| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible that symlink loops exist in the host file system,
either 'simple' ('a'->'a'), or indirect ('a'->'b'->'a'). We need
to avoid recursing on these loops, to avoid exceeding the maximum
link or recursion depths, but we should still represent these
inodes as accurately as possible in the resulting archive.
Detect loops in both the Plugin link handling code and in the new
Archive link follow-up code by creating the first requested level
of loop, and then skipping the recursive follow-up. This means
that the looping links are still created in the archive so long
as they are referenced in a copy spec but that we do not attempt
to indefinitely recurse while collecting them.
Resolves: #1430
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Ensure that the canonical path is used when processing link follow
up actions: the actual link path may contain one or more levels of
symbolic links, leading to broken links if the link target path is
assumed to be relative to the containing directory.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we may be dealing with paths that contain intermediate
symlinked directories, it is necessary to canonicalize the path
for the link target in order to eliminate additional levels of
symbolic links, and to calculate the correct relative path to
use within the archive.
Related: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When processing link follow up for an original symbolic link, the
add_link() logic incorrectly used the _original_ host link name,
rather than the to-be-created name when calculating relative path
structures. If the prior link is at a greater or lesser level of
directory nesting this will lead to broken relative links in the
archive (one level too high or too low).
In some cases (systemd) this behaviour was masked due to the fact
that identically named links exist at multiple levels of the path
hierarchy.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
| |
The 'link_path' local was renamed to 'link_name' to better match
other uses in the code.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some systems the pipe used by the AsyncReader() class and the
sos_get_command_output() function may still be open at the time
the p.poll() call returns. At this time the command exit status
is undefined, leading to errors and collection failures for code
that tests the command's exit code.
Wait explicitly until poll() returns None to avoid this.
Resolves: #1417
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Defines an 'atomic' preset for use with the RedHatAtomic policy for RHEL
Atomic Host. Fixes sos being unable to run due to the preset probe
returning a string rather than a preset.
Resolves: #1418
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Creating a link may trigger further actions in the archive: if the
link target is a regular file, we must copy that file into the
archive, and if the target is a symbolic link, then we must create
that link, and copy in the link target.
Handle this by calling add_file() or (recursively) add_link() in
order to create the missing pieces of the symlink chain.
These operations must take place outside of the path lock since
they do not modify the archive namespace and will call methods of
the Archive object that will attempt to re-acquire this lock.
Resolves: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the creation of leading path components for both paths that
contain intermediate components that are symbolic links (with both
absolute and relative targets), and those that contain only
directory components.
Since symlinks may link to other files, and other symlinks, it is
necessary to handle these paths recursively and to include any
intermediate symlinked directories, or symlink targets in the set
of paths added to the archive.
Related: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Use a naked 'raise' statement rather than raising the already caught
exception in _copy_dir(), so that the original stack and backtrace
are avaialable.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that plugins are run in a threadpool, it is not possible to
defer the call to pdb.post_mortem() to the top-level exception
handler in the main thread: this is due to the fact that in a pool,
exceptions are caught and saved to be re-raised to thread calling
the pool when results are returned. When the saved exception is
raised to the top-level handler the execution context it relates
to is gone: the backtrace and stack frame have been torn down and
only very limited information is available from the exception
frame.
Instead, catch these exceptions _inside_ the thread pool context,
and directly trap to the Python debugger. This allows plugin code
to be debugged interactively with the full backtrace and with all
access to local variables and the execution stack. In addition,
this means that after the debugger has handled the exception it is
possible to return to the run and continue until report completion.
One side effect of this change is that the *-plugin-errors.txt
file containng the backtrace is now written into the archive
whether or not --debug is given.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ThreadPoolExecutor does not raise exceptions to the parent
thread immediately: it stores them in-line in the pool's results
list, and raises them to the caller on acccess to that slot in
the results iterator.
Make sure that these exceptions are handled by iterating over all
results and asserting that they are non-None (in practice, this
code is never executed since the resulting raise will trap to an
exception handler, but it is less confusing than a bare 'pass').
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
| |
Resolves: #1409
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenStack daemons can now run in OCI containers launched
by both podman and docker.
Need to check both locations.
Resolves: #1408
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
| |
Resolves: #1407.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
We're iterating over all the containers: might as well only do it
one time.
Related: #1406, #1407
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
These configuration files can effect the way that buildah works.
Resolves: #1405
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Collect /etc/sudo* and scrub bindpw in /etc/sudo-ldap.conf
Resolves: #1402
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MegaCli64 command needs to be called using the full path to the
binary. Also, correct the -ShowSummary adapter argument.
Additionally, use the builtin 'files' check to enable the plugin only if
the binary exists.
Closes: #403
Resolves: #1392
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds the lv_(kernel)_read_ahead, stripes, and stripsize columns to lvs
output.
Closes: #800
Resolves: #1391
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a services member to facilitate plugin enablement. This is tied to
a new InitSystem class that gets attached to policies. The InitSystem
class is used to determine services that are present on the system and
what those service statuses currently are (e.g. enabled/disable).
Plugins can now specify a set of services to enable the plugin on if
that service exists on the system, similar to the file, command, and
package checks.
Additionally, the Plugin class now has methods to check on service
states, and make decisions based off of. For example:
def setup(self):
if self.is_service('foobar'):
self.add_cmd_output('barfoo')
Currently, only systemd has actual functionality for this. The base
InitSystem inherited by policies by default will always return False for
service checks, thus resulting in the same behavior as before this
change.
The Red Hat family of distributions has been set to systemd, as all
current versions of those distributions use systemd.
Closes: #83
Resolves: #1387
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
oVirt Node is a small scaled down version used for hosting virtual
machines. The plugin collects node specific information like
upgrade log, the layer structure etc.
Resolves: #1381
Signed-off-by: Nijin Ashok nashok@redhat.com
Signed-off-by: Bryn M. Reeves bmr@redhat.com
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'multipath -t' command prints the internal hardware table
of device-mapper-multipath. These are the true, hard-coded
defaults that multipath will follow if no other configuration
is set. The hardware table is specific to the
device-mapper-multipath version that is in use, so it is subject
to change across release, making it difficult to track. Prior to
the -t flag creation, the user would have to check the source
package or /usr/share/doc/device-mapper-multipath for the table.
The output is needed as a piece of the puzzle in how the
'multipathd show config' command presents the current, running
configuration (it uses the .conf and the hardware table). This
makes it very useful in troubleshooting activities.
Resolves: #1379
Signed-off-by: John Pittman <jpittman@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'multipath -l' command, per the man page, shows the topology as
'fetched in sysfs and the device mapper' and 'multipath -ll' shows
the topology from 'all available information'. The '-ll' option,
among other things, includes useful items such as prio values and
path checkers, without adding much more verbosity. For example,
prio value ommission seen below:
|-+- policy='service-time 0' prio=0 status=active
| |- 2:0:1:2 sdh 8:112 active undef unknown
| `- 5:0:1:2 sdal 66:80 active undef unknown
`-+- policy='service-time 0' prio=0 status=enabled
|- 2:0:0:2 sdc 8:32 active undef unknown
`- 5:0:0:2 sdag 66:0 active undef unknown
|-+- policy='service-time 0' prio=50 status=active
| |- 2:0:1:2 sdh 8:112 active ready running
| `- 5:0:1:2 sdal 66:80 active ready running
`-+- policy='service-time 0' prio=10 status=enabled
|- 2:0:0:2 sdc 8:32 active ready running
`- 5:0:0:2 sdag 66:0 active ready running
Gather 'multipath -ll' instead of 'multipath -l' as the additional
information adds value without additional verbosity.
Signed-off-by: John Pittman <jpittman@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Peereboom <paul.peereboom@duo.nl>
|
|
|
|
|
|
|
|
|
| |
Adds collection of stonith and quorum states within the cluster to the
pacemaker plugin. If either of these are not used in a given cluster,
these commands simply report that the resource is not in use so this is
safe to run on all clusters.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
not only *.log ones
Resolves: #1371
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Python os.makedirs() implementation is inadequate for sos's
needs: it will create leading directories given an intended path
destination, but it is not able to reflect cases where some of
the intermediate paths are actually symbolic links.
Replace the use of os.makedirs() with a method that walks over
the path, and either creates directories, or symbolic links (and
their directory target) to better correspond with the content of
the host file system.
This fixes a situation where two plugins can race in the archive,
leading to an exception in the plugin that runs last:
- /foo/bar exists and is a link to /foo/bar.qux
- One plugin attempts to collect /foo/bar
- Another plugin attempts to collect a link /foo/qux -> /foo/bar/baz
If the 2nd plugin happens to run first it will create the path
"/foo/bar" as a _directory_ (via _makedirs()). Since the archive
now checks for matching object types when a path collision occurs,
the first plugin will arrive at add_dir(), note that "/foo/bar" is
present and is not a symbolic link, and will raise an exception.
Correct this by ensuring that whichever plugin executes first, the
correct link/directory path structure will be set up.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Always set a valid dest_dir in _check_path() and do not assume
that it can be obtained by splitting the path: in the case of
a directory it is the unmodified 'dest' value.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Simplify the makedirs() method of FileCacheArchive and have it
bypass _check_path() and directly call os.makedirs(): a subsequent
patch will restrict the use of the method to setting up the sos_*
directories in the archive root.
File, directory and other object type add_* methods will use a
new method that correctly handles symbolic links in intermediate
path components.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
OSError and IOError exceptions were not raised to the terminal
when --debug is in effect since they were silently caught in the
generic exception handler.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Stop copying extended attributes of files under /sys and /proc
that can raise SELinux denials on that attempt.
Resolves: #1399
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
Call "cryptsetup luksDump /dev/sd*" for all encrypted devices
Resolves: #1390
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
gssproxy stores its configuration in /etc/gssproxy. Also capture the
mech configuration so that we can tell if gssproxy is enabled and any
other GSS mechs in use.
Resolves: #1386
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add files for KDC configuration and logging, including kadmin files
and a klist of the K/M stash.
Gather any additional configuration snippet files in
/etc/krb5.conf.d (which is configured by default on Fedora- and
RHEL-like systems, and hopefully on Debian systems in the future).
The sssd plugin already takes care of
/var/lib/sss/pubconf/krb5.include.d/, so don't include that.
Resolves: #1385
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds collection of 'oc adm top' output for images and imagestreams.
Resolves: #1165
Closes: #1383
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Versions of kubernetes after 1.5 use --kubeconfig instead of --config to
specify a configuration file to use for kubectl commands. Update the
kubernetes plugin to use the proper syntax.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The 3.10 version of OCP changes the deployment configurations for etcd
and kubernetes components, and additionally changes the way the etcdctl
command is called when running in a static pod. Update these plugins to
support this new deployment style.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
| |
Resolves: #1395
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
Make lsof calls on OSP systems disabled by default.
Relevant to: #1395
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Make calling of lsof command optional (but enabled by default).
Also remove "collect lsof-threads when --all-logs" as all-logs
has nothing in common.
Resolves: #1394
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
| |
similarly like we sanitize case id, we should sanitize report label
to e.g. exclude spaces from final tarball name.
Resolves: #1389
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
| |
Closes: #1380.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This commit adds the plugin rhv-log-collector-analyzer, it will
collect:
- Output of rhv-log-collector-analyer --json
- Generated HTML file from --live
Signed-off-by: Douglas Schilling Landgraf <dougsland@redhat.com>
|
|
|
|
|
|
|
|
| |
commit 29a40b7 removed leading '/' from two forbidden paths
Resolves: #1388
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Detection of CDS node on RHUI 3 cant rely on deprecated pulp-cds package
but rather on rhui-mirrorlist one.
Resolves: #1375
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
They're just missing the S_ in front of them so if that code gets
reached it fails.
Fixes: #1373
Resolves: #1374
Signed-off-by: Bryan Quigley <bryan.quigley@canonical.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|