|
|
39d9b0 |
From 9a0ab16793a8388b2c3d3909fd3a087c5b6296d4 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: Pavel Moravec <pmoravec@redhat.com>
|
|
|
39d9b0 |
Date: Fri, 1 Nov 2019 12:13:23 -0400
|
|
|
39d9b0 |
Subject: [PATCH 01/10] [Plugin] remove invalid {strip/join}_sysroot()
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Do not strip the sysroot path prefix when calling _do_copy_path()
|
|
|
39d9b0 |
for a symlink target and do not add the sysroot prefix when
|
|
|
39d9b0 |
testing for a forbidden path.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Related: #1842
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/__init__.py | 4 +---
|
|
|
39d9b0 |
1 file changed, 1 insertion(+), 3 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
|
|
|
39d9b0 |
index e75ec82e..4f1b73ce 100644
|
|
|
39d9b0 |
--- a/sos/plugins/__init__.py
|
|
|
39d9b0 |
+++ b/sos/plugins/__init__.py
|
|
|
39d9b0 |
@@ -731,7 +731,7 @@ class Plugin(object):
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# skip recursive copying of symlink pointing to itself.
|
|
|
39d9b0 |
if (absdest != srcpath):
|
|
|
39d9b0 |
- self._do_copy_path(self.strip_sysroot(absdest))
|
|
|
39d9b0 |
+ self._do_copy_path(absdest)
|
|
|
39d9b0 |
else:
|
|
|
39d9b0 |
self._log_debug("link '%s' points to itself, skipping target..."
|
|
|
39d9b0 |
% linkdest)
|
|
|
39d9b0 |
@@ -758,8 +758,6 @@ class Plugin(object):
|
|
|
39d9b0 |
return None
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def _is_forbidden_path(self, path):
|
|
|
39d9b0 |
- if self.use_sysroot():
|
|
|
39d9b0 |
- path = self.join_sysroot(path)
|
|
|
39d9b0 |
return _path_in_path_list(path, self.forbidden_paths)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def _copy_node(self, path, st):
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From aeeebf126fc9fdb0fd8c3b01418bef742bce78c3 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Fri, 1 Nov 2019 12:22:51 -0400
|
|
|
39d9b0 |
Subject: [PATCH 02/10] [Plugin] fix destination paths in _do_copy_path()
|
|
|
39d9b0 |
|
|
|
39d9b0 |
The path used to copy special device nodes and directories in
|
|
|
39d9b0 |
_do_copy_path() should be the destination path in the archive
|
|
|
39d9b0 |
(without sysroot prefix), and not the source path in the host
|
|
|
39d9b0 |
file system that includes this prefix.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Related: #1842
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/__init__.py | 6 +++---
|
|
|
39d9b0 |
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
|
|
|
39d9b0 |
index 4f1b73ce..60fbeaf7 100644
|
|
|
39d9b0 |
--- a/sos/plugins/__init__.py
|
|
|
39d9b0 |
+++ b/sos/plugins/__init__.py
|
|
|
39d9b0 |
@@ -721,8 +721,12 @@ class Plugin(object):
|
|
|
39d9b0 |
return
|
|
|
39d9b0 |
else:
|
|
|
39d9b0 |
if stat.S_ISDIR(st.st_mode) and os.access(srcpath, os.R_OK):
|
|
|
39d9b0 |
- self._copy_dir(srcpath)
|
|
|
39d9b0 |
- return
|
|
|
39d9b0 |
+ # copy empty directory
|
|
|
39d9b0 |
+ if not os.listdir(srcpath):
|
|
|
39d9b0 |
+ self.archive.add_dir(dest)
|
|
|
39d9b0 |
+ return
|
|
|
39d9b0 |
+ self._copy_dir(dest)
|
|
|
39d9b0 |
+ return
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# handle special nodes (block, char, fifo, socket)
|
|
|
39d9b0 |
if not (stat.S_ISREG(st.st_mode) or stat.S_ISDIR(st.st_mode)):
|
|
|
39d9b0 |
@@ -808,7 +808,7 @@ class Plugin(object):
|
|
|
39d9b0 |
ntype = _node_type(st)
|
|
|
39d9b0 |
self._log_debug("creating %s node at archive:'%s'"
|
|
|
39d9b0 |
% (ntype, dest))
|
|
|
39d9b0 |
- self._copy_node(srcpath, st)
|
|
|
39d9b0 |
+ self._copy_node(dest, st)
|
|
|
39d9b0 |
return
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# if we get here, it's definitely a regular file (not a symlink or dir)
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 05f3d5bda8f548459fabcd38f2d087d6ecef98a2 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Fri, 1 Nov 2019 12:25:09 -0400
|
|
|
39d9b0 |
Subject: [PATCH 03/10] [kernel] remove trailing directory globs in forbidden
|
|
|
39d9b0 |
paths
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Since the forbidden path test now uses an exact match the trailing
|
|
|
39d9b0 |
globs ("/some/directory/path/to/exclude/*") used to exclude trace
|
|
|
39d9b0 |
related directories from collection lead to a failure to properly
|
|
|
39d9b0 |
blacklist these files:
|
|
|
39d9b0 |
|
|
|
39d9b0 |
The glob is expanded, for e.g.:
|
|
|
39d9b0 |
|
|
|
39d9b0 |
"/sys/kernel/debug/tracing/per_cpu/*"
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Expands to unclude a 'cpuN' sub-directory for each CPU present on
|
|
|
39d9b0 |
the machine. These expanded paths are then added to the forbidden
|
|
|
39d9b0 |
paths list for the plugin:
|
|
|
39d9b0 |
|
|
|
39d9b0 |
/sys/kernel/debug/tracing/per_cpu/cpu0
|
|
|
39d9b0 |
/sys/kernel/debug/tracing/per_cpu/cpu1
|
|
|
39d9b0 |
...
|
|
|
39d9b0 |
|
|
|
39d9b0 |
When an attempt is made to collect the entire "per_cpu" directory
|
|
|
39d9b0 |
a check is made for the full "/sys/kernel/debug/tracing/per_cpu"
|
|
|
39d9b0 |
path against each entry in the forbidden paths list. Since this is
|
|
|
39d9b0 |
a prefix of the actual paths stored no match is returned and the
|
|
|
39d9b0 |
collection is permitted.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Remove the trailing globs from these directory paths and prevent
|
|
|
39d9b0 |
any collection of the directories they reference by the plugin.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Related: #1842
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/kernel.py | 6 +++---
|
|
|
39d9b0 |
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/kernel.py b/sos/plugins/kernel.py
|
|
|
39d9b0 |
index 88b14689..5c852143 100644
|
|
|
39d9b0 |
--- a/sos/plugins/kernel.py
|
|
|
39d9b0 |
+++ b/sos/plugins/kernel.py
|
|
|
39d9b0 |
@@ -89,9 +89,9 @@ class Kernel(Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin):
|
|
|
39d9b0 |
self.add_forbidden_path([
|
|
|
39d9b0 |
'/sys/kernel/debug/tracing/trace_pipe',
|
|
|
39d9b0 |
'/sys/kernel/debug/tracing/README',
|
|
|
39d9b0 |
- '/sys/kernel/debug/tracing/trace_stat/*',
|
|
|
39d9b0 |
- '/sys/kernel/debug/tracing/per_cpu/*',
|
|
|
39d9b0 |
- '/sys/kernel/debug/tracing/events/*',
|
|
|
39d9b0 |
+ '/sys/kernel/debug/tracing/trace_stat',
|
|
|
39d9b0 |
+ '/sys/kernel/debug/tracing/per_cpu',
|
|
|
39d9b0 |
+ '/sys/kernel/debug/tracing/events',
|
|
|
39d9b0 |
'/sys/kernel/debug/tracing/free_buffer',
|
|
|
39d9b0 |
'/sys/kernel/debug/tracing/trace_marker',
|
|
|
39d9b0 |
'/sys/kernel/debug/tracing/trace_marker_raw',
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 801c71b33dcfeaa980baa9f377b721bdd26aa5e8 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Fri, 1 Nov 2019 16:53:29 +0000
|
|
|
39d9b0 |
Subject: [PATCH 04/10] [tests] fix test_copy_dir_forbidden_path
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Rather than call just Plugin.setup() and Plugin._do_copy_path(),
|
|
|
39d9b0 |
add an add_copy_spec() call to the mock plugin setup() method,
|
|
|
39d9b0 |
and invoke copying by calling the Plugin.collect() method.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Related: #1845
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
tests/plugin_tests.py | 3 ++-
|
|
|
39d9b0 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/tests/plugin_tests.py b/tests/plugin_tests.py
|
|
|
39d9b0 |
index b8760429..6522fe14 100644
|
|
|
39d9b0 |
--- a/tests/plugin_tests.py
|
|
|
39d9b0 |
+++ b/tests/plugin_tests.py
|
|
|
39d9b0 |
@@ -81,6 +81,7 @@ class ForbiddenMockPlugin(Plugin):
|
|
|
39d9b0 |
plugin_name = "forbidden"
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def setup(self):
|
|
|
39d9b0 |
+ self.add_copy_spec("tests")
|
|
|
39d9b0 |
self.add_forbidden_path("tests")
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
@@ -235,7 +236,7 @@ class PluginTests(unittest.TestCase):
|
|
|
39d9b0 |
})
|
|
|
39d9b0 |
p.archive = MockArchive()
|
|
|
39d9b0 |
p.setup()
|
|
|
39d9b0 |
- p._do_copy_path("tests")
|
|
|
39d9b0 |
+ p.collect()
|
|
|
39d9b0 |
self.assertEquals(p.archive.m, {})
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From c4182ebd52af523261d2e7ef75affbb88eaf31fb Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 4 Nov 2019 10:45:15 +0000
|
|
|
39d9b0 |
Subject: [PATCH 05/10] [Plugin] use correct source path when copying
|
|
|
39d9b0 |
directories
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/__init__.py | 2 +-
|
|
|
39d9b0 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
|
|
|
39d9b0 |
index 60fbeaf7..240fe9f1 100644
|
|
|
39d9b0 |
--- a/sos/plugins/__init__.py
|
|
|
39d9b0 |
+++ b/sos/plugins/__init__.py
|
|
|
39d9b0 |
@@ -725,7 +725,7 @@ class Plugin(object):
|
|
|
39d9b0 |
if not os.listdir(srcpath):
|
|
|
39d9b0 |
self.archive.add_dir(dest)
|
|
|
39d9b0 |
return
|
|
|
39d9b0 |
- self._copy_dir(dest)
|
|
|
39d9b0 |
+ self._copy_dir(srcpath)
|
|
|
39d9b0 |
return
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# handle special nodes (block, char, fifo, socket)
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 68f4d7cc7adde00171af842b5bc808f41d888a87 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 4 Nov 2019 10:48:01 +0000
|
|
|
39d9b0 |
Subject: [PATCH 06/10] [Plugin] improve _copy_dir() variable naming
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Directory entries found in _copy_dir() may be either files or
|
|
|
39d9b0 |
sub-directories: reflect this in the names of local variables.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/__init__.py | 7 ++++---
|
|
|
39d9b0 |
1 file changed, 4 insertions(+), 3 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
|
|
|
39d9b0 |
index 240fe9f1..1a1464c1 100644
|
|
|
39d9b0 |
--- a/sos/plugins/__init__.py
|
|
|
39d9b0 |
+++ b/sos/plugins/__init__.py
|
|
|
39d9b0 |
@@ -738,10 +738,11 @@ class Plugin(object):
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def _copy_dir(self, srcpath):
|
|
|
39d9b0 |
try:
|
|
|
39d9b0 |
- for afile in os.listdir(srcpath):
|
|
|
39d9b0 |
+ for name in os.listdir(srcpath):
|
|
|
39d9b0 |
self._log_debug("recursively adding '%s' from '%s'"
|
|
|
39d9b0 |
- % (afile, srcpath))
|
|
|
39d9b0 |
- self._do_copy_path(os.path.join(srcpath, afile), dest=None)
|
|
|
39d9b0 |
+ % (name, srcpath))
|
|
|
39d9b0 |
+ path = os.path.join(srcpath, name)
|
|
|
39d9b0 |
+ self._do_copy_path(path)
|
|
|
39d9b0 |
except OSError as e:
|
|
|
39d9b0 |
if e.errno == errno.ELOOP:
|
|
|
39d9b0 |
msg = "Too many levels of symbolic links copying"
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From ad3adef07c32aee5bdd438706c6c1d4590ff8297 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 4 Nov 2019 14:13:00 +0000
|
|
|
39d9b0 |
Subject: [PATCH 07/10] [ceph] fix directory blacklist style
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
|
|
|
39d9b0 |
in order to omit a directory and all its content from the report.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/ceph.py | 4 ++--
|
|
|
39d9b0 |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/ceph.py b/sos/plugins/ceph.py
|
|
|
39d9b0 |
index 6e340c69..43284bc8 100644
|
|
|
39d9b0 |
--- a/sos/plugins/ceph.py
|
|
|
39d9b0 |
+++ b/sos/plugins/ceph.py
|
|
|
39d9b0 |
@@ -103,8 +103,8 @@ class Ceph(Plugin, RedHatPlugin, UbuntuPlugin):
|
|
|
39d9b0 |
"/var/lib/ceph/*keyring*",
|
|
|
39d9b0 |
"/var/lib/ceph/*/*keyring*",
|
|
|
39d9b0 |
"/var/lib/ceph/*/*/*keyring*",
|
|
|
39d9b0 |
- "/var/lib/ceph/osd/*",
|
|
|
39d9b0 |
- "/var/lib/ceph/mon/*",
|
|
|
39d9b0 |
+ "/var/lib/ceph/osd",
|
|
|
39d9b0 |
+ "/var/lib/ceph/mon",
|
|
|
39d9b0 |
# Excludes temporary ceph-osd mount location like
|
|
|
39d9b0 |
# /var/lib/ceph/tmp/mnt.XXXX from sos collection.
|
|
|
39d9b0 |
"/var/lib/ceph/tmp/*mnt*",
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 4d1576b04d35902ce44d26d6a5b2219e6f9c175a Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 4 Nov 2019 14:15:55 +0000
|
|
|
39d9b0 |
Subject: [PATCH 09/10] [openstack_octavia] fix directory blacklist style
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
|
|
|
39d9b0 |
in order to omit a directory and all its content from the report.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/openstack_octavia.py | 2 +-
|
|
|
39d9b0 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/openstack_octavia.py b/sos/plugins/openstack_octavia.py
|
|
|
39d9b0 |
index b97c83fa..ccdcd4c9 100644
|
|
|
39d9b0 |
--- a/sos/plugins/openstack_octavia.py
|
|
|
39d9b0 |
+++ b/sos/plugins/openstack_octavia.py
|
|
|
39d9b0 |
@@ -30,7 +30,7 @@ class OpenStackOctavia(Plugin):
|
|
|
39d9b0 |
])
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# don't collect certificates
|
|
|
39d9b0 |
- self.add_forbidden_path("/etc/octavia/certs/")
|
|
|
39d9b0 |
+ self.add_forbidden_path("/etc/octavia/certs")
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# logs
|
|
|
39d9b0 |
if self.get_option("all_logs"):
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 1fd194191a56c51052f0c24ddeb3bbf9088ae0ca Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: "Bryn M. Reeves" <bmr@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 4 Nov 2019 14:16:13 +0000
|
|
|
39d9b0 |
Subject: [PATCH 10/10] [vdsm] fix directory blacklist style
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
|
|
|
39d9b0 |
in order to omit a directory and all its content from the report.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/vdsm.py | 4 ++--
|
|
|
39d9b0 |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/vdsm.py b/sos/plugins/vdsm.py
|
|
|
39d9b0 |
index b2a1ca58..69672643 100644
|
|
|
39d9b0 |
--- a/sos/plugins/vdsm.py
|
|
|
39d9b0 |
+++ b/sos/plugins/vdsm.py
|
|
|
39d9b0 |
@@ -60,9 +60,9 @@ class Vdsm(Plugin, RedHatPlugin):
|
|
|
39d9b0 |
plugin_name = 'vdsm'
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def setup(self):
|
|
|
39d9b0 |
- self.add_forbidden_path('/etc/pki/vdsm/keys/*')
|
|
|
39d9b0 |
+ self.add_forbidden_path('/etc/pki/vdsm/keys')
|
|
|
39d9b0 |
self.add_forbidden_path('/etc/pki/vdsm/libvirt-spice/*-key.*')
|
|
|
39d9b0 |
- self.add_forbidden_path('/etc/pki/libvirt/private/*')
|
|
|
39d9b0 |
+ self.add_forbidden_path('/etc/pki/libvirt/private')
|
|
|
39d9b0 |
|
|
|
39d9b0 |
self.add_cmd_output('service vdsmd status')
|
|
|
39d9b0 |
self.add_cmd_output('service supervdsmd status')
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 87dbc4d961d9e98f4e8b7b54010800ff3bdb5a73 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
39d9b0 |
Date: Mon, 11 Nov 2019 12:43:01 -0500
|
|
|
39d9b0 |
Subject: [PATCH] [Plugin|Policy] Only call lsmod once and standardize kmod
|
|
|
39d9b0 |
checks
|
|
|
39d9b0 |
|
|
|
39d9b0 |
This commit makes two changes to how sos deals with kernel modules and
|
|
|
39d9b0 |
their state during a run of sosreport.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
First, no longer call `lsmod` for every individual plugin during its
|
|
|
39d9b0 |
enablement check. Instead, call `lsmod` only once during `Policy`
|
|
|
39d9b0 |
initialization, and cache the output for later checks.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Second, have `Plugin.is_module_loaded()` check for kmod presence in the
|
|
|
39d9b0 |
saved policy class attr for kernel_mods, rather than checking through
|
|
|
39d9b0 |
`/proc/modules`. Have the plugin enablement checks now also use
|
|
|
39d9b0 |
`is_module_loaded()` to standardize with how `SoSPredicate`s are
|
|
|
39d9b0 |
checked.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Note that this change results in a significant performance increase for
|
|
|
39d9b0 |
sos initialization times in a RHEL 7 container.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Resolves: #1854
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/plugins/__init__.py | 13 +++----------
|
|
|
39d9b0 |
sos/policies/__init__.py | 8 +++++---
|
|
|
39d9b0 |
2 files changed, 8 insertions(+), 13 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
|
|
|
39d9b0 |
index 1a1464c1..b7a47b6a 100644
|
|
|
39d9b0 |
--- a/sos/plugins/__init__.py
|
|
|
39d9b0 |
+++ b/sos/plugins/__init__.py
|
|
|
39d9b0 |
@@ -1036,11 +1036,8 @@ class Plugin(object):
|
|
|
39d9b0 |
sizelimit=sizelimit)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def is_module_loaded(self, module_name):
|
|
|
39d9b0 |
- """Return whether specified moudle as module_name is loaded or not"""
|
|
|
39d9b0 |
- if len(grep("^" + module_name + " ", "/proc/modules")) == 0:
|
|
|
39d9b0 |
- return False
|
|
|
39d9b0 |
- else:
|
|
|
39d9b0 |
- return True
|
|
|
39d9b0 |
+ """Return whether specified module as module_name is loaded or not"""
|
|
|
39d9b0 |
+ return module_name in self.policy.kernel_mods
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# For adding output
|
|
|
39d9b0 |
def add_alert(self, alertstring):
|
|
|
39d9b0 |
@@ -1541,15 +1538,11 @@ class Plugin(object):
|
|
|
39d9b0 |
return True
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def _check_plugin_triggers(self, files, packages, commands, services):
|
|
|
39d9b0 |
- kernel_mods = self.policy.lsmod()
|
|
|
39d9b0 |
-
|
|
|
39d9b0 |
- def have_kmod(kmod):
|
|
|
39d9b0 |
- return kmod in kernel_mods
|
|
|
39d9b0 |
|
|
|
39d9b0 |
return (any(os.path.exists(fname) for fname in files) or
|
|
|
39d9b0 |
any(self.is_installed(pkg) for pkg in packages) or
|
|
|
39d9b0 |
any(is_executable(cmd) for cmd in commands) or
|
|
|
39d9b0 |
- any(have_kmod(kmod) for kmod in self.kernel_mods) or
|
|
|
39d9b0 |
+ any(self.is_module_loaded(mod) for mod in self.kernel_mods) or
|
|
|
39d9b0 |
any(self.is_service(svc) for svc in services))
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def default_enabled(self):
|
|
|
39d9b0 |
diff --git a/sos/policies/__init__.py b/sos/policies/__init__.py
|
|
|
39d9b0 |
index a19daf22..f4aa3180 100644
|
|
|
39d9b0 |
--- a/sos/policies/__init__.py
|
|
|
39d9b0 |
+++ b/sos/policies/__init__.py
|
|
|
39d9b0 |
@@ -822,6 +822,7 @@ class LinuxPolicy(Policy):
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def __init__(self, sysroot=None):
|
|
|
39d9b0 |
super(LinuxPolicy, self).__init__(sysroot=sysroot)
|
|
|
39d9b0 |
+ self.init_kernel_modules()
|
|
|
39d9b0 |
if self.init == 'systemd':
|
|
|
39d9b0 |
self.init_system = SystemdInit()
|
|
|
39d9b0 |
else:
|
|
|
39d9b0 |
@@ -874,11 +875,12 @@ class LinuxPolicy(Policy):
|
|
|
39d9b0 |
def sanitize_filename(self, name):
|
|
|
39d9b0 |
return re.sub(r"[^-a-z,A-Z.0-9]", "", name)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
- def lsmod(self):
|
|
|
39d9b0 |
- """Return a list of kernel module names as strings.
|
|
|
39d9b0 |
+ def init_kernel_modules(self):
|
|
|
39d9b0 |
+ """Obtain a list of loaded kernel modules to reference later for plugin
|
|
|
39d9b0 |
+ enablement and SoSPredicate checks
|
|
|
39d9b0 |
"""
|
|
|
39d9b0 |
lines = shell_out("lsmod", timeout=0).splitlines()
|
|
|
39d9b0 |
- return [line.split()[0].strip() for line in lines]
|
|
|
39d9b0 |
+ self.kernel_mods = [line.split()[0].strip() for line in lines]
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def pre_work(self):
|
|
|
39d9b0 |
# this method will be called before the gathering begins
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|
|
|
39d9b0 |
From 3006f467e6e3908193d28d76bddcc372c4b98875 Mon Sep 17 00:00:00 2001
|
|
|
39d9b0 |
From: Pavel Moravec <pmoravec@redhat.com>
|
|
|
39d9b0 |
Date: Tue, 9 Jul 2019 13:35:28 +0200
|
|
|
39d9b0 |
Subject: [PATCH] [archive] Handle checking container sysroot in
|
|
|
39d9b0 |
_make_leading_paths
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Previously, in _make_leading_paths(), checking host file paths did not
|
|
|
39d9b0 |
account for non / sysroots, for situations where sos is run in a
|
|
|
39d9b0 |
container and the host's / is actually mounted under /host for example.
|
|
|
39d9b0 |
This would lead to copy errors when trying to copy symlinks.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
This method now will use sysroot if one is set, thus avoiding copy
|
|
|
39d9b0 |
errors.
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Resolves: #1705
|
|
|
39d9b0 |
|
|
|
39d9b0 |
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
39d9b0 |
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
39d9b0 |
---
|
|
|
39d9b0 |
sos/archive.py | 17 +++++++++++++----
|
|
|
39d9b0 |
sos/sosreport.py | 4 ++--
|
|
|
39d9b0 |
tests/archive_tests.py | 3 ++-
|
|
|
39d9b0 |
3 files changed, 17 insertions(+), 7 deletions(-)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/archive.py b/sos/archive.py
|
|
|
39d9b0 |
index dcd6908d..7ab36ce4 100644
|
|
|
39d9b0 |
--- a/sos/archive.py
|
|
|
39d9b0 |
+++ b/sos/archive.py
|
|
|
39d9b0 |
@@ -139,12 +139,13 @@ class FileCacheArchive(Archive):
|
|
|
39d9b0 |
_archive_root = ""
|
|
|
39d9b0 |
_archive_name = ""
|
|
|
39d9b0 |
|
|
|
39d9b0 |
- def __init__(self, name, tmpdir, policy, threads, enc_opts):
|
|
|
39d9b0 |
+ def __init__(self, name, tmpdir, policy, threads, enc_opts, sysroot):
|
|
|
39d9b0 |
self._name = name
|
|
|
39d9b0 |
self._tmp_dir = tmpdir
|
|
|
39d9b0 |
self._policy = policy
|
|
|
39d9b0 |
self._threads = threads
|
|
|
39d9b0 |
self.enc_opts = enc_opts
|
|
|
39d9b0 |
+ self.sysroot = sysroot
|
|
|
39d9b0 |
self._archive_root = os.path.join(tmpdir, name)
|
|
|
39d9b0 |
with self._path_lock:
|
|
|
39d9b0 |
os.makedirs(self._archive_root, 0o700)
|
|
|
39d9b0 |
@@ -156,6 +157,13 @@ class FileCacheArchive(Archive):
|
|
|
39d9b0 |
name = name.lstrip(os.sep)
|
|
|
39d9b0 |
return (os.path.join(self._archive_root, name))
|
|
|
39d9b0 |
|
|
|
39d9b0 |
+ def join_sysroot(self, path):
|
|
|
39d9b0 |
+ if path.startswith(self.sysroot):
|
|
|
39d9b0 |
+ return path
|
|
|
39d9b0 |
+ if path[0] == os.sep:
|
|
|
39d9b0 |
+ path = path[1:]
|
|
|
39d9b0 |
+ return os.path.join(self.sysroot, path)
|
|
|
39d9b0 |
+
|
|
|
39d9b0 |
def _make_leading_paths(self, src, mode=0o700):
|
|
|
39d9b0 |
"""Create leading path components
|
|
|
39d9b0 |
|
|
|
39d9b0 |
@@ -191,7 +199,8 @@ class FileCacheArchive(Archive):
|
|
|
39d9b0 |
src_dir = src
|
|
|
39d9b0 |
else:
|
|
|
39d9b0 |
# Host file path
|
|
|
39d9b0 |
- src_dir = src if os.path.isdir(src) else os.path.split(src)[0]
|
|
|
39d9b0 |
+ src_dir = (src if os.path.isdir(self.join_sysroot(src))
|
|
|
39d9b0 |
+ else os.path.split(src)[0])
|
|
|
39d9b0 |
|
|
|
39d9b0 |
# Build a list of path components in root-to-leaf order.
|
|
|
39d9b0 |
path = src_dir
|
|
|
39d9b0 |
@@ -675,9 +684,9 @@ class TarFileArchive(FileCacheArchive):
|
|
|
39d9b0 |
method = None
|
|
|
39d9b0 |
_with_selinux_context = False
|
|
|
39d9b0 |
|
|
|
39d9b0 |
- def __init__(self, name, tmpdir, policy, threads, enc_opts):
|
|
|
39d9b0 |
+ def __init__(self, name, tmpdir, policy, threads, enc_opts, sysroot):
|
|
|
39d9b0 |
super(TarFileArchive, self).__init__(name, tmpdir, policy, threads,
|
|
|
39d9b0 |
- enc_opts)
|
|
|
39d9b0 |
+ enc_opts, sysroot)
|
|
|
39d9b0 |
self._suffix = "tar"
|
|
|
39d9b0 |
self._archive_name = os.path.join(tmpdir, self.name())
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/sos/sosreport.py b/sos/sosreport.py
|
|
|
39d9b0 |
index cd61b625..04cb8615 100644
|
|
|
39d9b0 |
--- a/sos/sosreport.py
|
|
|
39d9b0 |
+++ b/sos/sosreport.py
|
|
|
39d9b0 |
@@ -379,12 +379,12 @@ class SoSReport(object):
|
|
|
39d9b0 |
auto_archive = self.policy.get_preferred_archive()
|
|
|
39d9b0 |
self.archive = auto_archive(archive_name, self.tmpdir,
|
|
|
39d9b0 |
self.policy, self.opts.threads,
|
|
|
39d9b0 |
- enc_opts)
|
|
|
39d9b0 |
+ enc_opts, self.sysroot)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
else:
|
|
|
39d9b0 |
self.archive = TarFileArchive(archive_name, self.tmpdir,
|
|
|
39d9b0 |
self.policy, self.opts.threads,
|
|
|
39d9b0 |
- enc_opts)
|
|
|
39d9b0 |
+ enc_opts, self.sysroot)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
self.archive.set_debug(True if self.opts.debug else False)
|
|
|
39d9b0 |
|
|
|
39d9b0 |
diff --git a/tests/archive_tests.py b/tests/archive_tests.py
|
|
|
39d9b0 |
index e5b329b5..350220b9 100644
|
|
|
39d9b0 |
--- a/tests/archive_tests.py
|
|
|
39d9b0 |
+++ b/tests/archive_tests.py
|
|
|
39d9b0 |
@@ -20,7 +20,7 @@ class TarFileArchiveTest(unittest.TestCase):
|
|
|
39d9b0 |
def setUp(self):
|
|
|
39d9b0 |
self.tmpdir = tempfile.mkdtemp()
|
|
|
39d9b0 |
enc = {'encrypt': False}
|
|
|
39d9b0 |
- self.tf = TarFileArchive('test', self.tmpdir, Policy(), 1, enc)
|
|
|
39d9b0 |
+ self.tf = TarFileArchive('test', self.tmpdir, Policy(), 1, enc, '/')
|
|
|
39d9b0 |
|
|
|
39d9b0 |
def tearDown(self):
|
|
|
39d9b0 |
shutil.rmtree(self.tmpdir)
|
|
|
39d9b0 |
@@ -113,6 +113,7 @@ class TarFileArchiveTest(unittest.TestCase):
|
|
|
39d9b0 |
def test_compress(self):
|
|
|
39d9b0 |
self.tf.finalize("auto")
|
|
|
39d9b0 |
|
|
|
39d9b0 |
+
|
|
|
39d9b0 |
if __name__ == "__main__":
|
|
|
39d9b0 |
unittest.main()
|
|
|
39d9b0 |
|
|
|
39d9b0 |
--
|
|
|
39d9b0 |
2.21.0
|
|
|
39d9b0 |
|