins/pulpcore.py b/sos/report/plugins/pulpcore.py index ccaac318..77ceacb9 100644 --- a/sos/report/plugins/pulpcore.py +++ b/sos/report/plugins/pulpcore.py @@ -77,7 +77,12 @@ class PulpCore(Plugin, IndependentPlugin): def setup(self): self.parse_settings_config() - self.add_copy_spec("/etc/pulp/settings.py") + self.add_copy_spec([ + "/etc/pulp/settings.py", + "/etc/pki/pulp/*" + ]) + # skip collecting certificate keys + self.add_forbidden_path("/etc/pki/pulp/*.key") self.add_cmd_output("rq info -u redis://localhost:6379/8", env={"LC_ALL": "en_US.UTF-8"}, diff --git a/sos/report/plugins/rhui.py b/sos/report/plugins/rhui.py new file mode 100644 index 00000000..7acd3f49 --- /dev/null +++ b/sos/report/plugins/rhui.py @@ -0,0 +1,49 @@ +# Copyright (C) 2021 Red Hat, Inc., Pavel Moravec <pmoravec@redhat.com> + +# This file is part of the sos project: https://github.com/sosreport/sos +# +# This copyrighted material is made available to anyone wishing to use, +# modify, copy, or redistribute it subject to the terms and conditions of +# version 2 of the GNU General Public License. +# +# See the LICENSE file in the source distribution for further information. + +from sos.report.plugins import Plugin, RedHatPlugin + + +class Rhui(Plugin, RedHatPlugin): + + short_desc = 'Red Hat Update Infrastructure' + + plugin_name = "rhui" + commands = ("rhui-manager",) + files = ("/etc/ansible/facts.d/rhui_auth.fact", "/usr/lib/rhui/cds.py") + + def setup(self): + self.add_copy_spec([ + "/etc/rhui/rhui-tools.conf", + "/etc/rhui/registered_subscriptions.conf", + "/etc/pki/rhui/*", + "/var/log/rhui-subscription-sync.log", + "/var/cache/rhui/*", + "/root/.rhui/*", + ]) + # skip collecting certificate keys + self.add_forbidden_path("/etc/pki/rhui/*.key") + + self.add_cmd_output([ + "rhui-manager status", + "rhui-manager cert info", + "ls -lR /var/lib/rhui/remote_share", + ]) + + def postproc(self): + # obfuscate admin_pw and secret_key values + for prop in ["admin_pw", "secret_key"]: + self.do_path_regex_sub( + "/etc/ansible/facts.d/rhui_auth.fact", + r"(%s\s*=\s*)(.*)" % prop, + r"\1********") + + +# vim: set et ts=4 sw=4 : |