rpms / sos

Clone
Source Code
GIT

Blame SOURCES/sos-bz1491042-keystone-domains.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c9 c9-beta
  1.   6857201d8e4fa2b6feae5fa38b83eac4d899d939
  2.   SOURCES
  3.   sos-bz1491042-keystone-domains.patch
Blob History Raw
8b0807 
From 6d5c4d23d1a8fef70ab2e6b907104241322b3a49 Mon Sep 17 00:00:00 2001
8b0807 
From: Pavel Moravec <pmoravec@redhat.com>
8b0807 
Date: Wed, 15 Nov 2017 17:28:42 +0100
8b0807 
Subject: [PATCH] [openstack_keystone] Properly collect (non)default keystone
8b0807 
 domains
8b0807
8b0807 
- call crudini instead of (wrapper and not necessarily installed)
8b0807 
 openstack-config
8b0807 
- collect default /etc/keystone/domains only when crudini fails
8b0807 
- scrub passwords in /etc/keystone/domains as well, when collected
8b0807
8b0807 
Resolves: #1147
8b0807
8b0807 
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
8b0807 
---
8b0807 
 sos/plugins/openstack_keystone.py | 21 ++++++++++-----------
8b0807 
 1 file changed, 10 insertions(+), 11 deletions(-)
8b0807
8b0807 
diff --git a/sos/plugins/openstack_keystone.py b/sos/plugins/openstack_keystone.py
8b0807 
index 72c7f8e2..631e02b2 100644
8b0807 
--- a/sos/plugins/openstack_keystone.py
8b0807 
+++ b/sos/plugins/openstack_keystone.py
8b0807 
@@ -34,7 +34,6 @@ class OpenStackKeystone(Plugin):
8b0807 
             "/etc/keystone/keystone.conf",
8b0807 
             "/etc/keystone/logging.conf",
8b0807 
             "/etc/keystone/policy.json",
8b0807 
-            "/etc/keystone/domains",
8b0807 
             self.var_puppet_gen + "/etc/keystone/*.conf",
8b0807 
             self.var_puppet_gen + "/etc/keystone/*.json",
8b0807 
             self.var_puppet_gen + "/etc/httpd/conf/",
8b0807 
@@ -58,14 +57,15 @@ class OpenStackKeystone(Plugin):
8b0807 
                 "/var/log/containers/httpd/keystone/*log"
8b0807 
             ], sizelimit=self.limit)
8b0807
8b0807 
-        # collect domain config directory, if exists
8b0807 
-        self.domain_config_dir_added = False
8b0807 
+        # collect domain config directory, if specified
8b0807 
+        # if not, collect default /etc/keystone/domains
8b0807 
         self.domain_config_dir = self.get_cmd_output_now(
8b0807 
-                "openstack-config --get /etc/keystone/keystone.conf "
8b0807 
+                "crudini --get /etc/keystone/keystone.conf "
8b0807 
                 "identity domain_config_dir")
8b0807 
-        if self.domain_config_dir and os.path.isdir(self.domain_config_dir):
8b0807 
-            self.add_copy_spec(self.domain_config_dir)
8b0807 
-            self.domain_config_dir_added = True
8b0807 
+        if self.domain_config_dir is None or \
8b0807 
+                not(os.path.isdir(self.domain_config_dir)):
8b0807 
+            self.domain_config_dir = "/etc/keystone/domains"
8b0807 
+        self.add_copy_spec(self.domain_config_dir)
8b0807
8b0807 
         if self.get_option("verify"):
8b0807 
             self.add_cmd_output("rpm -V %s" % ' '.join(self.packages))
8b0807 
@@ -98,10 +98,9 @@ class OpenStackKeystone(Plugin):
8b0807 
             regexp, r"\1*********"
8b0807 
         )
8b0807
8b0807 
-        # obfuscate LDAP plaintext passwords in domain config dir, if collected
8b0807 
-        if self.domain_config_dir_added:
8b0807 
-            self.do_path_regex_sub(self.domain_config_dir,
8b0807 
-                                   r"((?m)^\s*(%s)\s*=\s*)(.*)", r"\1********")
8b0807 
+        # obfuscate LDAP plaintext passwords in domain config dir
8b0807 
+        self.do_path_regex_sub(self.domain_config_dir,
8b0807 
+                               r"((?m)^\s*(%s)\s*=\s*)(.*)", r"\1********")
8b0807
8b0807
8b0807 
 class DebianKeystone(OpenStackKeystone, DebianPlugin, UbuntuPlugin):
8b0807 
--
8b0807 
2.13.6
8b0807

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation