Blob Blame History Raw
From f2350aece8a6980f80cfa0036382055239fd8a6b Mon Sep 17 00:00:00 2001
From: Thorsten Scherf <tscherf@redhat.com>
Date: Mon, 1 Jul 2019 11:37:47 +0200
Subject: [PATCH] [ipa] copy httpd cert from new location

With the FreeIPA 4.7.0 release, httpd moved from mod_nss to mod_ssl. As a
result the httpd X.509 certificate is now no longer stored in NSS DB but as
plain PEM text file: /var/lib/ipa/certs/httpd.crt. The plugin needs to copy
this file into the sos archive.

Closes: #1715
Resolves: #1716

Signed-off-by: Thorsten Scherf <tscherf@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
 sos/plugins/ipa.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 50f42f259..310c0fa31 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -115,6 +115,7 @@ def setup(self):
             "/var/lib/certmonger/requests/[0-9]*",
             "/var/lib/certmonger/cas/[0-9]*",
             "/var/lib/ipa/ra-agent.pem",
+            "/var/lib/ipa/certs/httpd.crt",
             "/var/kerberos/krb5kdc/kdc.crt",
             "/var/lib/ipa/sysrestore/sysrestore.state"
         ])
From 5c0b2d56313b6fa58b46802317c98b89e5a68508 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 12 Sep 2019 12:02:34 -0400
Subject: [PATCH] [ipa] collect ipa-healthcheck logs

Resolves: #1782

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
 sos/plugins/ipa.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 310c0fa31..750cb6fae 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -117,7 +117,8 @@ def setup(self):
             "/var/lib/ipa/ra-agent.pem",
             "/var/lib/ipa/certs/httpd.crt",
             "/var/kerberos/krb5kdc/kdc.crt",
-            "/var/lib/ipa/sysrestore/sysrestore.state"
+            "/var/lib/ipa/sysrestore/sysrestore.state",
+            "/var/log/ipa/healthcheck/healthcheck.log*"
         ])
 
         #  Make sure to use the right PKI config and NSS DB folders
From 823dbabde82ee941c421482a71be572984607ad4 Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Tue, 1 Oct 2019 08:26:24 +0200
Subject: [PATCH] [ipa] collect kdcproxy configs

Resolves: #1806

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
 sos/plugins/ipa.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 750cb6fae..d3454de98 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -111,6 +111,9 @@ def setup(self):
             "/etc/named.*",
             "/etc/ipa/ca.crt",
             "/etc/ipa/default.conf",
+            "/etc/ipa/kdcproxy/kdcproxy.conf",
+            "/etc/ipa/kdcproxy/ipa-kdc-proxy.conf",
+            "/etc/ipa/kdcproxy.conf",
             "/root/.ipa/log/cli.log",
             "/var/lib/certmonger/requests/[0-9]*",
             "/var/lib/certmonger/cas/[0-9]*",