From f2350aece8a6980f80cfa0036382055239fd8a6b Mon Sep 17 00:00:00 2001
From: Thorsten Scherf <tscherf@redhat.com>
Date: Mon, 1 Jul 2019 11:37:47 +0200
Subject: [PATCH] [ipa] copy httpd cert from new location
With the FreeIPA 4.7.0 release, httpd moved from mod_nss to mod_ssl. As a
result the httpd X.509 certificate is now no longer stored in NSS DB but as
plain PEM text file: /var/lib/ipa/certs/httpd.crt. The plugin needs to copy
this file into the sos archive.
Closes: #1715
Resolves: #1716
Signed-off-by: Thorsten Scherf <tscherf@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
sos/plugins/ipa.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 50f42f259..310c0fa31 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -115,6 +115,7 @@ def setup(self):
"/var/lib/certmonger/requests/[0-9]*",
"/var/lib/certmonger/cas/[0-9]*",
"/var/lib/ipa/ra-agent.pem",
+ "/var/lib/ipa/certs/httpd.crt",
"/var/kerberos/krb5kdc/kdc.crt",
"/var/lib/ipa/sysrestore/sysrestore.state"
])
From 5c0b2d56313b6fa58b46802317c98b89e5a68508 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 12 Sep 2019 12:02:34 -0400
Subject: [PATCH] [ipa] collect ipa-healthcheck logs
Resolves: #1782
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
sos/plugins/ipa.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 310c0fa31..750cb6fae 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -117,7 +117,8 @@ def setup(self):
"/var/lib/ipa/ra-agent.pem",
"/var/lib/ipa/certs/httpd.crt",
"/var/kerberos/krb5kdc/kdc.crt",
- "/var/lib/ipa/sysrestore/sysrestore.state"
+ "/var/lib/ipa/sysrestore/sysrestore.state",
+ "/var/log/ipa/healthcheck/healthcheck.log*"
])
# Make sure to use the right PKI config and NSS DB folders
From 823dbabde82ee941c421482a71be572984607ad4 Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Tue, 1 Oct 2019 08:26:24 +0200
Subject: [PATCH] [ipa] collect kdcproxy configs
Resolves: #1806
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/plugins/ipa.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
index 750cb6fae..d3454de98 100644
--- a/sos/plugins/ipa.py
+++ b/sos/plugins/ipa.py
@@ -111,6 +111,9 @@ def setup(self):
"/etc/named.*",
"/etc/ipa/ca.crt",
"/etc/ipa/default.conf",
+ "/etc/ipa/kdcproxy/kdcproxy.conf",
+ "/etc/ipa/kdcproxy/ipa-kdc-proxy.conf",
+ "/etc/ipa/kdcproxy.conf",
"/root/.ipa/log/cli.log",
"/var/lib/certmonger/requests/[0-9]*",
"/var/lib/certmonger/cas/[0-9]*",