From 36f15e9e6511724a65a0b7026c226c25aa59bf7b Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Sun, 10 Dec 2023 23:12:16 +0300 Subject: [PATCH 1/4] import sos-4.5.3-1.el8 --- .gitignore | 2 +- .sos.metadata | 2 +- ...2175650-microshift-plugin-oc-command.patch | 46 ---------- SOURCES/sos-bz2176086-iprconfig-sg-kmod.patch | 56 ------------ SOURCES/sos-bz2176218-sos-clean-tmp.patch | 85 ------------------- SPECS/sos.spec | 31 ++++--- 6 files changed, 19 insertions(+), 203 deletions(-) delete mode 100644 SOURCES/sos-bz2175650-microshift-plugin-oc-command.patch delete mode 100644 SOURCES/sos-bz2176086-iprconfig-sg-kmod.patch delete mode 100644 SOURCES/sos-bz2176218-sos-clean-tmp.patch diff --git a/.gitignore b/.gitignore index dc328ec..f5854d3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/sos-4.5.1.tar.gz +SOURCES/sos-4.5.3.tar.gz SOURCES/sos-audit-0.3.tgz diff --git a/.sos.metadata b/.sos.metadata index 144aabb..fad1c5d 100644 --- a/.sos.metadata +++ b/.sos.metadata @@ -1,2 +1,2 @@ -918b69741255038a99d969cc8b4ceecb7e18034f SOURCES/sos-4.5.1.tar.gz +eec8ce79aa42dd6561bce9638c8e803e9f81e476 SOURCES/sos-4.5.3.tar.gz 9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz diff --git a/SOURCES/sos-bz2175650-microshift-plugin-oc-command.patch b/SOURCES/sos-bz2175650-microshift-plugin-oc-command.patch deleted file mode 100644 index bc8f83c..0000000 --- a/SOURCES/sos-bz2175650-microshift-plugin-oc-command.patch +++ /dev/null @@ -1,46 +0,0 @@ -From ff5e73b29b1fcc4c5531654d4f67f808408aa989 Mon Sep 17 00:00:00 2001 -From: Pablo Acevedo Montserrat -Date: Thu, 2 Mar 2023 12:12:06 +0100 -Subject: [PATCH] [microshift] Fix microshift get and add commands - -Drop microshift get usage in favor of oc get commands. -Add version and show-config commands before running inspect. - -Closes https://issues.redhat.com/browse/USHIFT-932 - -Signed-off-by: Pablo Acevedo Montserrat ---- - sos/report/plugins/microshift.py | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/sos/report/plugins/microshift.py b/sos/report/plugins/microshift.py -index 953eb88e..69981d63 100644 ---- a/sos/report/plugins/microshift.py -+++ b/sos/report/plugins/microshift.py -@@ -86,9 +86,10 @@ class Microshift(Plugin, RedHatPlugin): - - def _get_namespaces(self): - res = self.exec_cmd( -- 'microshift get namespaces' -+ 'oc get namespaces' - ' -o custom-columns=NAME:.metadata.name' -- ' --no-headers') -+ ' --no-headers' -+ ' --kubeconfig=%s' % self.get_option('kubeconfig')) - if res['status'] == 0: - return self._reduce_namespace_list(res['output'].split('\n')) - return [] -@@ -146,6 +147,10 @@ class Microshift(Plugin, RedHatPlugin): - which is used to retrieve all API resources from the cluster. - """ - self.add_forbidden_path('/var/lib/microshift') -+ self.add_cmd_output([ -+ 'microshift version', -+ 'microshift show-config -m effective' -+ ]) - - _cluster_resources_to_collect = ",".join( - self._get_cluster_resources()) --- -2.39.2 - diff --git a/SOURCES/sos-bz2176086-iprconfig-sg-kmod.patch b/SOURCES/sos-bz2176086-iprconfig-sg-kmod.patch deleted file mode 100644 index f39d12c..0000000 --- a/SOURCES/sos-bz2176086-iprconfig-sg-kmod.patch +++ /dev/null @@ -1,56 +0,0 @@ -From e8dc0e55988b36d0476bcae741652208356f0f07 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Tue, 7 Mar 2023 10:10:33 +0100 -Subject: [PATCH] [iprconfig] guard whole plugin by sg kmod predicate - -Calling any iprconfig command loads 'sg' kernel module. So guard -collecting anything from the plugin by that kmod predicate. - -Resolves: #3159 - -Signed-off-by: Pavel Moravec ---- - sos/report/plugins/iprconfig.py | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/sos/report/plugins/iprconfig.py b/sos/report/plugins/iprconfig.py -index 6b4fb895..a304107f 100644 ---- a/sos/report/plugins/iprconfig.py -+++ b/sos/report/plugins/iprconfig.py -@@ -9,7 +9,7 @@ - # This plugin enables collection of logs for Power systems - - import re --from sos.report.plugins import Plugin, IndependentPlugin -+from sos.report.plugins import Plugin, IndependentPlugin, SoSPredicate - - - class IprConfig(Plugin, IndependentPlugin): -@@ -22,6 +22,13 @@ class IprConfig(Plugin, IndependentPlugin): - - def setup(self): - -+ show_ioas = self.collect_cmd_output( -+ "iprconfig -c show-ioas", -+ pred=SoSPredicate(self, kmods=['sg']) -+ ) -+ if not show_ioas['status'] == 0: -+ return -+ - self.add_cmd_output([ - "iprconfig -c show-config", - "iprconfig -c show-alt-config", -@@ -35,10 +42,6 @@ class IprConfig(Plugin, IndependentPlugin): - "iprconfig -c dump" - ]) - -- show_ioas = self.collect_cmd_output("iprconfig -c show-ioas") -- if not show_ioas['status'] == 0: -- return -- - devices = [] - if show_ioas['output']: - p = re.compile('sg') --- -2.39.2 - diff --git a/SOURCES/sos-bz2176218-sos-clean-tmp.patch b/SOURCES/sos-bz2176218-sos-clean-tmp.patch deleted file mode 100644 index 05bb543..0000000 --- a/SOURCES/sos-bz2176218-sos-clean-tmp.patch +++ /dev/null @@ -1,85 +0,0 @@ -From d4d4d5509fe4f0e29260b33a1c51bf62297ef0b9 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Tue, 7 Mar 2023 13:16:02 +0100 -Subject: [PATCH 1/2] [cleaner] dont clean sys_tmp from final_path - -When generating location of final tarball, apply cleaner obfuscation to -the filename but not to the tmp path itself. Otherwise - -sos clean --keywords tmp - -fails in attempt to move file to nonexisting /var/obfuscatedword0 -directory. - -Resolves: #3160 - -Signed-off-by: Pavel Moravec ---- - sos/cleaner/__init__.py | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py -index d3e32992..b8e4aafd 100644 ---- a/sos/cleaner/__init__.py -+++ b/sos/cleaner/__init__.py -@@ -400,8 +400,9 @@ third party. - cf.write(checksum) - self.write_cleaner_log() - -- final_path = self.obfuscate_string( -- os.path.join(self.sys_tmp, arc_path.split('/')[-1]) -+ final_path = os.path.join( -+ self.sys_tmp, -+ self.obfuscate_string(arc_path.split('/')[-1]) - ) - shutil.move(arc_path, final_path) - arcstat = os.stat(final_path) --- -2.39.2 - - -From 622a26ee2faff91df03532892ca386c39e36a5fe Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Tue, 7 Mar 2023 17:55:19 +0100 -Subject: [PATCH 2/2] [tests] add a test covering #3160 - -Run the cleaner tests with obfuscating (also) "tmp" to cover files -handling under sys_tmp. - -Related to: #3160 - -Signed-off-by: Pavel Moravec ---- - tests/cleaner_tests/existing_archive.py | 19 +++++++++++++++++++ - 1 file changed, 19 insertions(+) - -diff --git a/tests/cleaner_tests/existing_archive.py b/tests/cleaner_tests/existing_archive.py -index e13d1cae..7f31f88e 100644 ---- a/tests/cleaner_tests/existing_archive.py -+++ b/tests/cleaner_tests/existing_archive.py -@@ -89,3 +89,22 @@ class ExistingArchiveCleanTest(StageTwoReportTest): - """Ensure that the 'testuser1' user created at install is obfuscated - """ - self.assertFileNotHasContent('var/log/anaconda/journal.log', 'testuser1') -+ -+class ExistingArchiveCleanTmpTest(StageTwoReportTest): -+ """Continuation of above tests which requires cleaning var / tmp keywords -+ -+ Note that this copies heavily from the full_report_run test. -+ -+ :avocado: tags=stagetwo -+ """ -+ -+ sos_cmd = '-v --keywords var,tmp,avocado --disable-parsers ip,ipv6,mac,username \ -+ --no-update tests/test_data/%s.tar.xz' % ARCHIVE -+ sos_component = 'clean' -+ -+ def test_sys_tmp_not_obfuscated(self): -+ """ Ensure that keywords var, tmp and avocado remains in the final archive -+ path despite they are parts of the --tmp-dir -+ """ -+ self.assertTrue(self.archive.startswith(os.getenv('AVOCADO_TESTS_COMMON_TMPDIR'))) -+ --- -2.39.2 - diff --git a/SPECS/sos.spec b/SPECS/sos.spec index 73ebdc2..815747a 100644 --- a/SPECS/sos.spec +++ b/SPECS/sos.spec @@ -4,28 +4,23 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.5.1 -Release: 3%{?dist} +Version: 4.5.3 +Release: 1%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz -License: GPLv2+ +License: GPL-2.0-or-later BuildArch: noarch Url: https://github.com/sosreport/sos BuildRequires: python3-devel BuildRequires: gettext BuildRequires: python3-setuptools -Requires: bzip2 -Requires: xz Requires: python3-requests Recommends: python3-magic Recommends: python3-pexpect Recommends: python3-pyyaml Conflicts: vdsm < 4.40 Obsoletes: sos-collector -Patch1: sos-bz2175650-microshift-plugin-oc-command.patch -Patch2: sos-bz2176086-iprconfig-sg-kmod.patch -Patch3: sos-bz2176218-sos-clean-tmp.patch %description @@ -37,9 +32,6 @@ support technicians and developers. %prep %setup -qn %{name}-%{version} %setup -T -D -a1 -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build @@ -47,8 +39,11 @@ support technicians and developers. %install %py3_install '--install-scripts=%{_sbindir}' - +rm -f %{buildroot}/usr/config/sos.conf +rm -f %{buildroot}/usr/config/tmpfilesd-sos-rh.conf install -Dm644 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf +install -d -m 755 %{buildroot}%{_sysconfdir}/tmpfiles.d/ +install -m 644 tmpfiles/tmpfilesd-sos-rh.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf %find_lang %{name} || echo 0 @@ -67,6 +62,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/sos/{cleaner,presets.d,extras.d,groups.d} %dir /etc/sos/presets.d %dir /etc/sos/extras.d %dir /etc/sos/groups.d +/etc/tmpfiles.d/%{name}.conf %{python3_sitelib}/* %{_mandir}/man1/sosreport.1.gz %{_mandir}/man1/sos-clean.1.gz @@ -81,7 +77,6 @@ mkdir -p %{buildroot}%{_sysconfdir}/sos/{cleaner,presets.d,extras.d,groups.d} %license LICENSE %config(noreplace) %{_sysconfdir}/sos/sos.conf %config(noreplace) %{_sysconfdir}/sos/cleaner -%config /usr/config/sos.conf %package audit Summary: Audit use of some commands for support purposes @@ -110,9 +105,17 @@ of the system. Currently storage and filesystem commands are audited. %ghost /etc/audit/rules.d/40-sos-storage.rules %changelog -* Wed Jul 26 2023 MSVSphere Packaging Team - 4.5.1-3 +* Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.3-1 - Rebuilt for MSVSphere 8.8 +* Fri May 05 2023 Jan Jansky = 4.5.3-1 +- [report] Ignore case when scrubbing via do_file_sub + Resolves: bz2143272 +- [subscription_manager] Scrub proxy passwords from repo_server_val + Resolves: bz2177282 +- [virsh] Scrub passwords in virt-manager logs + Resolves: bz2184062 + * Wed Mar 08 2023 Pavel Moravec = 4.5.1-3 - Rebase on upstream 4.5.1 Resolves: bz2175806 From 751d4c2f7a23e17f942df8b8c0b946aef68ebff8 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 11 Dec 2023 17:08:12 +0300 Subject: [PATCH 2/4] import sos-4.5.4-1.el8 --- .gitignore | 2 +- .sos.metadata | 2 +- SPECS/sos.spec | 15 +++++++++++++-- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index f5854d3..ffb4d34 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/sos-4.5.3.tar.gz +SOURCES/sos-4.5.4.tar.gz SOURCES/sos-audit-0.3.tgz diff --git a/.sos.metadata b/.sos.metadata index fad1c5d..61e625d 100644 --- a/.sos.metadata +++ b/.sos.metadata @@ -1,2 +1,2 @@ -eec8ce79aa42dd6561bce9638c8e803e9f81e476 SOURCES/sos-4.5.3.tar.gz +e2c0fe1ab4ab24b7d91d3fb2c590a00bf4f3cf98 SOURCES/sos-4.5.4.tar.gz 9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz diff --git a/SPECS/sos.spec b/SPECS/sos.spec index 815747a..c548acb 100644 --- a/SPECS/sos.spec +++ b/SPECS/sos.spec @@ -4,7 +4,7 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.5.3 +Version: 4.5.4 Release: 1%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz @@ -16,6 +16,7 @@ BuildRequires: python3-devel BuildRequires: gettext BuildRequires: python3-setuptools Requires: python3-requests +Requires: python3-setuptools Recommends: python3-magic Recommends: python3-pexpect Recommends: python3-pyyaml @@ -105,9 +106,19 @@ of the system. Currently storage and filesystem commands are audited. %ghost /etc/audit/rules.d/40-sos-storage.rules %changelog -* Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.3-1 +* Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.4-1 - Rebuilt for MSVSphere 8.8 +* Thu Jun 01 2023 Pavel Moravec = 4.5.4-1 +- [plugins] collect strings before commands + Resolves: bz2203141 +- [collector] collect report from primary node if in node_list + Resolves: bz2186460 +- [powerpc] collect invscout logs + Resolves: bz2210543 +- [rhc] New plugin for RHC + Resolves: bz2196649 + * Fri May 05 2023 Jan Jansky = 4.5.3-1 - [report] Ignore case when scrubbing via do_file_sub Resolves: bz2143272 From ce10b66c7d002508b83768c1ef0e1cb5eae0adc8 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 11 Dec 2023 17:08:26 +0300 Subject: [PATCH 3/4] import sos-4.5.5-2.el8 --- .gitignore | 2 +- .sos.metadata | 2 +- .../sos-bz2207562-clean-obfuscate-mac.patch | 57 ++++++++++++ ...-bz2218279-clean-respect-permissions.patch | 93 +++++++++++++++++++ SPECS/sos.spec | 26 +++++- 5 files changed, 173 insertions(+), 7 deletions(-) create mode 100644 SOURCES/sos-bz2207562-clean-obfuscate-mac.patch create mode 100644 SOURCES/sos-bz2218279-clean-respect-permissions.patch diff --git a/.gitignore b/.gitignore index ffb4d34..070b750 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/sos-4.5.4.tar.gz +SOURCES/sos-4.5.5.tar.gz SOURCES/sos-audit-0.3.tgz diff --git a/.sos.metadata b/.sos.metadata index 61e625d..9b6751a 100644 --- a/.sos.metadata +++ b/.sos.metadata @@ -1,2 +1,2 @@ -e2c0fe1ab4ab24b7d91d3fb2c590a00bf4f3cf98 SOURCES/sos-4.5.4.tar.gz +cc86572817d14115c3dc5a942c79e89fa17514c4 SOURCES/sos-4.5.5.tar.gz 9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz diff --git a/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch b/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch new file mode 100644 index 0000000..51a866d --- /dev/null +++ b/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch @@ -0,0 +1,57 @@ +From 59c2660584734af92eca2eae31af3fbf5557f853 Mon Sep 17 00:00:00 2001 +From: Jan Jansky +Date: Mon, 10 Jul 2023 13:10:22 +0200 +Subject: [PATCH] [clean] Properly obfuscate MAC addresses + +Some of mac addresses was not properly obfuscated because +some collected data contains mac addresses in format +01: and parser was not ready for that. + +Also added mapper which will obfuscate mac address in case +it is in format with _ instead of : as for example + +00_50_56_87_5d_01 + +instead of + +00:50:56:87:5d:01 + +Format with _ is used for example by vmware plugin. + +Resolves: #3302 + +Signed-off-by: Jan Jansky +--- + sos/cleaner/mappings/mac_map.py | 2 +- + sos/cleaner/parsers/mac_parser.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/sos/cleaner/mappings/mac_map.py b/sos/cleaner/mappings/mac_map.py +index 334a6681..4ccba25a 100644 +--- a/sos/cleaner/mappings/mac_map.py ++++ b/sos/cleaner/mappings/mac_map.py +@@ -75,5 +75,5 @@ class SoSMacMap(SoSMap): + if re.match('(([0-9a-fA-F]{4}:){3}([0-9a-fA-F]){4})', item): + return self.mac6_quad_template % hextets + # match 48-bit IPv4 MAC addresses +- if re.match('([0-9a-fA-F]:?){12}', item): ++ if re.match('([0-9a-fA-F][:_]?){12}', item): + return self.mac_template % hextets +diff --git a/sos/cleaner/parsers/mac_parser.py b/sos/cleaner/parsers/mac_parser.py +index 88b0ac2e..4e790018 100644 +--- a/sos/cleaner/parsers/mac_parser.py ++++ b/sos/cleaner/parsers/mac_parser.py +@@ -25,8 +25,8 @@ IPV6_REG_4HEX = ( + ) + # aa:bb:cc:dd:ee:ff avoiding ipv6 substring matches + IPV4_REG = ( +- r'((? +Date: Wed, 28 Jun 2023 11:49:56 +0200 +Subject: [PATCH 1/2] [clean] Respect permissions of sanitised files + +When copying files we applied a substitution in, we must replace just +original file content (shutil.copyfile) and not also its stat data +(shutil.copy). + +Resolves: #3292 + +Signed-off-by: Pavel Moravec +--- + sos/cleaner/__init__.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py +index feeedf66..fbcaa9c3 100644 +--- a/sos/cleaner/__init__.py ++++ b/sos/cleaner/__init__.py +@@ -778,7 +778,7 @@ third party. + % (short_name, err), caller=arc_name) + tfile.seek(0) + if subs: +- shutil.copy(tfile.name, filename) ++ shutil.copyfile(tfile.name, filename) + tfile.close() + + _ob_short_name = self.obfuscate_string(short_name.split('/')[-1]) +-- +2.31.1 + + +From fc1489a621108d3613d3337489a64950e52d77c3 Mon Sep 17 00:00:00 2001 +From: Pavel Moravec +Date: Thu, 29 Jun 2023 22:57:46 +0200 +Subject: [PATCH 2/2] [tests] add test for #3292 + +Add a test that cleaner keeps permissions of a sanitised file + +Relevant to: #3292 + +Signed-off-by: Pavel Moravec +--- + .../basic_function_tests/report_with_mask.py | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/tests/cleaner_tests/basic_function_tests/report_with_mask.py b/tests/cleaner_tests/basic_function_tests/report_with_mask.py +index 7c4d3905..baee836a 100644 +--- a/tests/cleaner_tests/basic_function_tests/report_with_mask.py ++++ b/tests/cleaner_tests/basic_function_tests/report_with_mask.py +@@ -9,6 +9,7 @@ + from sos_tests import StageOneReportTest, StageTwoReportTest + + import re ++from os import stat + + + class ReportWithMask(StageOneReportTest): +@@ -18,6 +19,17 @@ class ReportWithMask(StageOneReportTest): + """ + + sos_cmd = '--mask -o host,networking' ++ hosts_obfuscated = None ++ ++ def pre_sos_setup(self): ++ # obfuscate a random word from /etc/hosts and ensure the updated ++ # sanitised file has same permissions (a+r) ++ try: ++ self.hosts_obfuscated = open('/etc/hosts').read().strip('#\n').split()[-1] ++ except (FileNotFoundError, IndexError) as e: ++ self.warning(f"Unable to process /etc/hosts: {e}") ++ if self.hosts_obfuscated: ++ self.sos_cmd += f' --keywords={self.hosts_obfuscated}' + + def test_mask_was_run(self): + self.assertOutputContains('Beginning obfuscation') +@@ -53,6 +65,12 @@ class ReportWithMask(StageOneReportTest): + mac = line.strip().split()[1] + assert mac.startswith('53:4f:53'), "Found unobfuscated mac addr %s" % mac + ++ def test_perms_unchanged_on_modified_file(self): ++ if self.hosts_obfuscated: ++ imode_orig = stat('/etc/hosts').st_mode ++ imode_obfuscated = stat(self.get_name_in_archive('etc/hosts')).st_mode ++ self.assertEqual(imode_orig, imode_obfuscated) ++ + + class ReportWithCleanedKeywords(StageOneReportTest): + """Testing for obfuscated keywords provided by the user +-- +2.31.1 + diff --git a/SPECS/sos.spec b/SPECS/sos.spec index c548acb..e5f32ef 100644 --- a/SPECS/sos.spec +++ b/SPECS/sos.spec @@ -4,8 +4,8 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.5.4 -Release: 1%{?dist} +Version: 4.5.5 +Release: 2%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz @@ -22,7 +22,8 @@ Recommends: python3-pexpect Recommends: python3-pyyaml Conflicts: vdsm < 4.40 Obsoletes: sos-collector - +Patch1: sos-bz2218279-clean-respect-permissions.patch +Patch2: sos-bz2207562-clean-obfuscate-mac.patch %description Sos is a set of tools that gathers information about system @@ -33,7 +34,8 @@ support technicians and developers. %prep %setup -qn %{name}-%{version} %setup -T -D -a1 -q - +%patch1 -p1 +%patch2 -p1 %build %py3_build @@ -106,9 +108,23 @@ of the system. Currently storage and filesystem commands are audited. %ghost /etc/audit/rules.d/40-sos-storage.rules %changelog -* Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.4-1 +* Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.5-2 - Rebuilt for MSVSphere 8.8 +* Fri Jul 14 2023 Jan Jansky = 4.5.5-2 +- Adding patch for mac obfuscation + Resolves: bz2218279 + Resolves: bz2216608 + Resolves: bz2207562 + +* Mon Jul 03 2023 Jan Jansky = 4.5.5-1 +- [clean] Respect permissions of sanitised files + Resolves: bz2218279 +- [plugin] Fix exception when calling os.makedirs + Resolves: bz2216608 +- [cleaner] Enhance trailing characters list after AMC address + Resolves: bz2207562 + * Thu Jun 01 2023 Pavel Moravec = 4.5.4-1 - [plugins] collect strings before commands Resolves: bz2203141 From 3b820859054647d17c25f48dc6436bd4a7adfcc1 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 11 Dec 2023 17:08:39 +0300 Subject: [PATCH 4/4] import sos-4.5.6-1.el8 --- .gitignore | 2 +- .sos.metadata | 2 +- .../sos-bz2207562-clean-obfuscate-mac.patch | 57 ------------ ...-bz2218279-clean-respect-permissions.patch | 93 ------------------- SOURCES/sos-bz2226682-ovn-ic-db-files.patch | 42 +++++++++ SPECS/sos.spec | 12 ++- 6 files changed, 51 insertions(+), 157 deletions(-) delete mode 100644 SOURCES/sos-bz2207562-clean-obfuscate-mac.patch delete mode 100644 SOURCES/sos-bz2218279-clean-respect-permissions.patch create mode 100644 SOURCES/sos-bz2226682-ovn-ic-db-files.patch diff --git a/.gitignore b/.gitignore index 070b750..85aafbe 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/sos-4.5.5.tar.gz +SOURCES/sos-4.5.6.tar.gz SOURCES/sos-audit-0.3.tgz diff --git a/.sos.metadata b/.sos.metadata index 9b6751a..e0a9368 100644 --- a/.sos.metadata +++ b/.sos.metadata @@ -1,2 +1,2 @@ -cc86572817d14115c3dc5a942c79e89fa17514c4 SOURCES/sos-4.5.5.tar.gz +8f38e24add48538585441452d85e2ea4faa04c34 SOURCES/sos-4.5.6.tar.gz 9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz diff --git a/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch b/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch deleted file mode 100644 index 51a866d..0000000 --- a/SOURCES/sos-bz2207562-clean-obfuscate-mac.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 59c2660584734af92eca2eae31af3fbf5557f853 Mon Sep 17 00:00:00 2001 -From: Jan Jansky -Date: Mon, 10 Jul 2023 13:10:22 +0200 -Subject: [PATCH] [clean] Properly obfuscate MAC addresses - -Some of mac addresses was not properly obfuscated because -some collected data contains mac addresses in format -01: and parser was not ready for that. - -Also added mapper which will obfuscate mac address in case -it is in format with _ instead of : as for example - -00_50_56_87_5d_01 - -instead of - -00:50:56:87:5d:01 - -Format with _ is used for example by vmware plugin. - -Resolves: #3302 - -Signed-off-by: Jan Jansky ---- - sos/cleaner/mappings/mac_map.py | 2 +- - sos/cleaner/parsers/mac_parser.py | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/sos/cleaner/mappings/mac_map.py b/sos/cleaner/mappings/mac_map.py -index 334a6681..4ccba25a 100644 ---- a/sos/cleaner/mappings/mac_map.py -+++ b/sos/cleaner/mappings/mac_map.py -@@ -75,5 +75,5 @@ class SoSMacMap(SoSMap): - if re.match('(([0-9a-fA-F]{4}:){3}([0-9a-fA-F]){4})', item): - return self.mac6_quad_template % hextets - # match 48-bit IPv4 MAC addresses -- if re.match('([0-9a-fA-F]:?){12}', item): -+ if re.match('([0-9a-fA-F][:_]?){12}', item): - return self.mac_template % hextets -diff --git a/sos/cleaner/parsers/mac_parser.py b/sos/cleaner/parsers/mac_parser.py -index 88b0ac2e..4e790018 100644 ---- a/sos/cleaner/parsers/mac_parser.py -+++ b/sos/cleaner/parsers/mac_parser.py -@@ -25,8 +25,8 @@ IPV6_REG_4HEX = ( - ) - # aa:bb:cc:dd:ee:ff avoiding ipv6 substring matches - IPV4_REG = ( -- r'((? -Date: Wed, 28 Jun 2023 11:49:56 +0200 -Subject: [PATCH 1/2] [clean] Respect permissions of sanitised files - -When copying files we applied a substitution in, we must replace just -original file content (shutil.copyfile) and not also its stat data -(shutil.copy). - -Resolves: #3292 - -Signed-off-by: Pavel Moravec ---- - sos/cleaner/__init__.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py -index feeedf66..fbcaa9c3 100644 ---- a/sos/cleaner/__init__.py -+++ b/sos/cleaner/__init__.py -@@ -778,7 +778,7 @@ third party. - % (short_name, err), caller=arc_name) - tfile.seek(0) - if subs: -- shutil.copy(tfile.name, filename) -+ shutil.copyfile(tfile.name, filename) - tfile.close() - - _ob_short_name = self.obfuscate_string(short_name.split('/')[-1]) --- -2.31.1 - - -From fc1489a621108d3613d3337489a64950e52d77c3 Mon Sep 17 00:00:00 2001 -From: Pavel Moravec -Date: Thu, 29 Jun 2023 22:57:46 +0200 -Subject: [PATCH 2/2] [tests] add test for #3292 - -Add a test that cleaner keeps permissions of a sanitised file - -Relevant to: #3292 - -Signed-off-by: Pavel Moravec ---- - .../basic_function_tests/report_with_mask.py | 18 ++++++++++++++++++ - 1 file changed, 18 insertions(+) - -diff --git a/tests/cleaner_tests/basic_function_tests/report_with_mask.py b/tests/cleaner_tests/basic_function_tests/report_with_mask.py -index 7c4d3905..baee836a 100644 ---- a/tests/cleaner_tests/basic_function_tests/report_with_mask.py -+++ b/tests/cleaner_tests/basic_function_tests/report_with_mask.py -@@ -9,6 +9,7 @@ - from sos_tests import StageOneReportTest, StageTwoReportTest - - import re -+from os import stat - - - class ReportWithMask(StageOneReportTest): -@@ -18,6 +19,17 @@ class ReportWithMask(StageOneReportTest): - """ - - sos_cmd = '--mask -o host,networking' -+ hosts_obfuscated = None -+ -+ def pre_sos_setup(self): -+ # obfuscate a random word from /etc/hosts and ensure the updated -+ # sanitised file has same permissions (a+r) -+ try: -+ self.hosts_obfuscated = open('/etc/hosts').read().strip('#\n').split()[-1] -+ except (FileNotFoundError, IndexError) as e: -+ self.warning(f"Unable to process /etc/hosts: {e}") -+ if self.hosts_obfuscated: -+ self.sos_cmd += f' --keywords={self.hosts_obfuscated}' - - def test_mask_was_run(self): - self.assertOutputContains('Beginning obfuscation') -@@ -53,6 +65,12 @@ class ReportWithMask(StageOneReportTest): - mac = line.strip().split()[1] - assert mac.startswith('53:4f:53'), "Found unobfuscated mac addr %s" % mac - -+ def test_perms_unchanged_on_modified_file(self): -+ if self.hosts_obfuscated: -+ imode_orig = stat('/etc/hosts').st_mode -+ imode_obfuscated = stat(self.get_name_in_archive('etc/hosts')).st_mode -+ self.assertEqual(imode_orig, imode_obfuscated) -+ - - class ReportWithCleanedKeywords(StageOneReportTest): - """Testing for obfuscated keywords provided by the user --- -2.31.1 - diff --git a/SOURCES/sos-bz2226682-ovn-ic-db-files.patch b/SOURCES/sos-bz2226682-ovn-ic-db-files.patch new file mode 100644 index 0000000..82a684d --- /dev/null +++ b/SOURCES/sos-bz2226682-ovn-ic-db-files.patch @@ -0,0 +1,42 @@ +From 0af74a8b24ec9dab0ca0089d5b834ab9908173ac Mon Sep 17 00:00:00 2001 +From: Periyasamy Palanisamy +Date: Fri, 21 Jul 2023 15:03:01 +0530 +Subject: [PATCH] Collect db files for ovn interconnect environment + +This updates openshift_ovn plugin to collect ovn db files +when it is running with interconnect configuration. + +Signed-off-by: Periyasamy Palanisamy +--- + sos/report/plugins/openshift_ovn.py | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/sos/report/plugins/openshift_ovn.py b/sos/report/plugins/openshift_ovn.py +index 98522b1ed6..d81fc97aae 100644 +--- a/sos/report/plugins/openshift_ovn.py ++++ b/sos/report/plugins/openshift_ovn.py +@@ -27,7 +27,13 @@ def setup(self): + "/var/log/openvswitch/libreswan.log", + "/var/log/openvswitch/ovs-monitor-ipsec.log" + ]) ++ # Collect ovn interconnect specific files if exists. ++ self.add_copy_spec([ ++ "/var/lib/ovn-ic/etc/ovnnb_db.db", ++ "/var/lib/ovn-ic/etc/ovnsb_db.db" ++ ]) + ++ # The ovn cluster/status is not valid anymore for interconnect setup. + self.add_cmd_output([ + 'ovn-appctl -t /var/run/ovn/ovnnb_db.ctl ' + + 'cluster/status OVN_Northbound', +@@ -38,6 +44,10 @@ def setup(self): + 'ovs-appctl -t /var/run/ovn/ovn-controller.*.ctl ' + + 'ct-zone-list'], + container='ovnkube-node') ++ # Collect ovs ct-zone-list directly on host for interconnect setup. ++ self.add_cmd_output([ ++ 'ovs-appctl -t /var/run/ovn-ic/ovn-controller.*.ctl ' + ++ 'ct-zone-list']) + self.add_cmd_output([ + 'ovs-appctl -t ovs-monitor-ipsec tunnels/show', + 'ipsec status', diff --git a/SPECS/sos.spec b/SPECS/sos.spec index e5f32ef..678b740 100644 --- a/SPECS/sos.spec +++ b/SPECS/sos.spec @@ -4,8 +4,8 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos -Version: 4.5.5 -Release: 2%{?dist} +Version: 4.5.6 +Release: 1%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz @@ -22,8 +22,7 @@ Recommends: python3-pexpect Recommends: python3-pyyaml Conflicts: vdsm < 4.40 Obsoletes: sos-collector -Patch1: sos-bz2218279-clean-respect-permissions.patch -Patch2: sos-bz2207562-clean-obfuscate-mac.patch +Patch1: sos-bz2226682-ovn-ic-db-files.patch %description Sos is a set of tools that gathers information about system @@ -35,7 +34,6 @@ support technicians and developers. %setup -qn %{name}-%{version} %setup -T -D -a1 -q %patch1 -p1 -%patch2 -p1 %build %py3_build @@ -108,6 +106,10 @@ of the system. Currently storage and filesystem commands are audited. %ghost /etc/audit/rules.d/40-sos-storage.rules %changelog +* Thu Jul 27 2023 Pavel Moravec = 4.5.6-1 +- Rebase sos to 4.5.6 + Resolves: bz2226724 + * Wed Jul 26 2023 MSVSphere Packaging Team - = 4.5.5-2 - Rebuilt for MSVSphere 8.8