| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit inserts a nested ProcessPoolExecutor into the extraction
workflow for archives that are being obfuscated by `sos clean`.
Previously, the extraction was handled inside the same thread as the
rest of the obfuscation routines for each archive. However, it has been
found that when very large archives are manipulated concurrently,
performance can take a massive hit during the extraction process. This
is due to GIL limitations.
In this aspect 'very large archives' implies many tens of thousands of
files - e.g. 50K+. Because TarFile uses a 10K internal buffer, we end up
spinning a lot of time processing each file via the interpreter.
By shunting each extraction off into a new process space, we can avoid
the GIL issues altogether.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
- obfuscate "rhui_manager_password: xxx" in /root/.rhui/answers.yaml*
- no need to collect or obfuscate anything from /etc/ansible/facts.d
- newly detect the plugin via /etc/rhui/rhui-tools.conf file or rhui-manager
command (only)
Resolves: #2637
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
/etc/pulp/server/plugins.conf.d/
Resolves: #2564
Signed-off-by: Barbora Vassova bvassova@redhat.com
|
|
|
|
| |
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When plugin options use a magic value as a placeholder for logic checks
used during collections, those magic values can be confusing to users
when reported via `--list`.
This was originally limited to the timeout-related options, and was
mitigated by a note in the option description. However, this approach is
not maintainable as more plugin options implement magic values to allow
complex determination of what the actual value should be during an
execution - for example, with the new `--namespaces` option and plugin
options allowing users to override that global value.
Fix the former by implementing a `TIMEOUT_DEFAULT` constant. Fix the
latter by reassigning the internal magic value from `None` to the
implied value of `0`.
Related: #2547
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds plugin options to the `conntrack` and `ebpf` plugins to limit the
number of namespaces they will iterate over, allowing plugin specific
options to override the global `--namespaces` option.
Resolves: #2547
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a global `--namespaces` option that can be used to limit the
number of namespaces all plugins will iterate over. If a plugin provides
a specific plugin option, such as the `networking.namespaces` option,
then if set that plugin option will override the global option value.
The global option defaults to not limiting namespaces, matching current
behavior.
Closes: #2092
Resolves: #2547
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Alongside of that, unify list of collected ethtool short options
with list of tags added.
Resolves: #2634
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AD/LDAP users are not reported into `lastlog` generally, however they
are reported in `last`. Conversely, `last` does not report local users
who have not logged in but still exist.
In order to obfuscate both kinds of users, we need to look at both
sources.
For this, first allow parsers to specify multiple prep files. Second,
update the username parser to search through all `lastlog` collections
as well as the `last` collection.
Also includes a small update to the username parser's prep loading logic
to ensure we are iterating over each username discovered only once.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
| |
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
|
|
|
|
| |
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
|
|
|
|
| |
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
|
|
|
|
| |
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
First, adds a MANIFEST.in file for distutils to reference, so that we
can easily ensure that the .po files are included in any manual build
from the git checkout.
Second, add a cirrus task to ensure that basic rpm builds from the git
checkout can be done by the user.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the plugin captures only files
with the format saDD. If an user enables the
option -D, the format changes to saYYYYMMDD.
By using this regex, we gather both formats
while ignoring .xz files and other non-sar
files.
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
|
|
|
|
| |
Signed-off-by: liugang <liuganga@uniontech.com>
|
|
|
|
|
|
|
|
|
|
| |
Instead of re-reading the mapping file for each parser, read it once and
store the contents, then hand those contents over to each parser.
This allows us to side-step handling the same exception for malformed
config files over and over for each parser loaded.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds an alert suppression for 2 LGTM.com alerts. First, one involving
the overriding of `load_options()` when we're initializing the
placeholder component for `collect` on systems that do not have the
proper support for it.
Second, an alert about logging sensitive data when we are reporting the
temporary anonymous user used to leverage the RH SFTP server when the
user does not provide credentials.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Updates the packit configuration to enable GH comment notifications, as
well as expand the architectures the COPR RPMs are built for.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avocado will, by default, use the "recursive" behavior when looking
for tests. It means that the class hierarchy will be crawled
recursively, until, for "avocado-instrumented" tests, the top-most
parent "avocado.Test" is found.
When the "enable" behavior is activated, it forces the class to be
considered one containing avocado-instrumented tests, but, it disables
the recursive behavior and only the tests local to that specific class
are found.
Signed-off-by: Cleber Rosa <crosa@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new tiny plugin independent on leapp and convert2rhel is proposed.
It should collect /etc/migration-results with info about RHEL
conversions and upgrades, whenever the file is present.
Resolves: #2627
Relevant to: rhbz#1959598
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Set default value for the attribute 'changes' when_add_cmd_output is
called without that argument.
Further, add reason to "skipped command" log due to --dry-run.
Resolves: #2626
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
| |
Removes an old dependency on python-libxml2 that has not been required
for some time.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Updates PR#1820 to bring in additional command collection for the
openvswitch plugin. Note that the `ovs-appctl` command added in that
original PR is not brought forward, as subsequent changes since that PR
have added an iterative collection of that command.
Resolves: #1820
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add tests checking independence of foreman_* plugins on the
"main" foreman plugin.
Add the two plugins to the list of expectedly enabled on a tfm instance.
Relevant: #2546
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of foreman plugin is not applicable to a smart proxy, so
split that functionality to a separate plugin.
Additionally, split installer (and foreman-maintain relicts) common to
both foreman and smart proxy to its dedicated plugin.
Move puppet stuff from foreman to puppet plugin.
Resolves: #2546
Closes: #2423
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While cmdline allows --plugin-option as well as --plugopts,
it stores the value under `plugopts` key. Therefore parsing
config file ignores --plugin-option.
Similarly for --name/--label and --profile/--profiles.
When processing config file, we must unify those potentially duplicit
keys.
Resolves: #2606
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
Sos report uses --plugin-option or --plugopts.
Relevant: #2606
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Kata Containers 1.x, which is the base for this plugin, has reached its
EOL on May 12th 2021*.
Based on that, let's update the sos plugin to match the current Fedora
RPM (kata-containers, instead of kata-runtime).
Currently, kata-containers can only be used in the kubernetes world and
it'll always be spawn either by CRI-O or containerd, and then it'll log
to the journal using their identifier, and the responsibility of
collecting the CRI runtime journal is left for the CRI runtimes.
*: https://medium.com/kata-containers/about-kata-containers-releases-8b3d91d1166e
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
|
|
|
|
|
|
|
|
| |
Fixes an issue where options provided for `skip-commands` and
`skip-files` were not properly formatted, thus causing an exception
during the finalization of the node's sos command.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Unify --map[-file] argument among report/collect/clean.
Resolves: #2602
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Updates plugins that were using `os.path.*` methods, or `os.listdir`, to
use the new wrappers provided by `sos.utilities` via the helper methods
in `Plugin`.
Resolves: #2551
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds wrapper methods to `sos.utilities` that allows the common `os`
methods, such as `os.path.exists()` to account for the setting of
`sysroot`. This will allow sos, and particularly plugins, to more
easily and reliably function as expected when sos is run within a
container.
Helpers have been added directly to `Plugin` that automatically pass the
set `sysroot` option, so plugin authors do not need to handle that
option or directly import these path functions from `sos.utilities`.
Closes: #494
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
- All configuration files from /etc/mysql/
- Default error log path: /var/log/mysql/error.log
- Alternative data directory location /var/lib/percona-xtradb-cluster
- gvwstate.dat for galera debugging
- Update the various server package names (though all seem to depend on
mysql-common anyway)
Signed-off-by: Trent Lloyd <trent.lloyd@canonical.com>
|
|
|
|
|
|
|
|
| |
Re-orders the execution of component tests to have `report` tests run
last so that potential system changes made during those tests do not
influence other component tests.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
In the event we get a match on an already-obfuscated MAC address, skip
the match instead of double-obfuscating the address.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
If we get an exception we aren't expecting and can't investigate due to
a missing `CmdResult` object being attached to the raised exception,
simply re-raise that exception rather than failing on trying to inspect
a non-existing object.
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a new test case that captures a full, unrestricted, sos report and
runs it through `sos clean` to enhance our confidence in `clean`
performance.
This is a StageTwo test as it will temporarily overwrite any existing
default_mapping.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Allows test cases to set their own timeout for sos command executions,
rather than applying a 300 second timeout to all test cases. 300 seconds
remains the default, however.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Also catch exceptions for malformed map files when trying to load them
into the parsers.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just making the code more robustness, it could be dangerous to
set pred = None and then potentially call log_skipped_cmd that
expects "pred" of SoSPredicate type.
Currently such a call flow can not happen, but it is worth to
make the code more robust for potential future changes.
Resolves: #2601
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
| |
Like we did in #969 for `dnf`, fix a potential issue where we would
generate a traceback in the plugin when `yum history` is empty.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Updates the image used for CentOS Stream 8 testing to the latest release
for that distro.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Changes which collection the `date` root symlink points to. It will now
reference the `timedatectl` command run via the `systemd` plugin, as it
provides more complete and accurate information.
Closes: #2559
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Use designate-manage to grab the current pools from designate, in
case they differ from the pools stored in /etc
Signed-off-by: Michael Chapman <woppin@gmail.com>
|
|
|
|
| |
Signed-off-by: Osher De Paz <osherdepaz@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
- /etc/ansible/facts.d/rhui_*.fact must be collected by
rhui plugin to let some file to be obfuscated there
- obfuscate also cookies values that can grant login access
Resolves: #2593
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rhui-manager commands timeout when not being logged in, which
should be reacted by adding proper cmd timeout.
Adding the env.variable ensures potentially unaswered "RHUI Username:"
is also printed/colected.
Further, prevent collecting any *.key file from the whole /etc/pki/rhui
dir.
Related: #2593
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
- deal with /etc/pulp/settings.py as a one-line string
- parse dbname from it as well
- dont collect any *.key file from whole /etc/pki/pulp dir
Related: #2593
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
| |
Add option to apply glob.glob to forbidden path recursively.
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|