diff --git a/.gitignore b/.gitignore
index ef784c7..0964ff6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/sos-3.7.tar.gz
+SOURCES/sos-3.8.tar.gz
SOURCES/sos-audit-0.3.tgz
diff --git a/.sos.metadata b/.sos.metadata
index 9abd7a0..0c29651 100644
--- a/.sos.metadata
+++ b/.sos.metadata
@@ -1,2 +1,2 @@
-38aa7609e7545eddf709db60fa1523432b268e13 SOURCES/sos-3.7.tar.gz
+99c94319c6208edef8d852b9e84cbb045c01df5f SOURCES/sos-3.8.tar.gz
9d478b9f0085da9178af103078bbf2fd77b0175a SOURCES/sos-audit-0.3.tgz
diff --git a/README.debrand b/README.debrand
deleted file mode 100644
index 01c46d2..0000000
--- a/README.debrand
+++ /dev/null
@@ -1,2 +0,0 @@
-Warning: This package was configured for automatic debranding, but the changes
-failed to apply.
diff --git a/SOURCES/sos-bz1687954-buildah-index-out-of-range.patch b/SOURCES/sos-bz1687954-buildah-index-out-of-range.patch
deleted file mode 100644
index 5491201..0000000
--- a/SOURCES/sos-bz1687954-buildah-index-out-of-range.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 0100bd129e8fc809cc5b0258f6c0c7c64ad084ab Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Mon, 15 Apr 2019 11:50:55 +0200
-Subject: [PATCH] [buildah] parse container list properly even for scratch ones
-
-Scratch containers dont have id, therefore we shall get container name
-as the latest string on each line instead of 5th.
-
-Resolves: #1647
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/plugins/buildah.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sos/plugins/buildah.py b/sos/plugins/buildah.py
-index c6c57553..fd8653eb 100644
---- a/sos/plugins/buildah.py
-+++ b/sos/plugins/buildah.py
-@@ -47,7 +47,7 @@ class Buildah(Plugin, RedHatPlugin):
- if containahs['is_wicked_pissah']:
- for containah in containahs['auutput'].splitlines():
- # obligatory Tom Brady
-- goat = containah.split()[4]
-+ goat = containah.split()[-1]
- self.add_cmd_output('buildah inspect -t container %s' % goat)
-
- pitchez = make_chowdah('buildah images -n')
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1688764-ipa-new-logs.patch b/SOURCES/sos-bz1688764-ipa-new-logs.patch
new file mode 100644
index 0000000..a120ae5
--- /dev/null
+++ b/SOURCES/sos-bz1688764-ipa-new-logs.patch
@@ -0,0 +1,84 @@
+From f2350aece8a6980f80cfa0036382055239fd8a6b Mon Sep 17 00:00:00 2001
+From: Thorsten Scherf <tscherf@redhat.com>
+Date: Mon, 1 Jul 2019 11:37:47 +0200
+Subject: [PATCH] [ipa] copy httpd cert from new location
+
+With the FreeIPA 4.7.0 release, httpd moved from mod_nss to mod_ssl. As a
+result the httpd X.509 certificate is now no longer stored in NSS DB but as
+plain PEM text file: /var/lib/ipa/certs/httpd.crt. The plugin needs to copy
+this file into the sos archive.
+
+Closes: #1715
+Resolves: #1716
+
+Signed-off-by: Thorsten Scherf <tscherf@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ipa.py | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
+index 50f42f259..310c0fa31 100644
+--- a/sos/plugins/ipa.py
++++ b/sos/plugins/ipa.py
+@@ -115,6 +115,7 @@ def setup(self):
+ "/var/lib/certmonger/requests/[0-9]*",
+ "/var/lib/certmonger/cas/[0-9]*",
+ "/var/lib/ipa/ra-agent.pem",
++ "/var/lib/ipa/certs/httpd.crt",
+ "/var/kerberos/krb5kdc/kdc.crt",
+ "/var/lib/ipa/sysrestore/sysrestore.state"
+ ])
+From 5c0b2d56313b6fa58b46802317c98b89e5a68508 Mon Sep 17 00:00:00 2001
+From: Rob Crittenden <rcritten@redhat.com>
+Date: Thu, 12 Sep 2019 12:02:34 -0400
+Subject: [PATCH] [ipa] collect ipa-healthcheck logs
+
+Resolves: #1782
+
+Signed-off-by: Rob Crittenden <rcritten@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ipa.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
+index 310c0fa31..750cb6fae 100644
+--- a/sos/plugins/ipa.py
++++ b/sos/plugins/ipa.py
+@@ -117,7 +117,8 @@ def setup(self):
+ "/var/lib/ipa/ra-agent.pem",
+ "/var/lib/ipa/certs/httpd.crt",
+ "/var/kerberos/krb5kdc/kdc.crt",
+- "/var/lib/ipa/sysrestore/sysrestore.state"
++ "/var/lib/ipa/sysrestore/sysrestore.state",
++ "/var/log/ipa/healthcheck/healthcheck.log*"
+ ])
+
+ # Make sure to use the right PKI config and NSS DB folders
+From 823dbabde82ee941c421482a71be572984607ad4 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Tue, 1 Oct 2019 08:26:24 +0200
+Subject: [PATCH] [ipa] collect kdcproxy configs
+
+Resolves: #1806
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ sos/plugins/ipa.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/sos/plugins/ipa.py b/sos/plugins/ipa.py
+index 750cb6fae..d3454de98 100644
+--- a/sos/plugins/ipa.py
++++ b/sos/plugins/ipa.py
+@@ -111,6 +111,9 @@ def setup(self):
+ "/etc/named.*",
+ "/etc/ipa/ca.crt",
+ "/etc/ipa/default.conf",
++ "/etc/ipa/kdcproxy/kdcproxy.conf",
++ "/etc/ipa/kdcproxy/ipa-kdc-proxy.conf",
++ "/etc/ipa/kdcproxy.conf",
+ "/root/.ipa/log/cli.log",
+ "/var/lib/certmonger/requests/[0-9]*",
+ "/var/lib/certmonger/cas/[0-9]*",
diff --git a/SOURCES/sos-bz1695583-postgres-mysql-incorrect-defaults.patch b/SOURCES/sos-bz1695583-postgres-mysql-incorrect-defaults.patch
deleted file mode 100644
index a5d1036..0000000
--- a/SOURCES/sos-bz1695583-postgres-mysql-incorrect-defaults.patch
+++ /dev/null
@@ -1,122 +0,0 @@
-From c71b41547442d23daf5c3bf88450151d13903214 Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Thu, 4 Apr 2019 13:54:18 +0200
-Subject: [PATCH] [maas,mysql,npm,pacemaker,postgresql] fix plugopts data types
-
-With new enforcement of implicit data type for plugin options, the
-plugopts must have proper data types of default values and plugins must work
-with them accordingly (in tests or so).
-
-Resolves: #1635
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/plugins/maas.py | 6 +++---
- sos/plugins/mysql.py | 2 +-
- sos/plugins/npm.py | 4 ++--
- sos/plugins/pacemaker.py | 4 ++--
- sos/plugins/postgresql.py | 6 +++---
- 5 files changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/sos/plugins/maas.py b/sos/plugins/maas.py
-index f8305406..ea038e86 100644
---- a/sos/plugins/maas.py
-+++ b/sos/plugins/maas.py
-@@ -21,10 +21,10 @@ class Maas(Plugin, UbuntuPlugin):
-
- option_list = [
- ('profile-name',
-- 'The name with which you will later refer to this remote', '', False),
-- ('url', 'The URL of the remote API', '', False),
-+ 'The name with which you will later refer to this remote', '', ''),
-+ ('url', 'The URL of the remote API', '', ''),
- ('credentials',
-- 'The credentials, also known as the API key', '', False)
-+ 'The credentials, also known as the API key', '', '')
- ]
-
- def _has_login_options(self):
-diff --git a/sos/plugins/mysql.py b/sos/plugins/mysql.py
-index 49bc4168..411d90b8 100644
---- a/sos/plugins/mysql.py
-+++ b/sos/plugins/mysql.py
-@@ -22,7 +22,7 @@ class Mysql(Plugin):
-
- option_list = [
- ("dbuser", "username for database dumps", "", "mysql"),
-- ("dbpass", "password for database dumps" + pw_warn_text, "", False),
-+ ("dbpass", "password for database dumps" + pw_warn_text, "", ""),
- ("dbdump", "collect a database dump", "", False)
- ]
-
-diff --git a/sos/plugins/npm.py b/sos/plugins/npm.py
-index 0fc95801..ca00d0c0 100644
---- a/sos/plugins/npm.py
-+++ b/sos/plugins/npm.py
-@@ -25,7 +25,7 @@ class Npm(Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin, SuSEPlugin):
- option_list = [("project_path",
- 'List npm modules of a project specified by path',
- 'fast',
-- 0)]
-+ '')]
-
- # in Fedora, Debian, Ubuntu and Suse the package is called npm
- packages = ('npm',)
-@@ -79,7 +79,7 @@ class Npm(Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin, SuSEPlugin):
- self.add_string_as_file(json.dumps(output), outfn)
-
- def setup(self):
-- if self.get_option("project_path") != 0:
-+ if self.get_option("project_path"):
- project_path = os.path.abspath(os.path.expanduser(
- self.get_option("project_path")))
- self._get_npm_output("npm ls --json", "npm_ls_project",
-diff --git a/sos/plugins/pacemaker.py b/sos/plugins/pacemaker.py
-index a1b64ea5..940389ee 100644
---- a/sos/plugins/pacemaker.py
-+++ b/sos/plugins/pacemaker.py
-@@ -25,7 +25,7 @@ class Pacemaker(Plugin):
- )
-
- option_list = [
-- ("crm_from", "specify the start time for crm_report", "fast", False),
-+ ("crm_from", "specify the start time for crm_report", "fast", ''),
- ("crm_scrub", "enable password scrubbing for crm_report", "", True),
- ]
-
-@@ -87,7 +87,7 @@ class Pacemaker(Plugin):
- # time in order to collect data.
- crm_from = (datetime.today() -
- timedelta(hours=72)).strftime("%Y-%m-%d %H:%m:%S")
-- if self.get_option("crm_from") is not False:
-+ if self.get_option("crm_from"):
- if re.match(r'\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}',
- str(self.get_option("crm_from"))):
- crm_from = self.get_option("crm_from")
-diff --git a/sos/plugins/postgresql.py b/sos/plugins/postgresql.py
-index 1698b62f..a04dca8f 100644
---- a/sos/plugins/postgresql.py
-+++ b/sos/plugins/postgresql.py
-@@ -31,7 +31,7 @@ class PostgreSQL(Plugin):
- option_list = [
- ('pghome', 'PostgreSQL server home directory.', '', '/var/lib/pgsql'),
- ('username', 'username for pg_dump', '', 'postgres'),
-- ('password', 'password for pg_dump' + password_warn_text, '', False),
-+ ('password', 'password for pg_dump' + password_warn_text, '', ''),
- ('dbname', 'database name to dump for pg_dump', '', ''),
- ('dbhost', 'database hostname/IP (do not use unix socket)', '', ''),
- ('dbport', 'database server port number', '', '5432')
-@@ -43,8 +43,8 @@ class PostgreSQL(Plugin):
- # We're only modifying this for ourself and our children so
- # there is no need to save and restore environment variables if
- # the user decided to pass the password on the command line.
-- if self.get_option("password") is not False:
-- os.environ["PGPASSWORD"] = str(self.get_option("password"))
-+ if self.get_option("password"):
-+ os.environ["PGPASSWORD"] = self.get_option("password")
-
- if self.get_option("dbhost"):
- cmd = "pg_dump -U %s -h %s -p %s -w -F t %s" % (
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1700780-vdsm-plugin.patch b/SOURCES/sos-bz1700780-vdsm-plugin.patch
deleted file mode 100644
index b1b9e13..0000000
--- a/SOURCES/sos-bz1700780-vdsm-plugin.patch
+++ /dev/null
@@ -1,171 +0,0 @@
-From 0618db904dadb05fde70c181a5940989ac127fe2 Mon Sep 17 00:00:00 2001
-From: Irit Goihman <igoihman@redhat.com>
-Date: Thu, 1 Feb 2018 16:44:32 +0200
-Subject: [PATCH] [plugins] add vdsm plugin
-
-Add a plugin for vdsm
-
-Resolves: #1205
-
-Signed-off-by: Irit Goihman <igoihman@redhat.com>
-Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
----
- sos/plugins/vdsm.py | 146 ++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 146 insertions(+)
- create mode 100644 sos/plugins/vdsm.py
-
-diff --git a/sos/plugins/vdsm.py b/sos/plugins/vdsm.py
-new file mode 100644
-index 00000000..c648abbf
---- /dev/null
-+++ b/sos/plugins/vdsm.py
-@@ -0,0 +1,146 @@
-+# Copyright (C) 2018 Red Hat, Inc.
-+
-+# This file is part of the sos project: https://github.com/sosreport/sos
-+#
-+# This copyrighted material is made available to anyone wishing to use,
-+# modify, copy, or redistribute it subject to the terms and conditions of
-+# version 2 of the GNU General Public License.
-+#
-+# See the LICENSE file in the source distribution for further information.
-+
-+from sos.plugins import Plugin, RedHatPlugin
-+
-+import glob
-+import json
-+import re
-+
-+
-+# This configuration is based on vdsm.storage.lvm.LVM_CONF_TEMPLATE.
-+#
-+# locking_type is set to 0 in order to match lvm sos commands. With this
-+# configuration we don't take any locks, so we will never block because
-+# there is a stuck lvm command.
-+# locking_type=0
-+#
-+# use_lvmetad is set to 0 in order not to show cached, old lvm metadata.
-+# use_lvmetad=0
-+#
-+# preferred_names and filter config values are set to capture Vdsm devices.
-+# preferred_names=[ '^/dev/mapper/' ]
-+# filter=[ 'a|^/dev/mapper/.*|', 'r|.*|' ]
-+LVM_CONFIG = """
-+global {
-+ locking_type=0
-+ use_lvmetad=0
-+}
-+devices {
-+ preferred_names=["^/dev/mapper/"]
-+ ignore_suspended_devices=1
-+ write_cache_state=0
-+ disable_after_error_count=3
-+ filter=["a|^/dev/mapper/.*|", "r|.*|"]
-+}
-+"""
-+LVM_CONFIG = re.sub(r"\s+", " ", LVM_CONFIG).strip()
-+
-+
-+class Vdsm(Plugin, RedHatPlugin):
-+ """vdsm Plugin"""
-+
-+ packages = (
-+ 'vdsm',
-+ 'vdsm-client',
-+ )
-+
-+ plugin_name = 'vdsm'
-+
-+ def setup(self):
-+ self.add_forbidden_path('/etc/pki/vdsm/keys/*')
-+ self.add_forbidden_path('/etc/pki/vdsm/libvirt-spice/*-key.*')
-+ self.add_forbidden_path('/etc/pki/libvirt/private/*')
-+
-+ self.add_cmd_output('service vdsmd status')
-+
-+ self.add_copy_spec([
-+ '/tmp/vds_installer*',
-+ '/tmp/vds_bootstrap*',
-+ '/etc/vdsm/*'
-+ ])
-+
-+ limit = self.get_option('log_size')
-+
-+ self.add_copy_spec('/var/log/vdsm/*', sizelimit=limit)
-+
-+ self._add_vdsm_forbidden_paths()
-+ self.add_copy_spec([
-+ '/var/run/vdsm/*',
-+ '/usr/libexec/vdsm/hooks',
-+ '/var/lib/vdsm'
-+ ])
-+
-+ qemu_pids = self.get_process_pids('qemu-kvm')
-+ if qemu_pids:
-+ files = ["cmdline", "status", "mountstats"]
-+ self.add_copy_spec([
-+ "/proc/%s/%s" % (pid, name)
-+ for pid in qemu_pids
-+ for name in files
-+ ])
-+ self.add_cmd_output([
-+ "ls -ldZ /etc/vdsm",
-+ "su vdsm -s sh -c 'tree -l /rhev/data-center'",
-+ "su vdsm -s sh -c 'ls -lR /rhev/data-center'"
-+ ])
-+ self.add_cmd_output([
-+ "lvm vgs -v -o +tags --config \'%s\'" % LVM_CONFIG,
-+ "lvm lvs -v -o +tags --config \'%s\'" % LVM_CONFIG,
-+ "lvm pvs -v -o +all --config \'%s\'" % LVM_CONFIG
-+ ])
-+
-+ self.add_cmd_output([
-+ 'vdsm-client Host getCapabilities',
-+ 'vdsm-client Host getStats',
-+ 'vdsm-client Host getAllVmStats',
-+ 'vdsm-client Host getVMFullList',
-+ 'vdsm-client Host getDeviceList',
-+ 'vdsm-client Host hostdevListByCaps',
-+ 'vdsm-client Host getAllTasksInfo',
-+ 'vdsm-client Host getAllTasksStatuses'
-+ ])
-+
-+ try:
-+ res = self.call_ext_prog(
-+ 'vdsm-client Host getConnectedStoragePools'
-+ )
-+ if res['status'] == 0:
-+ pools = json.loads(res['output'])
-+ for pool in pools:
-+ self.add_cmd_output(
-+ 'vdsm-client StoragePool getSpmStatus'
-+ ' storagepoolID={}'.format(pool)
-+ )
-+ except ValueError as e:
-+ self._log_error(
-+ 'vdsm-client Host getConnectedStoragePools: %s' % (e)
-+ )
-+
-+ try:
-+ res = self.call_ext_prog('vdsm-client Host getStorageDomains')
-+ if res['status'] == 0:
-+ sd_uuids = json.loads(res['output'])
-+ dump_volume_chains_cmd = 'vdsm-tool dump-volume-chains %s'
-+ self.add_cmd_output([
-+ dump_volume_chains_cmd % uuid for uuid in sd_uuids
-+ ])
-+ except ValueError as e:
-+ self._log_error(
-+ 'vdsm-client Host getStorageDomains: %s' % (e)
-+ )
-+
-+ def _add_vdsm_forbidden_paths(self):
-+ """Add confidential sysprep vfds under /var/run/vdsm to
-+ forbidden paths """
-+
-+ for file_path in glob.glob("/var/run/vdsm/*"):
-+ if file_path.endswith(('.vfd', '/isoUploader', '/storage')):
-+ self.add_forbidden_path(file_path)
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1702806-openstack_instack-ansible-log.patch b/SOURCES/sos-bz1702806-openstack_instack-ansible-log.patch
deleted file mode 100644
index 80a0bbf..0000000
--- a/SOURCES/sos-bz1702806-openstack_instack-ansible-log.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 1b9c2032149488a2372d188a8ed3251e364f41cf Mon Sep 17 00:00:00 2001
-From: Emilien Macchi <emilien@redhat.com>
-Date: Wed, 24 Apr 2019 20:54:05 -0400
-Subject: [PATCH] [openstack_instack] add ansible.log
-
-Collect /var/lib/mistral/config-download-latest/ansible.log which is an
-important log to be able to debug issues with Ansible playbooks.
-
-/var/lib/mistral/config-download-latest is a directory that exists
-anyway on the undercloud and is the place where the ansible logs is
-stored.
-
-Note: we don't want to collect the whole /var/lib/mistral because it
-contains sensitive informations like username/passwords/endpoints.
-
-rhbz#1702806
-rhbz#1702802
-
-Resolves: #1661
-
-Signed-off-by: Emilien Macchi <emilien@redhat.com>
-Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
----
- sos/plugins/openstack_instack.py | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/sos/plugins/openstack_instack.py b/sos/plugins/openstack_instack.py
-index e3470f5a..15e6c384 100644
---- a/sos/plugins/openstack_instack.py
-+++ b/sos/plugins/openstack_instack.py
-@@ -22,7 +22,8 @@ NON_CONTAINERIZED_DEPLOY = [
- CONTAINERIZED_DEPLOY = [
- '/var/log/heat-launcher/',
- '/home/stack/install-undercloud.log',
-- '/home/stack/undercloud-install-*.tar.bzip2'
-+ '/home/stack/undercloud-install-*.tar.bzip2',
-+ '/var/lib/mistral/config-download-latest/ansible.log'
- ]
-
-
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1719884-pcp-pmlogger-no-limit.patch b/SOURCES/sos-bz1719884-pcp-pmlogger-no-limit.patch
deleted file mode 100644
index 8c12a1b..0000000
--- a/SOURCES/sos-bz1719884-pcp-pmlogger-no-limit.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 380737d0bf4021434db4d5e479f0b8a2aece6ec9 Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Thu, 4 Apr 2019 10:43:24 +0200
-Subject: [PATCH] [pcp] collect pmlogger without a sizelimit
-
-sizelimit=None defaults to --log-size, use sizelimit=0 instead
-
-Resolves: #1632
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/plugins/pcp.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sos/plugins/pcp.py b/sos/plugins/pcp.py
-index da7158a6..da2a6611 100644
---- a/sos/plugins/pcp.py
-+++ b/sos/plugins/pcp.py
-@@ -130,7 +130,7 @@ class Pcp(Plugin, RedHatPlugin, DebianPlugin):
- pmlogger_ls = self.get_cmd_output_now("ls -t1 %s" % path)
- if pmlogger_ls:
- for line in open(pmlogger_ls).read().splitlines():
-- self.add_copy_spec(line, sizelimit=None)
-+ self.add_copy_spec(line, sizelimit=0)
- files_collected = files_collected + 1
- if self.countlimit and files_collected == self.countlimit:
- break
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1719885-plugin-vs-command-timeouts.patch b/SOURCES/sos-bz1719885-plugin-vs-command-timeouts.patch
deleted file mode 100644
index 00e896e..0000000
--- a/SOURCES/sos-bz1719885-plugin-vs-command-timeouts.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 7c8c45dad3481cfaae3d3af9c188218aa14a3a6a Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Tue, 9 Apr 2019 09:50:34 +0200
-Subject: [PATCH] [foreman,satellite] increase plugin default timeouts
-
-Those two plugins call commands with bigger timeouts than the default
-plugin timeout is. That can unexpectedly kill the plugin execution when
-the commands execution took longer than the plugin timeout (but within
-cmd timeout).
-
-Resolves: #1642
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/plugins/foreman.py | 1 +
- sos/plugins/satellite.py | 1 +
- 2 files changed, 2 insertions(+)
-
-diff --git a/sos/plugins/foreman.py b/sos/plugins/foreman.py
-index a1e937f3..8bcd26bd 100644
---- a/sos/plugins/foreman.py
-+++ b/sos/plugins/foreman.py
-@@ -19,6 +19,7 @@ class Foreman(Plugin):
- """
-
- plugin_name = 'foreman'
-+ plugin_timeout = 1800
- profiles = ('sysmgmt',)
- packages = ('foreman', 'foreman-proxy')
- option_list = [
-diff --git a/sos/plugins/satellite.py b/sos/plugins/satellite.py
-index c50c2ec7..83733076 100644
---- a/sos/plugins/satellite.py
-+++ b/sos/plugins/satellite.py
-@@ -14,6 +14,7 @@ class Satellite(Plugin, RedHatPlugin):
- """
-
- plugin_name = 'satellite'
-+ plugin_timeout = 1200
- profiles = ('sysmgmt',)
- verify_packages = ('spacewalk.*',)
- satellite = False
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1719886-sos-conf-disabled-plugins-manpages.patch b/SOURCES/sos-bz1719886-sos-conf-disabled-plugins-manpages.patch
deleted file mode 100644
index bed3bde..0000000
--- a/SOURCES/sos-bz1719886-sos-conf-disabled-plugins-manpages.patch
+++ /dev/null
@@ -1,110 +0,0 @@
-From 4cb21e2c16b55e7506a3cefd9148ba4bf49dbce1 Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Wed, 17 Apr 2019 13:17:24 +0200
-Subject: [PATCH] [sosreport] update sos.conf manpages by [general] section
- description
-
-Since PR #1530, sosreport supports all command line options. Man pages
-should document the enhancement.
-
-Resolves: #1652
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- man/en/sos.conf.5 | 38 ++++++++++++++++++++++++++++++++++----
- 1 file changed, 34 insertions(+), 4 deletions(-)
-
-diff --git a/man/en/sos.conf.5 b/man/en/sos.conf.5
-index b40a48e1..ad18d5f2 100644
---- a/man/en/sos.conf.5
-+++ b/man/en/sos.conf.5
-@@ -6,19 +6,49 @@ sos.conf \- sosreport configuration
- sosreport uses a configuration file at /etc/sos.conf.
- .SH PARAMETERS
- .sp
--There are two sections in the sosreport configuration file:
--plugins, and tunables. Options are set using 'ini'-style
--\fBname = value\fP pairs.
-+There are three sections in the sosreport configuration file:
-+general, plugins and tunables. Options are set using 'ini'-style
-+\fBname = value\fP pairs. Disabling/enabling a boolean option
-+is done the same way like on command line (e.g. process.lsof=off).
-
- Some options accept a comma separated list of values.
-
-+Using options that dont expect a value (like all-logs or no-report)
-+will result in enabling those options, regardless of value set.
-+
-+Sections are parsed in the ordering:
-+.br
-+- \fB[general]\fP
-+.br
-+- \fB[plugins]\fP (disable)
-+.br
-+- \fB[plugins]\fP (enable)
-+.br
-+- \fB[tunables]\fP
-+
-+.TP
-+\fB[general]\fP
-+<option> Sets (long) option value. Short options (i.e. z=auto)
-+ are not supported.
- .TP
- \fB[plugins]\fP
--disable Comma separated list of plugins to disable.
-+disable Comma separated list of plugins to disable.
-+.br
-+enable Comma separated list of plugins to enable.
- .TP
- \fB[tunables]\fP
- plugin.option Alter available options for defined plugin.
- .SH EXAMPLES
-+To use quiet and batch mode with 10 threads:
-+.LP
-+[general]
-+.br
-+batch=yes
-+.br
-+build=true
-+.br
-+threads=10
-+.sp
- To disable the 'general' and 'filesys' plugins:
- .LP
- [plugins]
---
-2.17.2
-
-From 84822ff1bbe2d5543daa8059b0a2270c88e473d6 Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Wed, 17 Apr 2019 11:51:09 +0200
-Subject: [PATCH] [sosreport] initialize disabled plugins properly when parsing
- sos.conf
-
-opts.noplugins is referred when parsing "tunables" section, so
-the variable must be set to empty list every time.
-
-Resolves: #1651
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/__init__.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sos/__init__.py b/sos/__init__.py
-index dfc7ed5f..ed59025a 100644
---- a/sos/__init__.py
-+++ b/sos/__init__.py
-@@ -250,8 +250,8 @@ class SoSOptions(object):
- optlist.extend(SoSOptions._opt_to_args(opt, val))
- opts._merge_opts(argparser.parse_args(optlist), is_default)
-
-+ opts.noplugins = []
- if config.has_option("plugins", "disable"):
-- opts.noplugins = []
- opts.noplugins.extend([plugin.strip() for plugin in
- config.get("plugins", "disable").split(',')])
-
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1719887-katello-qpid-certificate.patch b/SOURCES/sos-bz1719887-katello-qpid-certificate.patch
deleted file mode 100644
index 3ca559a..0000000
--- a/SOURCES/sos-bz1719887-katello-qpid-certificate.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 166f712eb447f54f0e2c5396ea25f5bc11e3f519 Mon Sep 17 00:00:00 2001
-From: Pavel Moravec <pmoravec@redhat.com>
-Date: Fri, 17 May 2019 15:55:05 +0200
-Subject: [PATCH] [katello] support both locations of qpid SSL certs
-
-Newer katello versions deploy certs for qpid to
-/etc/pki/pulp/qpid/client.crt certs instead of
-/etc/pki/katello/qpid_client_striped.crt .
-
-Sosreport should use either of the location that exists, to successfully
-run few qpid-stat commands.
-
-Resolves: #1680
-
-Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
----
- sos/plugins/katello.py | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/sos/plugins/katello.py b/sos/plugins/katello.py
-index 0794fb4c..1ea52da8 100644
---- a/sos/plugins/katello.py
-+++ b/sos/plugins/katello.py
-@@ -10,6 +10,7 @@
-
- from sos.plugins import Plugin, RedHatPlugin
- from pipes import quote
-+import os.path
-
-
- class Katello(Plugin, RedHatPlugin):
-@@ -24,7 +25,12 @@ class Katello(Plugin, RedHatPlugin):
- "/var/log/httpd/katello-reverse-proxy_error_ssl.log*"
- ])
-
-- cert = "/etc/pki/katello/qpid_client_striped.crt"
-+ # certificate file location relies on katello version, it can be either
-+ # /etc/pki/katello/qpid_client_striped.crt (for older versions) or
-+ # /etc/pki/pulp/qpid/client.crt (for newer versions)
-+ cert = "/etc/pki/pulp/qpid/client.crt"
-+ if not os.path.isfile(cert):
-+ cert = "/etc/pki/katello/qpid_client_striped.crt"
- self.add_cmd_output([
- "qpid-stat -%s --ssl-certificate=%s -b amqps://localhost:5671" %
- (opt, cert) for opt in "quc"
---
-2.17.2
-
diff --git a/SOURCES/sos-bz1738391-kernel-no-trace-by-default.patch b/SOURCES/sos-bz1738391-kernel-no-trace-by-default.patch
new file mode 100644
index 0000000..5aec064
--- /dev/null
+++ b/SOURCES/sos-bz1738391-kernel-no-trace-by-default.patch
@@ -0,0 +1,79 @@
+From 55949fb88c492eec542c69157a8763ddb3555345 Mon Sep 17 00:00:00 2001
+From: MIZUTA Takeshi <mizuta.takeshi@fujitsu.com>
+Date: Thu, 6 Jun 2019 18:42:40 +0900
+Subject: [PATCH] [plugins] Change forbidden_path from partial-match to
+ exact-match
+
+forbidden_path is evaluated on partial-match.
+However, it will be correct to evaluate on exact-match.
+
+Closes: #1692
+Resolves: #1695
+
+Signed-off-by: MIZUTA Takeshi <mizuta.takeshi@fujitsu.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/__init__.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
+index 56af847a..41f4f58c 100644
+--- a/sos/plugins/__init__.py
++++ b/sos/plugins/__init__.py
+@@ -64,7 +64,7 @@ def _mangle_command(command, name_max):
+
+
+ def _path_in_path_list(path, path_list):
+- return any(p in path for p in path_list)
++ return any(p == path for p in path_list)
+
+
+ def _node_type(st):
+--
+2.21.0
+
+From d2d5b9da6d4af7ead8a47468db0bbfcc8fb2b5bf Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Thu, 26 Sep 2019 10:50:18 +0200
+Subject: [PATCH] [kernel] Don't collect trace file by default
+
+Updates the plugin to don't collect trace file by default. Collecting
+trace file may take a lot of time, so trace file is not collected
+by default, and use the new plug-in option when collecting.
+
+Original author: MIZUTA Takeshi <mizuta.takeshi@fujitsu.com>
+
+Closes: #1688
+Resolves: #1800
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/kernel.py | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/sos/plugins/kernel.py b/sos/plugins/kernel.py
+index bf3c3dea..b498f55e 100644
+--- a/sos/plugins/kernel.py
++++ b/sos/plugins/kernel.py
+@@ -23,7 +23,8 @@ class Kernel(Plugin, RedHatPlugin, Debia
+ sys_module = '/sys/module'
+
+ option_list = [
+- ("with-timer", "gather /proc/timer* statistics", "slow", False)
++ ("with-timer", "gather /proc/timer* statistics", "slow", False),
++ ("trace", "gather /sys/kernel/debug/tracing/trace file", "slow", False)
+ ]
+
+ def get_bpftool_prog_ids(self, prog_file):
+@@ -138,6 +139,9 @@ class Kernel(Plugin, RedHatPlugin, Debia
+ # and may also cause softlockups
+ self.add_copy_spec("/proc/timer*")
+
++ if not self.get_option("trace"):
++ self.add_forbidden_path("/sys/kernel/debug/tracing/trace")
++
+ # collect list of eBPF programs and maps and their dumps
+ prog_file = self.get_cmd_output_now("bpftool -j prog list")
+ for prog_id in self.get_bpftool_prog_ids(prog_file):
+2.21.0
diff --git a/SOURCES/sos-bz1744553-ovn-plugins-containerized-env.patch b/SOURCES/sos-bz1744553-ovn-plugins-containerized-env.patch
new file mode 100644
index 0000000..9a97377
--- /dev/null
+++ b/SOURCES/sos-bz1744553-ovn-plugins-containerized-env.patch
@@ -0,0 +1,326 @@
+From cc6374914a47eb3777c5b8306506df43522a31e0 Mon Sep 17 00:00:00 2001
+From: Daniel Alvarez <dalvarez@redhat.com>
+Date: Thu, 18 Jul 2019 14:08:27 +0200
+Subject: [PATCH] [ovn_central] add additional show commands
+
+This patch is adding 'show' commands for both OVN
+NorthBound and SouthBound databases.
+
+Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ovn_central.py | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/sos/plugins/ovn_central.py b/sos/plugins/ovn_central.py
+index e05856872..2d2526253 100644
+--- a/sos/plugins/ovn_central.py
++++ b/sos/plugins/ovn_central.py
+@@ -57,6 +57,8 @@ def setup(self):
+
+ # Some user-friendly versions of DB output
+ cmds = [
++ 'ovn-nbctl show',
++ 'ovn-sbctl show',
+ 'ovn-sbctl lflow-list',
+ 'ovn-nbctl get-ssl',
+ 'ovn-nbctl get-connection',
+From 5fd4e850ad9a6636d0fb206954e8ab016584974d Mon Sep 17 00:00:00 2001
+From: Daniel Alvarez <dalvarez@redhat.com>
+Date: Wed, 11 Sep 2019 16:19:15 +0100
+Subject: [PATCH] [ovn_host] fix Open_vSwitch table name
+
+Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ovn_host.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sos/plugins/ovn_host.py b/sos/plugins/ovn_host.py
+index 542516279..ba35d87e7 100644
+--- a/sos/plugins/ovn_host.py
++++ b/sos/plugins/ovn_host.py
+@@ -35,7 +35,7 @@ def setup(self):
+ self.add_cmd_output([
+ 'ovs-ofctl -O OpenFlow13 dump-flows br-int',
+ 'ovs-vsctl list-br',
+- 'ovs-vsctl list OpenVswitch',
++ 'ovs-vsctl list Open_vSwitch',
+ ])
+
+ self.add_journal(units="ovn-controller")
+From 3c842046e9c4c5b371566347f51e5e242daf4f8d Mon Sep 17 00:00:00 2001
+From: Daniel Alvarez <dalvarez@redhat.com>
+Date: Tue, 23 Jul 2019 12:44:07 +0200
+Subject: [PATCH] [ovn_central] Add support to containerized setups
+
+This patch is adding support in ovn_central plugin to containerized
+setups.
+
+Now it's detecting if the OVN central services are running in
+container and execute the relevant commands inside it. The support
+covers both podman and docker runtimes.
+
+Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
+---
+ sos/plugins/ovn_central.py | 94 ++++++++++++++++++++++++++++----------
+ 1 file changed, 69 insertions(+), 25 deletions(-)
+
+diff --git a/sos/plugins/ovn_central.py b/sos/plugins/ovn_central.py
+index 2d2526253..a9fcdf33e 100644
+--- a/sos/plugins/ovn_central.py
++++ b/sos/plugins/ovn_central.py
+@@ -19,30 +19,64 @@ class OVNCentral(Plugin):
+ """
+ plugin_name = "ovn_central"
+ profiles = ('network', 'virt')
+-
+- def add_database_output(self, filename, cmds, ovn_cmd, skip=[]):
++ _container_runtime = None
++ _container_name = None
++
++ def get_tables_from_schema(self, filename, skip=[]):
++ if self._container_name:
++ cmd = "%s exec %s cat %s" % (
++ self._container_runtime, self._container_name, filename)
++ res = self.get_command_output(cmd)
++ if res['status'] != 0:
++ self._log_error("Could not retrieve DB schema file from "
++ "container %s" % self._container_name)
++ return
++ try:
++ db = json.loads(res['output'])
++ except Exception:
++ self._log_error("Cannot parse JSON file %s" % filename)
++ return
++ else:
++ try:
++ with open(filename, 'r') as f:
++ try:
++ db = json.load(f)
++ except Exception:
++ self._log_error(
++ "Cannot parse JSON file %s" % filename)
++ return
++ except IOError as ex:
++ self._log_error(
++ "Could not open DB schema file %s: %s" % (filename, ex))
++ return
+ try:
+- with open(filename, 'r') as f:
+- try:
+- db = json.load(f)
+- except Exception:
+- # If json can't be parsed, then exit early
+- self._log_error("Cannot parse JSON file %s" % filename)
+- return
+- try:
+- for table in six.iterkeys(db['tables']):
+- if table not in skip:
+- cmds.append('%s list %s' % (ovn_cmd, table))
+- except AttributeError:
+- self._log_error("DB schema %s has no 'tables' key" %
+- filename)
+- return
+- except IOError as ex:
+- self._log_error("Could not open DB schema file %s: %s" % (filename,
+- ex))
+- return
++ return [table for table in six.iterkeys(
++ db['tables']) if table not in skip]
++ except AttributeError:
++ self._log_error("DB schema %s has no 'tables' key" % filename)
++
++ def add_database_output(self, tables, cmds, ovn_cmd):
++ for table in tables:
++ cmds.append('%s list %s' % (ovn_cmd, table))
++
++ def running_in_container(self):
++ for runtime in ["podman", "docker"]:
++ container_status = self.get_command_output(runtime + " ps")
++ if container_status['status'] == 0:
++ for line in container_status['output'].splitlines():
++ if "ovn-dbs-bundle" in line:
++ self._container_name = line.split()[-1]
++ self._container_runtime = runtime
++ return True
++ return False
++
++ def check_enabled(self):
++ return (self.running_in_container() or
++ super(OVNCentral, self).check_enabled())
+
+ def setup(self):
++ containerized = self.running_in_container()
++
+ ovs_rundir = os.environ.get('OVS_RUNDIR')
+ for pidfile in ['ovnnb_db.pid', 'ovnsb_db.pid', 'ovn-northd.pid']:
+ self.add_copy_spec([
+@@ -68,10 +102,20 @@ def setup(self):
+
+ schema_dir = '/usr/share/openvswitch'
+
+- self.add_database_output(os.path.join(schema_dir, 'ovn-nb.ovsschema'),
+- cmds, 'ovn-nbctl')
+- self.add_database_output(os.path.join(schema_dir, 'ovn-sb.ovsschema'),
+- cmds, 'ovn-sbctl', ['Logical_Flow'])
++ nb_tables = self.get_tables_from_schema(os.path.join(
++ schema_dir, 'ovn-nb.ovsschema'))
++ sb_tables = self.get_tables_from_schema(os.path.join(
++ schema_dir, 'ovn-sb.ovsschema'), ['Logical_Flow'])
++
++ self.add_database_output(nb_tables, cmds, 'ovn-nbctl')
++ self.add_database_output(sb_tables, cmds, 'ovn-sbctl')
++
++ # If OVN is containerized, we need to run the above commands inside
++ # the container.
++ if containerized:
++ cmds = ['%s exec %s %s' % (self._container_runtime,
++ self._container_name,
++ cmd) for cmd in cmds]
+
+ self.add_cmd_output(cmds)
+
+From a895bf4096f1dbd71c9dbd4defb47783f4ef9840 Mon Sep 17 00:00:00 2001
+From: Daniel Alvarez <dalvarez@redhat.com>
+Date: Thu, 25 Jul 2019 11:42:16 +0200
+Subject: [PATCH] [ovn_host] Add support for containerized setups
+
+Prior to this patch, ovn_host was disabled on containerized
+setups due to the fact that ovn-controller package is not
+installed in the host.
+
+This patch fixes it by checking if the ovn-controller process
+is running.
+
+Resolves: #1767
+
+Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ovn_host.py | 21 ++++++++++++++-------
+ 1 file changed, 14 insertions(+), 7 deletions(-)
+
+diff --git a/sos/plugins/ovn_host.py b/sos/plugins/ovn_host.py
+index ba35d87e7..5225f010e 100644
+--- a/sos/plugins/ovn_host.py
++++ b/sos/plugins/ovn_host.py
+@@ -12,6 +12,15 @@
+ from sos.plugins import Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin
+
+
++pidfile = 'ovn-controller.pid'
++pid_paths = [
++ '/var/lib/openvswitch/ovn',
++ '/usr/local/var/run/openvswitch',
++ '/var/run/openvswitch',
++ '/run/openvswitch'
++]
++
++
+ class OVNHost(Plugin):
+ """ OVN Controller
+ """
+@@ -19,13 +28,6 @@ class OVNHost(Plugin):
+ profiles = ('network', 'virt')
+
+ def setup(self):
+- pidfile = 'ovn-controller.pid'
+- pid_paths = [
+- '/var/lib/openvswitch/ovn',
+- '/usr/local/var/run/openvswitch',
+- '/var/run/openvswitch',
+- '/run/openvswitch'
+- ]
+ if os.environ.get('OVS_RUNDIR'):
+ pid_paths.append(os.environ.get('OVS_RUNDIR'))
+ self.add_copy_spec([os.path.join(pp, pidfile) for pp in pid_paths])
+@@ -40,6 +42,11 @@ def setup(self):
+
+ self.add_journal(units="ovn-controller")
+
++ def check_enabled(self):
++ return (any([os.path.isfile(
++ os.path.join(pp, pidfile)) for pp in pid_paths]) or
++ super(OVNHost, self).check_enabled())
++
+
+ class RedHatOVNHost(OVNHost, RedHatPlugin):
+
+From 6d623ceb2bc973a603c2abb1c8c64f2980667a0d Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Wed, 2 Oct 2019 12:19:19 +0200
+Subject: [PATCH] [ovn_central] dont add db outputs when no table is found in
+ schema
+
+When get_tables_from_schema method returns None (i.e. due to a
+parsing error or missing config file), add_database_output tries
+to iterate over None object, what raises an exception.
+
+Resolves: #1808
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ sos/plugins/ovn_central.py | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/sos/plugins/ovn_central.py b/sos/plugins/ovn_central.py
+index a9fcdf33e..b5ff96f66 100644
+--- a/sos/plugins/ovn_central.py
++++ b/sos/plugins/ovn_central.py
+@@ -56,6 +56,8 @@ def get_tables_from_schema(self, filename, skip=[]):
+ self._log_error("DB schema %s has no 'tables' key" % filename)
+
+ def add_database_output(self, tables, cmds, ovn_cmd):
++ if not tables:
++ return
+ for table in tables:
+ cmds.append('%s list %s' % (ovn_cmd, table))
+
+From 0c9a1f0cb98c5256a0ec1dec83b7c94d3bb39170 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Wed, 4 Dec 2019 15:53:16 +0100
+Subject: [PATCH] [ovn_central] call podman exec without a timeout
+
+This is a workaround fix of a podman bug (see rhbz1732525) where
+"podman ps" can hang when "podman exec .." is invoked in detached
+mode under "timeout".
+
+Calling it without timeout works fine.
+
+This commit can be reverted once the podman bug is fixed.
+
+Resolves: #1875
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+---
+ sos/plugins/ovn_central.py | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/sos/plugins/ovn_central.py b/sos/plugins/ovn_central.py
+index c74bf403..32a5e1cb 100644
+--- a/sos/plugins/ovn_central.py
++++ b/sos/plugins/ovn_central.py
+@@ -26,7 +26,8 @@ class OVNCentral(Plugin):
+ if self._container_name:
+ cmd = "%s exec %s cat %s" % (
+ self._container_runtime, self._container_name, filename)
+- res = self.get_command_output(cmd)
++ # the timeout=None is just a workaround for "podman ps" hung bug
++ res = self.get_command_output(cmd, timeout=None)
+ if res['status'] != 0:
+ self._log_error("Could not retrieve DB schema file from "
+ "container %s" % self._container_name)
+@@ -118,7 +119,8 @@ class OVNCentral(Plugin):
+ self._container_name,
+ cmd) for cmd in cmds]
+
+- self.add_cmd_output(cmds)
++ # the timeout=None is just a workaround for "podman ps" hung bug
++ self.add_cmd_output(cmds, timeout=None)
+
+ self.add_copy_spec("/etc/sysconfig/ovn-northd")
+
+--
+2.21.0
+
diff --git a/SOURCES/sos-bz1766915-interim-sysroot-forbidden-paths.patch b/SOURCES/sos-bz1766915-interim-sysroot-forbidden-paths.patch
new file mode 100644
index 0000000..5a0fd80
--- /dev/null
+++ b/SOURCES/sos-bz1766915-interim-sysroot-forbidden-paths.patch
@@ -0,0 +1,354 @@
+From 9a0ab16793a8388b2c3d3909fd3a087c5b6296d4 Mon Sep 17 00:00:00 2001
+From: Pavel Moravec <pmoravec@redhat.com>
+Date: Fri, 1 Nov 2019 12:13:23 -0400
+Subject: [PATCH 01/10] [Plugin] remove invalid {strip/join}_sysroot()
+
+Do not strip the sysroot path prefix when calling _do_copy_path()
+for a symlink target and do not add the sysroot prefix when
+testing for a forbidden path.
+
+Related: #1842
+
+Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/__init__.py | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
+index e75ec82e..4f1b73ce 100644
+--- a/sos/plugins/__init__.py
++++ b/sos/plugins/__init__.py
+@@ -731,7 +731,7 @@ class Plugin(object):
+
+ # skip recursive copying of symlink pointing to itself.
+ if (absdest != srcpath):
+- self._do_copy_path(self.strip_sysroot(absdest))
++ self._do_copy_path(absdest)
+ else:
+ self._log_debug("link '%s' points to itself, skipping target..."
+ % linkdest)
+@@ -758,8 +758,6 @@ class Plugin(object):
+ return None
+
+ def _is_forbidden_path(self, path):
+- if self.use_sysroot():
+- path = self.join_sysroot(path)
+ return _path_in_path_list(path, self.forbidden_paths)
+
+ def _copy_node(self, path, st):
+--
+2.21.0
+
+
+From aeeebf126fc9fdb0fd8c3b01418bef742bce78c3 Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Fri, 1 Nov 2019 12:22:51 -0400
+Subject: [PATCH 02/10] [Plugin] fix destination paths in _do_copy_path()
+
+The path used to copy special device nodes and directories in
+_do_copy_path() should be the destination path in the archive
+(without sysroot prefix), and not the source path in the host
+file system that includes this prefix.
+
+Related: #1842
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/__init__.py | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
+index 4f1b73ce..60fbeaf7 100644
+--- a/sos/plugins/__init__.py
++++ b/sos/plugins/__init__.py
+@@ -651,9 +651,13 @@ class Plugin(object):
+ self._copy_symlink(srcpath)
+ return
+ else:
+- if stat.S_ISDIR(st.st_mode) and os.access(srcpath, os.R_OK):
+- self._copy_dir(srcpath)
+- return
++ if stat.S_ISDIR(st.st_mode) and os.access(srcpath, os.R_OK):
++ # copy empty directory
++ if not os.listdir(srcpath):
++ self.archive.add_dir(dest)
++ return
++ self._copy_dir(dest)
++ return
+
+ # handle special nodes (block, char, fifo, socket)
+ if not (stat.S_ISREG(st.st_mode) or stat.S_ISDIR(st.st_mode)):
+@@ -808,7 +808,7 @@ class Plugin(object):
+ ntype = _node_type(st)
+ self._log_debug("creating %s node at archive:'%s'"
+ % (ntype, dest))
+- self._copy_node(srcpath, st)
++ self._copy_node(dest, st)
+ return
+
+ # if we get here, it's definitely a regular file (not a symlink or dir)
+--
+2.21.0
+
+
+From 05f3d5bda8f548459fabcd38f2d087d6ecef98a2 Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Fri, 1 Nov 2019 12:25:09 -0400
+Subject: [PATCH 03/10] [kernel] remove trailing directory globs in forbidden
+ paths
+
+Since the forbidden path test now uses an exact match the trailing
+globs ("/some/directory/path/to/exclude/*") used to exclude trace
+related directories from collection lead to a failure to properly
+blacklist these files:
+
+The glob is expanded, for e.g.:
+
+ "/sys/kernel/debug/tracing/per_cpu/*"
+
+Expands to unclude a 'cpuN' sub-directory for each CPU present on
+the machine. These expanded paths are then added to the forbidden
+paths list for the plugin:
+
+ /sys/kernel/debug/tracing/per_cpu/cpu0
+ /sys/kernel/debug/tracing/per_cpu/cpu1
+ ...
+
+When an attempt is made to collect the entire "per_cpu" directory
+a check is made for the full "/sys/kernel/debug/tracing/per_cpu"
+path against each entry in the forbidden paths list. Since this is
+a prefix of the actual paths stored no match is returned and the
+collection is permitted.
+
+Remove the trailing globs from these directory paths and prevent
+any collection of the directories they reference by the plugin.
+
+Related: #1842
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/kernel.py | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/sos/plugins/kernel.py b/sos/plugins/kernel.py
+index 88b14689..5c852143 100644
+--- a/sos/plugins/kernel.py
++++ b/sos/plugins/kernel.py
+@@ -89,9 +89,9 @@ class Kernel(Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin):
+ self.add_forbidden_path([
+ '/sys/kernel/debug/tracing/trace_pipe',
+ '/sys/kernel/debug/tracing/README',
+- '/sys/kernel/debug/tracing/trace_stat/*',
+- '/sys/kernel/debug/tracing/per_cpu/*',
+- '/sys/kernel/debug/tracing/events/*',
++ '/sys/kernel/debug/tracing/trace_stat',
++ '/sys/kernel/debug/tracing/per_cpu',
++ '/sys/kernel/debug/tracing/events',
+ '/sys/kernel/debug/tracing/free_buffer',
+ '/sys/kernel/debug/tracing/trace_marker',
+ '/sys/kernel/debug/tracing/trace_marker_raw',
+--
+2.21.0
+
+
+From 801c71b33dcfeaa980baa9f377b721bdd26aa5e8 Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Fri, 1 Nov 2019 16:53:29 +0000
+Subject: [PATCH 04/10] [tests] fix test_copy_dir_forbidden_path
+
+Rather than call just Plugin.setup() and Plugin._do_copy_path(),
+add an add_copy_spec() call to the mock plugin setup() method,
+and invoke copying by calling the Plugin.collect() method.
+
+Related: #1845
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ tests/plugin_tests.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/tests/plugin_tests.py b/tests/plugin_tests.py
+index b8760429..6522fe14 100644
+--- a/tests/plugin_tests.py
++++ b/tests/plugin_tests.py
+@@ -81,6 +81,7 @@ class ForbiddenMockPlugin(Plugin):
+ plugin_name = "forbidden"
+
+ def setup(self):
++ self.add_copy_spec("tests")
+ self.add_forbidden_path("tests")
+
+
+@@ -235,7 +236,7 @@ class PluginTests(unittest.TestCase):
+ })
+ p.archive = MockArchive()
+ p.setup()
+- p._do_copy_path("tests")
++ p.collect()
+ self.assertEquals(p.archive.m, {})
+
+
+--
+2.21.0
+
+
+From c4182ebd52af523261d2e7ef75affbb88eaf31fb Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Mon, 4 Nov 2019 10:45:15 +0000
+Subject: [PATCH 05/10] [Plugin] use correct source path when copying
+ directories
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/__init__.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
+index 60fbeaf7..240fe9f1 100644
+--- a/sos/plugins/__init__.py
++++ b/sos/plugins/__init__.py
+@@ -656,7 +656,7 @@ class Plugin(object):
+ if not os.listdir(srcpath):
+ self.archive.add_dir(dest)
+ return
+- self._copy_dir(dest)
++ self._copy_dir(srcpath)
+ return
+
+ # handle special nodes (block, char, fifo, socket)
+--
+2.21.0
+
+
+From 68f4d7cc7adde00171af842b5bc808f41d888a87 Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Mon, 4 Nov 2019 10:48:01 +0000
+Subject: [PATCH 06/10] [Plugin] improve _copy_dir() variable naming
+
+Directory entries found in _copy_dir() may be either files or
+sub-directories: reflect this in the names of local variables.
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/__init__.py | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/sos/plugins/__init__.py b/sos/plugins/__init__.py
+index 240fe9f1..1a1464c1 100644
+--- a/sos/plugins/__init__.py
++++ b/sos/plugins/__init__.py
+@@ -738,10 +738,11 @@ class Plugin(object):
+
+ def _copy_dir(self, srcpath):
+ try:
+- for afile in os.listdir(srcpath):
++ for name in os.listdir(srcpath):
+ self._log_debug("recursively adding '%s' from '%s'"
+- % (afile, srcpath))
+- self._do_copy_path(os.path.join(srcpath, afile), dest=None)
++ % (name, srcpath))
++ path = os.path.join(srcpath, name)
++ self._do_copy_path(path)
+ except OSError as e:
+ if e.errno == errno.ELOOP:
+ msg = "Too many levels of symbolic links copying"
+--
+2.21.0
+
+
+From ad3adef07c32aee5bdd438706c6c1d4590ff8297 Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Mon, 4 Nov 2019 14:13:00 +0000
+Subject: [PATCH 07/10] [ceph] fix directory blacklist style
+
+Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
+in order to omit a directory and all its content from the report.
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/ceph.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/sos/plugins/ceph.py b/sos/plugins/ceph.py
+index 6e340c69..43284bc8 100644
+--- a/sos/plugins/ceph.py
++++ b/sos/plugins/ceph.py
+@@ -103,8 +103,8 @@ class Ceph(Plugin, RedHatPlugin, UbuntuPlugin):
+ "/var/lib/ceph/*keyring*",
+ "/var/lib/ceph/*/*keyring*",
+ "/var/lib/ceph/*/*/*keyring*",
+- "/var/lib/ceph/osd/*",
+- "/var/lib/ceph/mon/*",
++ "/var/lib/ceph/osd",
++ "/var/lib/ceph/mon",
+ # Excludes temporary ceph-osd mount location like
+ # /var/lib/ceph/tmp/mnt.XXXX from sos collection.
+ "/var/lib/ceph/tmp/*mnt*",
+--
+2.21.0
+
+
+From 4d1576b04d35902ce44d26d6a5b2219e6f9c175a Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Mon, 4 Nov 2019 14:15:55 +0000
+Subject: [PATCH 09/10] [openstack_octavia] fix directory blacklist style
+
+Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
+in order to omit a directory and all its content from the report.
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/openstack_octavia.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sos/plugins/openstack_octavia.py b/sos/plugins/openstack_octavia.py
+index b97c83fa..ccdcd4c9 100644
+--- a/sos/plugins/openstack_octavia.py
++++ b/sos/plugins/openstack_octavia.py
+@@ -30,7 +30,7 @@ class OpenStackOctavia(Plugin):
+ ])
+
+ # don't collect certificates
+- self.add_forbidden_path("/etc/octavia/certs/")
++ self.add_forbidden_path("/etc/octavia/certs")
+
+ # logs
+ if self.get_option("all_logs"):
+--
+2.21.0
+
+
+From 1fd194191a56c51052f0c24ddeb3bbf9088ae0ca Mon Sep 17 00:00:00 2001
+From: "Bryn M. Reeves" <bmr@redhat.com>
+Date: Mon, 4 Nov 2019 14:16:13 +0000
+Subject: [PATCH 10/10] [vdsm] fix directory blacklist style
+
+Plugins must use 'path/to/exclude' rather than 'path/to/exclude/*'
+in order to omit a directory and all its content from the report.
+
+Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
+---
+ sos/plugins/vdsm.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/sos/plugins/vdsm.py b/sos/plugins/vdsm.py
+index b2a1ca58..69672643 100644
+--- a/sos/plugins/vdsm.py
++++ b/sos/plugins/vdsm.py
+@@ -60,9 +60,9 @@ class Vdsm(Plugin, RedHatPlugin):
+ plugin_name = 'vdsm'
+
+ def setup(self):
+- self.add_forbidden_path('/etc/pki/vdsm/keys/*')
++ self.add_forbidden_path('/etc/pki/vdsm/keys')
+ self.add_forbidden_path('/etc/pki/vdsm/libvirt-spice/*-key.*')
+- self.add_forbidden_path('/etc/pki/libvirt/private/*')
++ self.add_forbidden_path('/etc/pki/libvirt/private')
+
+ self.add_cmd_output('service vdsmd status')
+ self.add_cmd_output('service supervdsmd status')
+
+--
+2.21.0
+
diff --git a/SPECS/sos.spec b/SPECS/sos.spec
index 80f475d..4d547c4 100644
--- a/SPECS/sos.spec
+++ b/SPECS/sos.spec
@@ -4,7 +4,7 @@
Summary: A set of tools to gather troubleshooting information from a system
Name: sos
-Version: 3.7
+Version: 3.8
Release: 1%{?dist}
Group: Applications/System
Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
@@ -20,14 +20,10 @@ Requires: bzip2
Requires: xz
Requires: python3-six
Conflicts: vdsm < 4.40
-Patch1: sos-bz1687954-buildah-index-out-of-range.patch
-Patch2: sos-bz1695583-postgres-mysql-incorrect-defaults.patch
-Patch3: sos-bz1700780-vdsm-plugin.patch
-Patch4: sos-bz1702806-openstack_instack-ansible-log.patch
-Patch5: sos-bz1719884-pcp-pmlogger-no-limit.patch
-Patch6: sos-bz1719885-plugin-vs-command-timeouts.patch
-Patch7: sos-bz1719886-sos-conf-disabled-plugins-manpages.patch
-Patch8: sos-bz1719887-katello-qpid-certificate.patch
+Patch1: sos-bz1688764-ipa-new-logs.patch
+Patch2: sos-bz1738391-kernel-no-trace-by-default.patch
+Patch3: sos-bz1744553-ovn-plugins-containerized-env.patch
+Patch4: sos-bz1766915-interim-sysroot-forbidden-paths.patch
%description
Sos is a set of tools that gathers information about system
@@ -41,10 +37,6 @@ support technicians and developers.
%patch2 -p1
%patch3 -p1
%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
%setup -T -D -a1 -q
%build
@@ -97,8 +89,57 @@ of the system. Currently storage and filesystem commands are audited.
%ghost /etc/audit/rules.d/40-sos-storage.rules
%changelog
-* Thu Aug 01 2019 CentOS Sources <bugs@centos.org> - 3.7-1.el8.centos
-- Apply debranding changes
+* Wed Dec 11 2019 Pavel Moravec <pmoravec@redhat.com> = 3.8-1
+- Rebase on upstream 3.8
+ Resolves: bz1779387
+
+* Mon Nov 04 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-7
+- [Plugin, kernel] interim sysroot fixes
+ Resolves: bz1766915
+
+* Wed Oct 30 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-6
+- [ovirt_hosted_engine] Add gluster deployment and cleanup log
+ Resolves: bz1744086
+- [vdsm]: Fix executing shell commands
+ Resolves: bz1744110
+- [ovn_*] Add support to containerized setups
+ Resolves: bz1744553
+- [ipa] collect ipa-healthcheck logs, kdcproxy configs, httpd cert
+ Resolves: bz1688764
+
+* Wed Oct 02 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-5
+- [kernel] Don't collect trace file by default
+ Resolves: bz1738391
+
+* Thu Sep 12 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-4
+- [openvswitch] catch all openvswitch2.* packages
+ Resolves: bz1745017
+
+* Tue Jul 30 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-3
+- [openstack] Extract Placement plugin from Nova
+ Resolves: bz1717882
+- [utilities] Fix high CPU usage and slow command collection
+ Resolves: bz1733352
+- [peripety] collect proper config file
+ Resolves: bz1665981
+- [sosreport,plugins] Stop plugin execution after timeout hit
+ Resolves: bz1733469
+- [nvme] collect config file everytime
+ Resolves: bz1665929
+
+* Tue Jul 09 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-2
+- [sar] collect whole sar log dir
+ Resolves: bz1714243
+- [archive] convert absolute symlink targets to relative
+ Resolves: bz1702806
+- [archive] Handle checking container sysroot in _make_leading_paths
+ Resolves: bz1728214
+- [frr] FRR plugin
+ Resolves: bz1709906
+- [policies] redhat policy to use hostname instead of rhn id
+ Resolves: bz1718087
+- Updates to vdsm plugin
+ Resolves: bz1700780
* Wed Jun 12 2019 Pavel Moravec <pmoravec@redhat.com> = 3.7-1
- Rebase on upstream 3.7