| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Rather than repeating the same boilerplate disclaimer text in each
Red Hat policy class, define it once as a string, and then cat it
into each policy that requires a distinct preamble.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
| |
Adds a policy for Red Hat CoreOS.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Simplify identification of LUKS partitions by collecting lsblk with
option -l, such that the device name is the very first string every
time. That is required for LUKS partition located on the device itself
where standard lsblk output does not contain '|-' before the device name.
Resolves: #1449
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
It is often useful to know the NUMA locality of each network device.
Collect /sys/class/net/*/device/numa_node to add this information.
Resolves: #1451
Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
| |
Resolves: #1535
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OpenDaylight karaf logs are now located in:
/var/log/containers/opendaylight/karaf/logs, so
deprecate the old paths, and update the plugin
to get the karaf.log files from new location.
Resolves: #1438
Signed-off-by: Victor Pickard <vpickard@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
To compare files in $PATH with files installed from a package, we must
expand all symlinks to their realpaths. Otherwise we get false positives
like /bin/systemctl (as /bin -> /usr/bin).
Resolves: #1437
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Catch exceptions when "juju status" command:
- does not exist (and generates empty output), or
- does not generate valid/expected JSON output
Resolves: #1422
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
| |
get first line of string to log only for nonempty content
Relevant to: #1422
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use get_cmd_output_now() to store the first call to composer-cli's
'blueprints list' command in the report, and then use that file to
find the list of available blueprints.
Related: #1447
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
lorax-composer is an API server for building disk images using
Blueprints. The plugin collects composer config and logs and few
composer-cli command outputs.
Resolves: #1477
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There's a lot of ancient junk in this method (and associated code
strewn around sos.sosreport and tests). Remove the ability to pass
a list of options to the method since nothing uses this, and also
delete the incomplete implementation of global plugin options via
the commons dictionary (this work was already completed some time
ago by mapping these options directly to the command line args).
Resolves: #1498
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
As bridge-utils containing brctl command are being deprecated,
sosreport should call bridge command instead.
Although the mapping of the commands is not 1:1, the data collected
(together with few "ip .." commands) will remain the same.
Resolves: #1472
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
| |
Collect "nft list ruleset".
Resolves: #1470
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commands:
fips-mode-setup --check
update-crypto-policies --show
update-crypto-policies --is-applied
Files:
/etc/system-fips
/etc/crypto-policies/*
Resolves: #1448
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Until Podman inherits RedHatPlugin and/or UbuntuPlugin, the plugin
can not be executed on underlying distros.
Further, remove one redundant test as "for container in insp" will
work properly also for empty "insp".
Resolves: #1473
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Calling _files_pkgs_or_cmds_present for SCLs lacks "services"
argument that was added in 6db459e commit.
Also it is worth renaming the method to more generic
_check_plugin_triggers .
Resolves: #1416
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In principle, this might be risky - if a database is huge, we might not
want to collect all of it. But there is no sense in collecting only its
tail. If this turns out problematic, a future patch might check db size
and do not collect it at all if it's too large.
Bug-Url: https://bugzilla.redhat.com/1654068
Resolves: #1497
Signed-off-by: Yedidyah Bar David <didi@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
| |
If sizelimit is 0, do not limit. Only use the default if it's None.
Bug-Url: https://bugzilla.redhat.com/1654068
Signed-off-by: Yedidyah Bar David <didi@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates powerpc plugin to collect
Dynamic Resource Manager (drmgr) log files
i.e. /var/log/drmgr and /var/log/drmgr.0.
In addition, it also adds ctsanp command to collect the information
about the Reliable Scalable Cluster Technology (RSCT) components.
Resolves: #1443
Signed-off-by: Sourabh Jain <sourabhjain@linux.ibm.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
| |
As copying of them hangs.
Resolves: #1445
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Allow automatic enabling of OSP packages also on containerized
environment.
Relevant to: #1411
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
| |
Enable the plugin just based on package presence.
Resolves: #1411
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewriting of the destination path by _make_leading_paths() only
applies when creating intermediate path components that are a
symbolic link. The final level of path creation must always be
a directory, and the destination is always the absolute path to
that directory.
Always return the directory path when creating a new directory,
and do not attempt to rewrite the destination at the top level
in FileCacheArchive._check_path() since all intermediate links
have already been handled inside _make_leading_paths() (i.e.
the returned/rewritten destination is always equal to the path
that was passed into the function).
Resolves: #1432
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible that symlink loops exist in the host file system,
either 'simple' ('a'->'a'), or indirect ('a'->'b'->'a'). We need
to avoid recursing on these loops, to avoid exceeding the maximum
link or recursion depths, but we should still represent these
inodes as accurately as possible in the resulting archive.
Detect loops in both the Plugin link handling code and in the new
Archive link follow-up code by creating the first requested level
of loop, and then skipping the recursive follow-up. This means
that the looping links are still created in the archive so long
as they are referenced in a copy spec but that we do not attempt
to indefinitely recurse while collecting them.
Resolves: #1430
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Ensure that the canonical path is used when processing link follow
up actions: the actual link path may contain one or more levels of
symbolic links, leading to broken links if the link target path is
assumed to be relative to the containing directory.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since we may be dealing with paths that contain intermediate
symlinked directories, it is necessary to canonicalize the path
for the link target in order to eliminate additional levels of
symbolic links, and to calculate the correct relative path to
use within the archive.
Related: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When processing link follow up for an original symbolic link, the
add_link() logic incorrectly used the _original_ host link name,
rather than the to-be-created name when calculating relative path
structures. If the prior link is at a greater or lesser level of
directory nesting this will lead to broken relative links in the
archive (one level too high or too low).
In some cases (systemd) this behaviour was masked due to the fact
that identically named links exist at multiple levels of the path
hierarchy.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
| |
The 'link_path' local was renamed to 'link_name' to better match
other uses in the code.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some systems the pipe used by the AsyncReader() class and the
sos_get_command_output() function may still be open at the time
the p.poll() call returns. At this time the command exit status
is undefined, leading to errors and collection failures for code
that tests the command's exit code.
Wait explicitly until poll() returns None to avoid this.
Resolves: #1417
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Defines an 'atomic' preset for use with the RedHatAtomic policy for RHEL
Atomic Host. Fixes sos being unable to run due to the preset probe
returning a string rather than a preset.
Resolves: #1418
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Creating a link may trigger further actions in the archive: if the
link target is a regular file, we must copy that file into the
archive, and if the target is a symbolic link, then we must create
that link, and copy in the link target.
Handle this by calling add_file() or (recursively) add_link() in
order to create the missing pieces of the symlink chain.
These operations must take place outside of the path lock since
they do not modify the archive namespace and will call methods of
the Archive object that will attempt to re-acquire this lock.
Resolves: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the creation of leading path components for both paths that
contain intermediate components that are symbolic links (with both
absolute and relative targets), and those that contain only
directory components.
Since symlinks may link to other files, and other symlinks, it is
necessary to handle these paths recursively and to include any
intermediate symlinked directories, or symlink targets in the set
of paths added to the archive.
Related: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
| |
Use a naked 'raise' statement rather than raising the already caught
exception in _copy_dir(), so that the original stack and backtrace
are avaialable.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that plugins are run in a threadpool, it is not possible to
defer the call to pdb.post_mortem() to the top-level exception
handler in the main thread: this is due to the fact that in a pool,
exceptions are caught and saved to be re-raised to thread calling
the pool when results are returned. When the saved exception is
raised to the top-level handler the execution context it relates
to is gone: the backtrace and stack frame have been torn down and
only very limited information is available from the exception
frame.
Instead, catch these exceptions _inside_ the thread pool context,
and directly trap to the Python debugger. This allows plugin code
to be debugged interactively with the full backtrace and with all
access to local variables and the execution stack. In addition,
this means that after the debugger has handled the exception it is
possible to return to the run and continue until report completion.
One side effect of this change is that the *-plugin-errors.txt
file containng the backtrace is now written into the archive
whether or not --debug is given.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ThreadPoolExecutor does not raise exceptions to the parent
thread immediately: it stores them in-line in the pool's results
list, and raises them to the caller on acccess to that slot in
the results iterator.
Make sure that these exceptions are handled by iterating over all
results and asserting that they are non-None (in practice, this
code is never executed since the resulting raise will trap to an
exception handler, but it is less confusing than a bare 'pass').
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves: #1409
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OpenStack daemons can now run in OCI containers launched
by both podman and docker.
Need to check both locations.
Resolves: #1408
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves: #1407.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
We're iterating over all the containers: might as well only do it
one time.
Related: #1406, #1407
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
These configuration files can effect the way that buildah works.
Resolves: #1405
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
| |
Collect /etc/sudo* and scrub bindpw in /etc/sudo-ldap.conf
Resolves: #1402
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MegaCli64 command needs to be called using the full path to the
binary. Also, correct the -ShowSummary adapter argument.
Additionally, use the builtin 'files' check to enable the plugin only if
the binary exists.
Closes: #403
Resolves: #1392
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adds the lv_(kernel)_read_ahead, stripes, and stripsize columns to lvs
output.
Closes: #800
Resolves: #1391
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a services member to facilitate plugin enablement. This is tied to
a new InitSystem class that gets attached to policies. The InitSystem
class is used to determine services that are present on the system and
what those service statuses currently are (e.g. enabled/disable).
Plugins can now specify a set of services to enable the plugin on if
that service exists on the system, similar to the file, command, and
package checks.
Additionally, the Plugin class now has methods to check on service
states, and make decisions based off of. For example:
def setup(self):
if self.is_service('foobar'):
self.add_cmd_output('barfoo')
Currently, only systemd has actual functionality for this. The base
InitSystem inherited by policies by default will always return False for
service checks, thus resulting in the same behavior as before this
change.
The Red Hat family of distributions has been set to systemd, as all
current versions of those distributions use systemd.
Closes: #83
Resolves: #1387
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
oVirt Node is a small scaled down version used for hosting virtual
machines. The plugin collects node specific information like
upgrade log, the layer structure etc.
Resolves: #1381
Signed-off-by: Nijin Ashok nashok@redhat.com
Signed-off-by: Bryn M. Reeves bmr@redhat.com
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'multipath -t' command prints the internal hardware table
of device-mapper-multipath. These are the true, hard-coded
defaults that multipath will follow if no other configuration
is set. The hardware table is specific to the
device-mapper-multipath version that is in use, so it is subject
to change across release, making it difficult to track. Prior to
the -t flag creation, the user would have to check the source
package or /usr/share/doc/device-mapper-multipath for the table.
The output is needed as a piece of the puzzle in how the
'multipathd show config' command presents the current, running
configuration (it uses the .conf and the hardware table). This
makes it very useful in troubleshooting activities.
Resolves: #1379
Signed-off-by: John Pittman <jpittman@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
