| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit alters several option long-form names or destination names
to align those values in a sensible way. This serves to not only remove
some abiguity in option naming in code, but also to make it so that the
"effective options" line logged in every sos execution can be direction
copy-pasted as a working command.
Closes: #2288
Resolves: #2398
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes sure that all passwords specified
in the opcion proxy_password in any file inside
/etc/yum.repos.d/ ends up masked in the sosreport.
Closes: #2394
Resolves: #2396
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Let's have a script that generates an overview of each plugin's
activity. I.e. for each plugin, print list of items the plugin collects
in add_copy_spec or add_cmd_output and other similar methods.
Resolves: #2392
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous change to package managers removed SuSE's manual settings
without actually having it use the new `RpmPackageManager` abstraction.
This in turn made almost any sos execution fail on SuSE.
Fix that, by instantiating the package manager.
Credit to fluxcap1 on GitHub for identifying this flaw and the
resolution.
Related: #2389
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This request adds the output of --showrc to sos
so we can verify the default values of options set
via rpmrc and macros config files.
Resolves: RHBZ#1921496
Resolves: #2388
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It's useful to collect the `.registered` file as well to see if the Insights
client is actually registered (and if so, when).
Closes: #2372
Resolves: #2373
Signed-off-by: Paul Wayper <paulway@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
In Ubuntu CDK when the deployed with Keystone authentication the
service cdk.master.auth-webhook is deployed to handle that integration
this change includes this unit to collect its journal.
Resolves: #2387
Signed-off-by: Felipe Reyes <felipe.reyes@canonical.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The `files` property is used to determined if it's the kubernetes
master node is where the plugin is runnig since it's the only node
capable of running kubectl. In Ubuntu CDK environments the file that's
only available in the master is /root/cdk/cdk_addons_kubectl_config
while /root/cdk/kubeproxyconfig is also available in the workers.
Signed-off-by: Felipe Reyes <felipe.reyes@canonical.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The latter is a deprecated compat symlink.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979264
Resolves: #2385
Signed-off-by: Michael Biebl <biebl@debian.org>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
bcache is used as a caching device (typically an SSD) for
HDDs; bcache stats are useful to identify performance problems.
Closes: #2378
Resolves: #2384
Signed-off-by: Ponnuvel Palaniyappan <ponnuvel.palaniyappan@canonical.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Moved the file name from kexec-kdump.log to
the right one, kexec-dmesg.log and
added it to the list of files to gather via
add_copy_spec as per #1546.
Resolves: RHBZ#1817042
Resolves: #2386
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The plugin now collects information from certificates
that were generated by oVirt on the host(s)/node(s).
Related: RHBZ#1845877
Resolves: #2364
Signed-off-by: Lev Veyde <lveyde@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The plugin now collects information from certificates
that were generated by oVirt.
Related: RHBZ#1845877
Signed-off-by: Lev Veyde <lveyde@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Collect "tc -s filter show dev <DEV>" for each device.
Resolves: #2383
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Collect both devlink info and params, as well as details per each device.
Related to: #2383
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Enhancement to include details for the ovs ipsec monitor
daemon.
Resolves: #2382
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From RHBZ:
The /etc/dasd.conf is the common configuration file for the dasd portion of s390,
similar to how /etc/multipath.conf is to multipath. It has settings like
failover timings, readonly settings, diag settings, etc. It's very useful to see
what the customer has set in this file when doing an initial analysis of s390 and
more specifically dasd (s390 storage) issues. It's also useful to have when
suggesting dasd tuning changes to the customer.
Related: RHBZ#1919277
Resolves: #2381
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Recent distros redirecting opal-prd logs to /var/log/opal-prd.log file.
Resolves: #2377
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
EEPROM dump collection might hang on specific types of devices, or
negatively impact the system otherwise. As a safe option, sos report
should collect the command when explicitly asked via a plugopt only.
Resolves: #2376
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cleaning up references of --ticket-number, as it was fully replaced
by --case-id.
The credit goes to @mamatha4 .
Resolves: #2375
Relates to: #2374
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new plugin for the TigerVNC plugin
Closes: #2347
Resolves: #2371
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Collecting whole /etc/postfix, we might collect some SSL keys placed
to this directory. Traverse main.cf to identify all such potential
files we must add to forbidden paths.
Resolves: #2362
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
It was found that some implementations will return a 530 rather than a
503 as the more specific error for incorrect passwords. Handle this
error code explicitly, and then also add a catch-all for any other
ftplib errors that may get raised.
Resolves: #2368
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Drops the `ps auxwww` collection in favor of the memory-sorted and
otherwise duplicate `ps auxwwwm` call, and updates the `ps` root symlink
to the memory-sorted output.
Related: #1969
Resolves: #2370
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `-b` option to `lsof` is used to avoid kernel calls that have the
potential to block. However, this in turn strips useful information from
this collection when processes are using network resources like NFS
shares.
As we now have several layers of timeout control, it should be safe to
remove the `-b` option and instead apply a timeout to the
`add_cmd_output()` call to protect against a potential blocked call.
Closes: #2352
Resolves: #2670
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
"lsblk -O -P" provides all available column output in key pair
format.
Resolves: #2367
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
First fixes an issue with an improperly scoped setting of the sos
command label. Second, addresses an issue where the final sos command
determined wasn't being written to the node's metadata.
Resolves: #2363
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
sapconf command creates /etc/security/limits.d/99-sap-limits.conf
on its own when missing, so calling the command must be gated
by a predicate testing the file presence.
Resolves: #2361
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds policy-controlled forbidden path checking, which
should be the final part of implementing "global" forbidden paths. With
this commit, policies may now add paths and glob matches for paths which
should never be collected in any plugin.
Combined with plugin-defined paths and user-defined paths already
available, plugins should now be able to be properly restricted from
sensitive collections.
Note that the way this is implemented is that policies that define the
`set_forbidden_paths()` classmethod *extend* this forbidden list as it
is built from the subclass(es) that also define one. This way,
"top-level" policies do not need to maintain independent copies of
entire trees of paths just to add a few specific additional ones that
are not forbidden within other policies.
This initial commit adds paths that are either very well-known to be
ones we should avoid, or are paths that have previously been part of
reported issues where these paths/files should not be collected.
Closes: #316
Closes: #796
Closes: #919
Closes: #1316
Resolves: #2360
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "pidstat" command prints CPU time breakdowns per CPU
and, it can also print useful information from other
subsystems {I/O, MM} in a single line.
Related: RHBZ#1898155
Resolves: #2310
Signed-off-by: Jose Castillo <jose.mfcastillo@gmail.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Starting with Dogtag 10.9 a new logging framework is used. As a result,
debug logfiles now have the format 'debug-<date>' rather than just 'debug'.
Resolves: #2355
Signed-off-by: Thorsten Scherf <tscherf@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 7f72a36 requires self.sysroot to exist for each component,
but it is not set for sos-collector. Let pre-fill self.sysroot
every time.
Resolves: #2358
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, config file plugopts are ignored as we overwrite it
in apply_options_from_cmdline by empty list default value from
cmdline.
Resolves: #2359
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Updates the import of `RHELPolicy` for setting the python version
checking command on RHEL systems.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Adds the new packages to `setup.py` that were created as a result of the
policy re-org from #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
"ls /sys/firmware" command is useful to check if system boots with
UEFI or BIOS.
Resolves: #2353
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ceph mons might get into time sync problems if ntp/chrony
isn't installed or configured correctly. Since Luminous
release, upstream support 'time-sync-status' to detect this
more easily.
Closes: #2356
Resolves: #2357
Signed-off-by: Ponnuvel Palaniyappan <pponnuvel@gmail.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new `DpkgPackageManager` subclass for use with dpkg-based
distributions.
Closes: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a discreet subclass of `PackageManager` for RPM based
distributions.
Note this also makes a minor alteration to the determination of relevant
commands based on the initialization of `PackageManager`, which will
make it easier to build out subclasses going forward, while still
allowing individual policies to override if desired.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Moves the `PresetDefaults` base class out from
`sos/policies/__init__.py` and into a new `sos/presets` subdir. Further,
removes the presets defined in the RH-family policies into a new
`sos/presets/redhat.py` subdir to allow for ease of maintenance and
tracking.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Moves `PackageManager` out from `sos/policies/__init__.py` into a new
`sos/policies/package_managers` subdir.
Future commits will aim to canonicalize package manager subclasses for
policies to use, and ease the creation of new reusable package managers.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Moves the actual policy files for supported distributions out of
`sos/policies` and into a new subdir `sos/policies/distros`. Note that
`Policy()` still lives in the former, while `LinuxPolicy()` has been
moved into `sos/policies/distros/__init__.py`
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Moves `InitSystem` and the related `SystemdInit` subclass out of
`sos/policies/__init__.py` and into a new `sos/policies/init_systems/`
subdir.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Moves `ContainerRuntime` and the related subclasses out from
`sos/policies/__init__.py` into a new `sos/policies/runtimes` subdir.
Related: #2349
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enhances policy banner message generation by allowing an arbitrary
number of vendor urls to be displayed. The `vendor_url` class attr has
been changed to `vendor_urls` which should be a list of 2-tuples
formatted as `(description, url)`.
Further updates the existing policies to use this new form, and expands
on the Red Hat family distributions to include support website locations
where applicable. Also updates the Ubuntu policy to point to both the
community and commercial support resources.
Closes: #1869
Resolves: #2325
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an upload to the RHCP fails for some reason, now automatically
failover to attempt an upload to the FTP dropbox.
This failover has been intended for some time, as we already failover
to the FTP location if we detect we're missing, for example, login
credentials for the Customer Portal. This change just extends that
intention to when we run into errors with the actual upload process.
Resolves: #2350
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Drop fallback to nat as that can bring in more kernel modules
Left ip/6-table save in networking for now as it can be filtered by
networking options and I don't want to break that.
Resolves: #2348
Signed-off-by: Bryan Quigley <code@bryanquigley.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It can be useful to have the digest for each container image for
verifying exact binary compatibility, etc.
Resolves: #2339
Signed-off-by: Brad Hubbard <bhubbard@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Until --sysroot option is specified, Archive (sub)classes should
be called with sysroot determined from Policy.
Resolves: #2346
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenShift 4.6 Introduces a new service called ovs-configuration,
usually this information is also acquired in the must-gather but
if precisely this service is at fault we may not be able to run
must-gather.
Resolves: #2345
Signed-off-by: Juan Luis de Sousa-Valadas <jdesousa@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|