From 2fd64785d330f6ff8090b9b01f15b7f75ab57e41 Mon Sep 17 00:00:00 2001 From: "Bryn M. Reeves" Date: Tue, 13 Aug 2013 14:54:20 +0100 Subject: [PATCH 1/4] Improve readability of add_copy_specs() usage in ldap.py Use multi-line style for add_copy_specs() invocations in the ldap plug-in per the recommendations in Issue #173. Signed-off-by: Bryn M. Reeves --- sos/plugins/ldap.py | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/sos/plugins/ldap.py b/sos/plugins/ldap.py index b16b7b3..4d33076 100644 --- a/sos/plugins/ldap.py +++ b/sos/plugins/ldap.py @@ -1,4 +1,4 @@ -### This program is free software; you can redistribute it and/or modify +## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. @@ -49,7 +49,10 @@ class RedHatLdap(Ldap, RedHatPlugin): def setup(self): super(RedHatLdap, self).setup() - self.add_copy_specs(["/etc/openldap", "/etc/nslcd.conf"]) + self.add_copy_specs([ + "/etc/openldap", + "/etc/nslcd.conf" + ]) def postproc(self): self.do_file_sub("/etc/nslcd.conf", r"(\s*bindpw\s*)\S+", r"\1***") @@ -66,7 +69,11 @@ class DebianLdap(Ldap, DebianPlugin, UbuntuPlugin): ldap_search = "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// " - self.add_copy_specs(["/etc/ldap/ldap.conf", "/etc/slapd.conf", "/etc/ldap/slapd.d"]) + self.add_copy_specs([ + "/etc/ldap/ldap.conf", + "/etc/slapd.conf", + "/etc/ldap/slapd.d" + ]) self.add_cmd_output("ldapsearch -x -b '' -s base 'objectclass=*'") self.add_cmd_output(ldap_search + "-b cn=config '(!(objectClass=olcSchemaConfig))'", -- 1.7.11.7 From a4a686eb589f0d54bc3808ce57c792356aa36106 Mon Sep 17 00:00:00 2001 From: "Bryn M. Reeves" Date: Tue, 13 Aug 2013 15:19:02 +0100 Subject: [PATCH 2/4] Add pam_ldap.conf collection to ldap plug-in Add the pam_ldap.conf file to the data collected by the ldap plug-in and tidy up substitution strings for this plug-in. Signed-off-by: Bryn M. Reeves --- sos/plugins/ldap.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/sos/plugins/ldap.py b/sos/plugins/ldap.py index 4d33076..361de73 100644 --- a/sos/plugins/ldap.py +++ b/sos/plugins/ldap.py @@ -39,23 +39,28 @@ class Ldap(Plugin): self.add_copy_spec("/etc/ldap.conf") def postproc(self): - self.do_file_sub("/etc/ldap.conf", r"(\s*bindpw\s*)\S+", r"\1***") + self.do_file_sub("/etc/ldap.conf", r"(\s*bindpw\s*)\S+", r"\1******") class RedHatLdap(Ldap, RedHatPlugin): """LDAP related information for RedHat based distribution """ packages = ('openldap', 'nss-pam-ldapd') + files = ('/etc/ldap.conf', '/etc/pam_ldap.conf') def setup(self): super(RedHatLdap, self).setup() self.add_copy_specs([ "/etc/openldap", - "/etc/nslcd.conf" + "/etc/nslcd.conf", + "/etc/pam_ldap.conf" ]) def postproc(self): - self.do_file_sub("/etc/nslcd.conf", r"(\s*bindpw\s*)\S+", r"\1***") + self.do_file_sub("/etc/nslcd.conf", + r"(\s*bindpw\s*)\S+", r"\1********") + self.do_file_sub("/etc/pam_ldap.conf", + r"(\s*bindpw\s*)\S+", r"\1********") class DebianLdap(Ldap, DebianPlugin, UbuntuPlugin): """LDAP related information for Debian based distribution @@ -86,4 +91,4 @@ class DebianLdap(Ldap, DebianPlugin, UbuntuPlugin): def postproc(self): self.do_cmd_output_sub( "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(!(objectClass=olcSchemaConfig))'", - r"(olcRootPW\: \s*)\S+", r"\1***") + r"(olcRootPW\: \s*)\S+", r"\1********") -- 1.7.11.7 From cfb53a07ba72a311d2962e0bd73cf74430a4cad8 Mon Sep 17 00:00:00 2001 From: "Bryn M. Reeves" Date: Fri, 31 Jan 2014 15:25:15 +0000 Subject: [PATCH 3/4] Remove obsolete diagnostics code from ldap plugin Signed-off-by: Bryn M. Reeves --- sos/plugins/ldap.py | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/sos/plugins/ldap.py b/sos/plugins/ldap.py index 361de73..f1032a9 100644 --- a/sos/plugins/ldap.py +++ b/sos/plugins/ldap.py @@ -22,18 +22,6 @@ class Ldap(Plugin): plugin_name = "ldap" ldap_conf = "/etc/openldap/ldap.conf" - def get_ldap_opts(self): - # capture /etc/openldap/ldap.conf options in dict - # FIXME: possibly not hardcode these options in? - ldapopts=["URI","BASE","TLS_CACERTDIR"] - results={} - tmplist=[] - for i in ldapopts: - t=self.do_regex_find_all(r"^(%s)\s+(.*)" % i,self.ldap_conf) - for x in t: - results[x[0]]=x[1].rstrip("\n") - return results - def setup(self): super(Ldap, self).setup() self.add_copy_spec("/etc/ldap.conf") -- 1.7.11.7 From e1a30a6d63a376d892a10d9cec89b312356ba9c2 Mon Sep 17 00:00:00 2001 From: "Bryn M. Reeves" Date: Fri, 31 Jan 2014 15:43:44 +0000 Subject: [PATCH 4/4] Ensure superclass postproc method is called in ldap plugin Since the ldap plugins add files and post-processing methods at multiple class levels (Ldap, RedHatLdap etc.) derived classes must explicitly call their parent class's postproc() method to apply all substitutions to collected data. Signed-off-by: Bryn M. Reeves --- sos/plugins/ldap.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sos/plugins/ldap.py b/sos/plugins/ldap.py index f1032a9..79d8394 100644 --- a/sos/plugins/ldap.py +++ b/sos/plugins/ldap.py @@ -45,6 +45,7 @@ class RedHatLdap(Ldap, RedHatPlugin): ]) def postproc(self): + super(RedHatLdap, self).postproc() self.do_file_sub("/etc/nslcd.conf", r"(\s*bindpw\s*)\S+", r"\1********") self.do_file_sub("/etc/pam_ldap.conf", @@ -77,6 +78,7 @@ class DebianLdap(Ldap, DebianPlugin, UbuntuPlugin): suggest_filename="access_control_lists") def postproc(self): + super(RedHatLdap, self).postproc() self.do_cmd_output_sub( "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(!(objectClass=olcSchemaConfig))'", r"(olcRootPW\: \s*)\S+", r"\1********") -- 1.7.11.7