From c8f62ea4b6193a175add12e1795c18dad500c38e Mon Sep 17 00:00:00 2001
From: Pavel Moravec <pmoravec@redhat.com>
Date: Tue, 2 Aug 2016 11:55:23 +0200
Subject: [PATCH] [ceph] skip collecting of all keyring and bindpass files
Do not collect any keyring files - expand the add_forbidden_path
regular expressions accordingly to cover there filenames like:
/var/lib/ceph/tmp/keyring.mon.magna055
Do not either collect any /etc/ceph/*bindpass* that can store LDAP
bind passwords.
Resolves: #861
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
---
sos/plugins/ceph.py | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/sos/plugins/ceph.py b/sos/plugins/ceph.py
index 10fee88..74b7c4c 100644
--- a/sos/plugins/ceph.py
+++ b/sos/plugins/ceph.py
@@ -59,11 +59,12 @@ class Ceph(Plugin, RedHatPlugin, UbuntuPlugin):
"ceph report"
])
- self.add_forbidden_path("/etc/ceph/*keyring")
- self.add_forbidden_path("/var/lib/ceph/*keyring")
- self.add_forbidden_path("/var/lib/ceph/*/*keyring")
- self.add_forbidden_path("/var/lib/ceph/*/*/*keyring")
+ self.add_forbidden_path("/etc/ceph/*keyring*")
+ self.add_forbidden_path("/var/lib/ceph/*keyring*")
+ self.add_forbidden_path("/var/lib/ceph/*/*keyring*")
+ self.add_forbidden_path("/var/lib/ceph/*/*/*keyring*")
self.add_forbidden_path("/var/lib/ceph/osd/*")
self.add_forbidden_path("/var/lib/ceph/osd/mon/*")
+ self.add_forbidden_path("/etc/ceph/*bindpass*")
# vim: set et ts=4 sw=4 :
--
2.4.11