[cs] Add Certificate System 9 data capture (#1049)

Red Hat Certificate System 9 (Dogtag 10) has been out for a while. This commit adds the ability to capture those logs and config files for each subsystem. Added pki-base because redhat-pki or dogtag-pki do not have to be installed to build a Certificate Authority. Removed "/usr/share/java/pki" check because CS 9 uses the same directory. Signed-off-by: Brian Gribble <bgribble@redhat.com> Signed-off-by: Adam Stokes <battlemidget@users.noreply.github.com>
author: Brian Gribble <83problems@users.noreply.github.com> 2017-06-29 09:31:23 -0400
committer: Adam Stokes <battlemidget@users.noreply.github.com> 2017-06-29 09:31:23 -0400
commit: 67734bcd4faec82e73e4a0e12d7cda87f9b8c49b (patch)
tree: 50e4290632df0148d71311c78b29073e9739eb32
parent: a590f6ebf48b4df6b53c0b257b5948df49e939b9 (diff)
download: sos-67734bcd4faec82e73e4a0e12d7cda87f9b8c49b.tar.gz
1 files changed, 30 insertions, 2 deletions
diff --git a/sos/plugins/cs.py b/sos/plugins/cs.py
index 963804b7..35847a92 100644
--- a/sos/plugins/cs.py
+++ b/sos/plugins/cs.py
@@ -31,7 +31,10 @@ class CertificateSystem(Plugin, RedHatPlugin):
     packages = (
         "redhat-cs",
         "rhpki-common",
-        "pki-common"
+        "pki-common",
+        "redhat-pki",
+        "dogtag-pki",
+        "pki-base"
     )
 
     files = (
@@ -47,12 +50,17 @@ class CertificateSystem(Plugin, RedHatPlugin):
                 len(glob("/var/lib/rhpki-*")):
             return 73
         # 8 should cover dogtag
-        elif self.is_installed("pki-common") or exists("/usr/share/java/pki"):
+        elif self.is_installed("pki-common"):
             return 8
+        elif self.is_installed("redhat-pki") or \
+                self.is_installed("dogtag-pki") or \
+                self.is_installed("pki-base"):
+            return 9
         return False
 
     def setup(self):
         csversion = self.checkversion()
+
         if not csversion:
             self.add_alert("Red Hat Certificate System not found.")
             return
@@ -96,5 +104,25 @@ class CertificateSystem(Plugin, RedHatPlugin):
                 "/var/log/pki-*/transactions",
                 "/var/log/pki-*/system"
             ])
+        if csversion == 9:
+            # Get logs and configs for each subsystem if installed
+            for subsystem in ('ca', 'kra', 'ocsp', 'tks', 'tps'):
+                self.add_copy_spec([
+                    "/var/lib/pki/*/" + subsystem + "/conf/CS.cfg",
+                    "/var/lib/pki/*/logs/" + subsystem + "/system",
+                    "/var/lib/pki/*/logs/" + subsystem + "/transactions",
+                    "/var/lib/pki/*/logs/" + subsystem + "/debug",
+                    "/var/lib/pki/*/logs/" + subsystem + "/selftests.log"
+                ])
+
+            # Common log files
+            self.add_copy_spec([
+                "/var/lib/pki/*/logs/catalina.*",
+                "/var/lib/pki/*/logs/localhost*.log",
+                "/var/lib/pki/*/logs/localhost*.txt",
+                "/var/lib/pki/*/logs/manager*.log",
+                "/var/lib/pki/*/logs/host-manager*.log",
+                "/var/lib/pki/*/logs/tps/tokendb-audit.log"
+            ])
 
 # vim: set et ts=4 sw=4 :
author	Brian Gribble <83problems@users.noreply.github.com>	2017-06-29 09:31:23 -0400
committer	Adam Stokes <battlemidget@users.noreply.github.com>	2017-06-29 09:31:23 -0400
commit	67734bcd4faec82e73e4a0e12d7cda87f9b8c49b (patch)
tree	50e4290632df0148d71311c78b29073e9739eb32
parent	a590f6ebf48b4df6b53c0b257b5948df49e939b9 (diff)
download	sos-67734bcd4faec82e73e4a0e12d7cda87f9b8c49b.tar.gz