| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
| |
Update unittests to reflect 4a594b6dce129f8d9837c0d93768576badf2b2b7
|
| |
|
|
|
|
|
|
| |
This commit brings sos-3.x behaviour into line with earlier
releases and produces captured command output that is consistent
with typical shell redirection use.
Resolves: bz971420
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Avoid collecting kerberos keytabs to prevent unintended
information disclosures. Instead retrieve a list using the klist
command.
Also remove the duplicative collection of this information from
the ipa plug-in (which should only be collecting non-system
keytabs that are specific to the IPA tools).
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The krb5 data collection in the samba plug-in is misplaced. Since
this is collecting information about the system keytab move it
to its own plug-in that can be activated on any kerberos enabled
system.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |\
| |
| | |
Update debian changelog and watch file
|
| | |\
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a default call to rpm -V/--verify for a targeted subset of
packages. This greatly reduces the time taken relative to rpm -Va
while still capturing important diagnostic information.
In future this capability could be made a feature of the
PackageManager class interface and available to all ports/modules.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The samba module calls the wbinfo command to collect user and
group information. This by default will search all domains to
which the host has access. In a large AD environment with a number
of trusted domains this causes the winbindd process to consume
excessive CPU and memory resources.
The Samba developers have commented that fixing this would require
a complete rewrite of the winbind protocol and wbinfo client.
Since listing out the _entire_ set of visible users is unlikely
to be of any use anyway pass the --domain='.' option to restrict
the search to the current domain of the system.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| | |
Now that sosreport is in Debian unstable and Ubuntu 13.10 update the readme to reflect a more 'official' way to install this application
|
| | |
| |
| |
| |
| |
| | |
release.
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| |/
|
|
| |
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| |\
| |
| | |
Add support for distutils
|
| |/
|
|
|
|
|
|
|
|
| |
- We are planning on moving to python distutils for future packaging
however, we still want to keep our current build infrastructure around
until we are able to test the builds overtime. For now distutils will
live alongside the current build process and slowly replace the Makefiles
once deemed fit.
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| |
|
|
|
|
|
|
|
|
| |
The release URL has been temporarily moved to people.redhat.com
until we can find a way to make a good release infrastructure
with github (tarball names are nasty - other projects seem to host
their releases on fedorahosted which is what I'm looking into for
this).
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |\
| |
| | |
Patch debian fixes
|
| | |\
| |/
|/| |
|
| |\ \
| | |
| | | |
Correct archive unittests and pep8 conformity in archive class
|
| |/ /
| |
| |
| | |
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenStack was full of the add_copy_specs(string) anti-pattern.
While we should address this properly these instances all need
fixing to avoid collecting the whole file system.
They should also have been tested before being put forward as
a pull request.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We already know we are running on RHEL or Fedora if we are
executing a plug-in class tagged with RedHatPlugin. Do not check
for /etc/*-release.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The OpenStack plug-in attempts to check for the presence of
binaries before running them. To do this it passes a relative
path to os.path.exists(); clearly this will never succeed.
Ideally plug-ins should never need to do these checks. If the
binary exists we'll run it and if not we won't (with no harmful
side-effects). This is how sos is currently designed and if there
is a need for plug-ins to ever do this we should add a method to
the base plug-in class e.g. Plugin.find_command() to do this
properly (i.e. evaluating the policy-supplied PATH).
For now, just make all of this unconditional.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
One call in openstack.py used the old addCopySpecs() method. This
will fail with current sos-3.x code. Update it to use the new
add_copy_specs() method instead.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |\ \
| | |
| | | |
cluster plugin: restrictions wrt. luci
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Notably, avoid server cert being added. On the other hand, allow
collection of rotated log files for luci.
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Refactored OpenStack plugin
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
contains all non-distribution specific details. Also dropped all
logrotate parts since those are collected by logrotate plugin.
Signed-off-by: Ante Karamatic <ante.karamatic@canonical.com>
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Ante Karamatic <ante.karamatic@canonical.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Pierguido Lambri <plambri@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add an sos plug-in for openshift to gathers several directories
and command output sepcific to Openshift systems.
Passwords and secrets are scrubbed for privacy reasons.
Signed-off-by: Nick Harvey <niharvey at redhat dot com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
- Made sure to include both companies AND individuals in AUTHORS file.
- Fixed a copyright issue on kernelrt plugin which is GPL-2 and not GPL-2 (or later)
- Treat the sosreport package as a private python module (currently a public one
as defined by the Debian python policy)
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| |\
| |
| | |
import tempfile into policies
|
| | |
| |
| |
| | |
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| |\ \
| | |
| | | |
Make debian packaging 'non-native'
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Adam Stokes <adam.stokes@ubuntu.com>
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The SELinux plug-in can now optionally collect object lists from
the semanage command. Since this command loads the SELinux python
run time (~4s/command) it can add considerably to the overall run
time of sosreport - for this reason these commands are disabled by
default and may be enabled via the selinux.list option:
# sosreport -k selinux.list
With the option turned on we also collect:
semanage fcontext -l
semanage login -l
semanage port -l
semanage user -l
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Policy classes need to return the user-supplied temporary
directory if they decide not to override it.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |/
|/|
| |
| |
| |
| |
| | |
We expect not to find all commands; don't output a log message on
each missing binary.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| | |
Increment the spec file version to 3.0
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
There are cases where we may attempt to add a symlink to the
archive more than once. Since this will fail for paths that
already exist test for their presence first.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The temporary trees used by sos are set up with correct
permissions but tarfile.open() uses the default mode and umask
settings.
Set the umask to deny group and other permissions for the archive
to avoid leaking data to unprivileged users.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Revert the use of POSIX PAX archive format in TarFileArchive. The
code to capture SELinux file contexts is currently disabled in
master due to the undesirable affects on archive extraction. Since
this is the main reason for using the PAX format revert to
automatic format selection to allow the widest compatibility.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As reported in Issue #140 plug-ins that need to write to an
arbitrary location in the archive are broken by the in-line tar
archive changes.
Introduce a 'get_tmp_dir()' method to the Archive classes that
must return a writable directory that is included in the archive.
Archives deriving from FileCacheArchive simply retun the root of
the archive tree.
Add a new method to Plugin to use this support, 'get_cmd_dir()',
that will return 'Archive.get_tmp_dir() + 'sos_commands'
+ self.name()'.
Fixes problems in lvm2, cloudforms, satellite and rhui.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since some distributions may be using features like tmp-on-tmpfs
that can cause problems for sos data collection move the selection
of this directory into the policy class.
The new behaviour respects options passed on the command line but
will ignore any environment variables. Users wishing to override
the location of sos' temporary files should use the command line
option.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add a cleanup() method to the Archive classes and ensure that it
is called during normal and abnormal termination (unless the pdb
debugger has been invoked during --debug mode).
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The logs module has a paramter 'logsize' but some code still uses
the old 'syslogsize' name. Make all uses consistent.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new level to the Archive class hierarchy. This class may
be used by any archive class that needs to temporarily cache
files in the file system during collection.
Classes deriving from FileCacheArchive must supply
_build_archive() and _compress() methods which will be called
during archive finalization.
This fixes the TarFileArchive problems caused by attempting to
apply read-modify-write updates to content already present in the
archive.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Policies may wish to influence the choice of temporary directory.
Move the TempFileUtil initialisation to be after the call to
load policy.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
