diff options
-rw-r--r-- | sos/plugins/openshift.py | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/sos/plugins/openshift.py b/sos/plugins/openshift.py index b4d6efa9..5b1a11f0 100644 --- a/sos/plugins/openshift.py +++ b/sos/plugins/openshift.py @@ -38,7 +38,7 @@ class Openshift(Plugin, RedHatPlugin): def setup(self): self.add_copy_specs([ "/etc/openshift-enterprise-release", - "/var/log/openshift/", + "/var/log/openshift", "/etc/openshift/*.conf", "/etc/openshift/upgrade", ]) @@ -62,11 +62,10 @@ class Openshift(Plugin, RedHatPlugin): if self.is_node(): self.add_copy_specs([ "/etc/openshift/node-plugins.d/*.conf", + "/etc/openshift/cart.conf.d", "/etc/openshift/iptables.*.rules", - "/etc/openshift/web-proxy-config.json", "/etc/openshift/env", - "/etc/openshift/cart.conf.d", - "/opt/%s/%s/root/etc/mcollective/" % (self.vendor, self.ruby), + "/opt/%s/%s/root/etc/mcollective" % (self.vendor, self.ruby), "/var/log/httpd/openshift_log", "/var/log/mcollective.log", "/var/log/node-web-proxy/access.log", @@ -83,16 +82,28 @@ class Openshift(Plugin, RedHatPlugin): ]) def postproc(self): + # Redact broker's MongoDB credentials: + # MONGO_PASSWORD="PasswordForOpenshiftUser" self.do_file_sub('/etc/openshift/broker.conf', - r"(MONGO_PASSWORD=)(.*)", + r"(MONGO_PASSWORD\s*=\s*)(.*)", r"\1*******") + # Redact session SHA keys: + # SESSION_SECRET=0c31...a7c8 self.do_file_sub('/etc/openshift/broker.conf', - r"(SESSION_SECRET=)(.*)", + r"(SESSION_SECRET\s*=\s*)(.*)", r"\1*******") - self.do_file_sub('/etc/openshift/console.conf', - r"(SESSION_SECRET=)(.*)", + r"(SESSION_SECRET\s*=\s*)(.*)", r"\1*******") + # Redact passwords of the form: + # plugin.activemq.pool.1.password = Pa$sW0Rd + self.doRegexSub("/opt/%s/%s/root/etc/mcollective/server.cfg" % (self.vendor, self.ruby), + r"(.*password\s*=\s*)\S+", + r"\1********") + self.doRegexSub("/opt/%s/%s/root/etc/mcollective/client.cfg" % (self.vendor, self.ruby), + r"(.*password\s*=\s*)\S+", + r"\1********") + # vim: et ts=4 sw=4 |