| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Resolves: #1274
Suggested-by: Dave Mulford <dave.mulford@gmail.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allows users to specify a timeout for each plugin using the '-k
plugin.timeout=value' syntax by adding the 'timeout' option to every
plugin.
Additionally, adds the --plugin-timeout option to set a timeout for
_all_ plugins. If --plugin-timeout and a specific -k timeout option is
provided, the -k timeout option will be applied for those specific
plugins, with --plugin-timeout being applied to all others.
In either case, specifying a timeout of 0 seconds results in no timeout
being applied. In the event that an invalid timeout is set, the timeout
will be set to the default value for the plugin.
Resolves: #1499
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
- collect reasonable count of pmlogger files instead of sizelimit
- (configurable via pcp.pmloggerfiles plugin option
- prevent pmlogger/pmmgr binary files to be truncated/tailed
Resolves: #1496
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a postproc for the podman and docker plugins to attempt to
obfuscate sensitive keys in 'inspect' output for those runtimes.
Previously, these keys were being captured in plaintext which could lead
to passwords or similar being leaked when sysadmins configure containers
with environment variables (or similar) that contain this data.
Specifically, we match against 'key=value' pairs as that is how the
container runtimes accept and print these pairs, like so:
"Env": [
"mypassword=supersecret",
"container=oci"
],
By comparison, the inspect outputs now read like the following when a
potentially sensitive key is found:
"Env": [
"mypassword=********",
"container=oci"
],
Resolves: #1487
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
| |
RHEL7 ships boom as part of LVM2: lvm2-python-boom.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds collection of info on each source found by composer-cli. The
_get_blueprints() method has been made more generic to accomodate both
blueprints and sources.
Resolves: #1571
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added initialization of date variable, so that it's possible to set the
custom name_pattern.
Without the fix, if the name_pattern is set in the plugin to be something
else than 'legacy' or 'friendly', the report generation will fail to
error
UnboundLocalError: local variable 'date' referenced before assignment
Resolves: #1570
Signed-off-by: Ville Heikkinen <ville.heikkinen@nokia.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Prevents the docker plugin from running docker commands when the service
is not running. This will prevent us from collecting the same 'docker is
not running' error message over and over again from the docker commands
that would otherwise get run.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a method to the InitSystem class used by policies and plugins to
check if a given service name is running. Plugins can make use of this
through the new self.service_is_running() method.
For policies that use the base InitSystem class, this method will always
return True as the service_is_running() method is likely to be used when
determining if we should run commands or not, and we do not want to
incorrectly stop running those commands where they would collect
meaningful output today.
The SystemD init system for policies properly checks to see if the given
service is active or not when reporting is the service is running.
Resolves: #1567
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Resolves: #1566
Closes: #1545
Signed-off-by: Bryan Quigley <bryan.quigley@canonical.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemctl
list-jobs - any currently runnign
list-dependencies - nice dependency tree
list-timers --all - what timers are setup/active
list-machines - for systemd container orcestration
systemd-resolve
--status - what link is using what dns server, etc
--statistics - how cache/DNSSEC/etc are doing
Resolves: #1565
Closes: #1457
Signed-off-by: Bryan Quigley <bryan.quigley@canonical.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Resolves: #1564
Closes: #1550
Signed-off-by: Bryan Quigley <bryan.quigley@canonical.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
| |
Resolves: #1561
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The change notes specifically mention how they've improved
performance including boot times with 16.04.
Python 3.7 is now stable.
Add --version flag for pycodestyle.
Resolves: #1554
Signed-off-by: Bryan Quigley <bryan.quigley@canonical.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This call is no longer used and was missed during the clean up in
2b29530eb50ab1016937f5c28adaf4e2288e46be.
Resolves: ##1552
Signed-off-by: Lee Yarwood <lyarwood@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
| |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds tagging classes so plugin will run on Red Hat and Ubuntu based
systems.
Resolves: #1578
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
| |
Resolves: #1556
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
Recursive listing of the directory is sufficient.
Resolves: #1555
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Newer Fedora systems, grub2 package is replaced by grub2-common
that needs to enable grub2 plugin by default as well.
Additionally, collect /boot/loader/entries with boot list entries.
Resolves: #1543
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds a new plugin for rpm-ostree, which is no longer limited to use in
Atomic Host.
Resolves: #1529
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new plugin for Red Hat CoreOS
Resolves: #1528
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Rather than repeating the same boilerplate disclaimer text in each
Red Hat policy class, define it once as a string, and then cat it
into each policy that requires a distinct preamble.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
| |
Adds a policy for Red Hat CoreOS.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Simplify identification of LUKS partitions by collecting lsblk with
option -l, such that the device name is the very first string every
time. That is required for LUKS partition located on the device itself
where standard lsblk output does not contain '|-' before the device name.
Resolves: #1449
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It is often useful to know the NUMA locality of each network device.
Collect /sys/class/net/*/device/numa_node to add this information.
Resolves: #1451
Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
| |
Resolves: #1535
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenDaylight karaf logs are now located in:
/var/log/containers/opendaylight/karaf/logs, so
deprecate the old paths, and update the plugin
to get the karaf.log files from new location.
Resolves: #1438
Signed-off-by: Victor Pickard <vpickard@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
To compare files in $PATH with files installed from a package, we must
expand all symlinks to their realpaths. Otherwise we get false positives
like /bin/systemctl (as /bin -> /usr/bin).
Resolves: #1437
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Catch exceptions when "juju status" command:
- does not exist (and generates empty output), or
- does not generate valid/expected JSON output
Resolves: #1422
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
get first line of string to log only for nonempty content
Relevant to: #1422
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Use get_cmd_output_now() to store the first call to composer-cli's
'blueprints list' command in the report, and then use that file to
find the list of available blueprints.
Related: #1447
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
lorax-composer is an API server for building disk images using
Blueprints. The plugin collects composer config and logs and few
composer-cli command outputs.
Resolves: #1477
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a lot of ancient junk in this method (and associated code
strewn around sos.sosreport and tests). Remove the ability to pass
a list of options to the method since nothing uses this, and also
delete the incomplete implementation of global plugin options via
the commons dictionary (this work was already completed some time
ago by mapping these options directly to the command line args).
Resolves: #1498
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
As bridge-utils containing brctl command are being deprecated,
sosreport should call bridge command instead.
Although the mapping of the commands is not 1:1, the data collected
(together with few "ip .." commands) will remain the same.
Resolves: #1472
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
Collect "nft list ruleset".
Resolves: #1470
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commands:
fips-mode-setup --check
update-crypto-policies --show
update-crypto-policies --is-applied
Files:
/etc/system-fips
/etc/crypto-policies/*
Resolves: #1448
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until Podman inherits RedHatPlugin and/or UbuntuPlugin, the plugin
can not be executed on underlying distros.
Further, remove one redundant test as "for container in insp" will
work properly also for empty "insp".
Resolves: #1473
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Calling _files_pkgs_or_cmds_present for SCLs lacks "services"
argument that was added in 6db459e commit.
Also it is worth renaming the method to more generic
_check_plugin_triggers .
Resolves: #1416
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In principle, this might be risky - if a database is huge, we might not
want to collect all of it. But there is no sense in collecting only its
tail. If this turns out problematic, a future patch might check db size
and do not collect it at all if it's too large.
Bug-Url: https://bugzilla.redhat.com/1654068
Resolves: #1497
Signed-off-by: Yedidyah Bar David <didi@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
| |
If sizelimit is 0, do not limit. Only use the default if it's None.
Bug-Url: https://bugzilla.redhat.com/1654068
Signed-off-by: Yedidyah Bar David <didi@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates powerpc plugin to collect
Dynamic Resource Manager (drmgr) log files
i.e. /var/log/drmgr and /var/log/drmgr.0.
In addition, it also adds ctsanp command to collect the information
about the Reliable Scalable Cluster Technology (RSCT) components.
Resolves: #1443
Signed-off-by: Sourabh Jain <sourabhjain@linux.ibm.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
As copying of them hangs.
Resolves: #1445
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Allow automatic enabling of OSP packages also on containerized
environment.
Relevant to: #1411
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
| |
Enable the plugin just based on package presence.
Resolves: #1411
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewriting of the destination path by _make_leading_paths() only
applies when creating intermediate path components that are a
symbolic link. The final level of path creation must always be
a directory, and the destination is always the absolute path to
that directory.
Always return the directory path when creating a new directory,
and do not attempt to rewrite the destination at the top level
in FileCacheArchive._check_path() since all intermediate links
have already been handled inside _make_leading_paths() (i.e.
the returned/rewritten destination is always equal to the path
that was passed into the function).
Resolves: #1432
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible that symlink loops exist in the host file system,
either 'simple' ('a'->'a'), or indirect ('a'->'b'->'a'). We need
to avoid recursing on these loops, to avoid exceeding the maximum
link or recursion depths, but we should still represent these
inodes as accurately as possible in the resulting archive.
Detect loops in both the Plugin link handling code and in the new
Archive link follow-up code by creating the first requested level
of loop, and then skipping the recursive follow-up. This means
that the looping links are still created in the archive so long
as they are referenced in a copy spec but that we do not attempt
to indefinitely recurse while collecting them.
Resolves: #1430
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Ensure that the canonical path is used when processing link follow
up actions: the actual link path may contain one or more levels of
symbolic links, leading to broken links if the link target path is
assumed to be relative to the containing directory.
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we may be dealing with paths that contain intermediate
symlinked directories, it is necessary to canonicalize the path
for the link target in order to eliminate additional levels of
symbolic links, and to calculate the correct relative path to
use within the archive.
Related: #1404
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|