U -_gW\@sNddlZddlZddlZddlZddlmZddlmZddlm Z m Z m Z m Z m Z mZmZmZmZmZddlmZmZmZddlmZddlmZddlmZdd lmZmZm Z dd l!m"Z#zddl$Z$d Z%Wne&k rd Z%YnXd Z'GdddeZ(dZ)dZ*dZ+Gddde(Z,Gddde,Z-Gddde,Z.Gddde(Z/dS)N)DeviceAuthorizationClass) RedHatPlugin) RHEL_PRESETSRHVRHELCBRHOSPRHOCPRH_CFME RH_SATELLITEAAPEDA AAPCONTROLLER) LinuxPolicyENV_HOST_SYSROOT OS_RELEASE)RpmPackageManager)FlatpakPackageManager)MultiPackageManager)bold convert_bytesTIMEOUT_DEFAULT)_sosTFzRed Hat Enterprise LinuxcszeZdZdZddgZdZdZdZdZdZ dZ d Z d Z d Z d Zdfdd ZefddZddZddZddZZS) RedHatPolicyRed Hat)zDistribution Websitezhttps://www.redhat.com/)zCommercial Supportzhttps://access.redhat.com/z/var/tmpFZfriendlyNpodmansosz /usr/sbinzVhttps://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/auth/devicezPhttps://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/tokenTcstj||||dd|_tttg|j|d|_|jt g7_|jj |_ |j sft j dt d||j |_|jrd|_nd|_|jtjd7_|jtjd 7_|js||dS) Nsysrootinit probe_runtime remote_execF)ZprimaryZ fallbackschrootr z'Could not obtain installed package listz/usr/sbin:/usr/bin:/root/binz'/sbin:/bin:/usr/sbin:/usr/bin:/root/binz/usr/local/binz/usr/local/sbin)super__init__usrmoverrrrpackage_managerZvalid_subclassesrZpackagespkgssysstderrwriteexit check_usrmovePATHospathsepr Z set_exec_pathZ load_presetsselfrrrr  __class__=/usr/lib/python3/dist-packages/sos/policies/distros/redhat.pyr$8s2    zRedHatPolicy.__init__csz|tk rtt||dS|dttttd}|D]8\}}t d|}|jdd|d|j ddd q8z<35z<30F)newline) rr#display_distro_helpZadd_text CentOsPolicy RHELPolicyRedHatCoreOSPolicy FedoraPolicyitemsros_release_name)clsZsectionZsubsZsubcvalueZsublnr2r4r5r;Zs"z RedHatPolicy.display_distro_helpcCs8d|kr tjdotjdS|dd}|ddkS)aqTest whether the running system implements UsrMove. If the 'filesystem' package is present, it will check that the version is greater than 3. If the package is not present the '/bin' and '/sbin' paths are checked and UsrMove is assumed if both are symbolic links. :param pkgs: a packages dictionary Z filesystemz/binz/sbinversionr3)r.pathislink)r1r'Zfilesys_versionr4r4r5r,ss  zRedHatPolicy.check_usrmovecCs2g}dd}|jr.|D]}|||q|S|S)a2Mangle paths for post-UsrMove systems. If the system implements UsrMove, all files will be in '/usr/[s]bin'. This method substitutes all the /[s]bin references in the 'files' list with '/usr/[s]bin'. :param files: the list of package managed files cSs:ddg}||kr*|tjd|ddfStdd|fS)Nz/bin/rpmz /bin/mailxz/usrr"z (^)(/s?bin)z\1/usr\2)r.rFjoinresub)rFZ skip_pathsr4r4r5transform_pathsz8RedHatPolicy.mangle_package_path..transform_path)r%extend)r1filespathsrKfr4r4r5mangle_package_paths z RedHatPolicy.mangle_package_pathcCs|s |jS|SN)_tmp_dir)r1Z opt_tmp_dirr4r4r5 get_tmp_dirszRedHatPolicy.get_tmp_dir)NNTN)__name__ __module__ __qualname__vendor vendor_urlsrRZ _in_containerZ name_pattern upload_url upload_userZdefault_container_runtimeZ sos_pkg_nameZ sos_bin_pathclient_identifier_urltoken_endpointr$ classmethodr;r,rPrS __classcell__r4r4r2r5r%s,"ra[ Any information provided to %(vendor)s will be treated in accordance with the published support policies at: %(vendor_urls)s The generated archive may contain data considered sensitive and its content should be reviewed by the originating organization before being passed to any third party. No changes will be made to system configuration. zhttps://api.access.redhat.comzsftp://sftp.access.redhat.comcseZdZdZdZdZeZdZe de dZ e Z dZdZd Zd'fd d Zd dZddZddZddZd(ddZddZddZddZd)fdd Zdd Zfd!d"Zd#d$Zd%d&ZZS)*r=at The RHEL policy is used specifically for Red Hat Enterprise Linux, of any release, and not forks or derivative distributions. For example, this policy will be loaded for any RHEL 8 installation, but will not be loaded for CentOS Stream 8 or Red Hat CoreOS, for which there are separate policies. Plugins activated by installed packages will only be activated if those packages are installed via RPM (dnf/yum inclusive). Packages installed by other means are not considered by this policy. By default, --upload will be directed to using the SFTP location provided by Red Hat for technical support cases. Users who provide login credentials for their Red Hat Customer Portal account will have their archives uploaded to a user-specific directory. If users provide those credentials as well as a case number, --upload will instead attempt to directly upload archives to the referenced case, thus streamlining the process of providing data to technical support engineers. If either or both of the credentials or case number are omitted or are incorrect, then a temporary anonymous user will be used for upload to the SFTP server, and users will need to provide that information to their technical support engineer. This information will be printed at the end of the upload process for any sos report execution. rz/etc/redhat-releaser7aThis command will collect diagnostic and configuration information from this %(os_release_name)s system and installed applications. An archive containing the collected information will be generated in %(tmpdir)s and may be provided to a %(vendor)s support representative. %(vendor_text)s postNi@Tcs"tj||||d|tdSNr)r#r$Zregister_presetsrr0r2r4r5r$s  zRHELPolicy.__init__cCs8|jdjr|jtd|js4t|_|jddS)N cmdlineoptszVThe option --upload-user has been deprecated in favour of device authorization in RHEL&No case id provided, uploading to SFTP)commonsrZui_loginfo_case_id RH_SFTP_HOSTrYr1r4r4r5prompt_for_upload_users z!RHELPolicy.prompt_for_upload_usercCs |jdjr|jtddS)NrbzVThe option --upload-pass has been deprecated in favour of device authorization in RHEL)rdZ upload_passrerfrgrjr4r4r5prompt_for_upload_passwords z%RHELPolicy.prompt_for_upload_passwordcCsf|jr |jS|jdjr$|jdjS|jdjdkr8tS|jdjsT|jdtSd}t||jS)NrbZsftprcz /support/v1/cases/%s/attachments)rYrdZupload_protocolrirhrerf RH_API_HOST)r1Z rh_case_apir4r4r5get_upload_urls    zRHELPolicy.get_upload_urlcCsd|j}d|iS)NzBearer Z Authorization) _device_token)r1Zstr_authr4r4r5_get_upload_https_auths z!RHELPolicy._get_upload_https_authcCshd|jdd||fi}t|j|j}||_|j d| t j | |||tdS)zIf upload_https() needs to use requests.post(), use this method. Policies should override this method instead of the base upload_https() :param archive: The open archive file object file//Device authorized correctly. Uploading file to )rMheadersverifytimeout)namesplit_get_upload_headersrr[r\get_access_tokenrorerfget_upload_url_stringrequestsr`rnrpr)r1archivervrMRHELAuthr4r4r5_upload_https_post s   zRHELPolicy._upload_https_postcCs|trdddSiS)NZfalsezno-cache)Z isPrivatez cache-control)rn startswithrmrjr4r4r5rz$s zRHELPolicy._get_upload_headerscCs0|trdS|tr$dS||jS)NzRed Hat Customer PortalzRed Hat Secure FTP)rnrrmriZ_get_obfuscated_upload_urlrYrjr4r4r5r|)s z RHELPolicy.get_upload_url_stringcCs@|jdd}|jr&|jd|}|jrtj|}||jkr:|jtdt|jdt|_ dS)NzLSize of archive is bigger than Red Hat Customer Portal limit for uploads of z via sos http upload. ) r.rFgetsize_max_size_requestreZwarningrgrrirY)r1r~sizer4r4r5check_file_too_bigs   zRHELPolicy.check_file_too_bigc sz(|tr||t|}Wnbtk r}zDd}|jtsL|j t d|dt t |_t|}W5d}~XYnX|S)zOverride the base upload_archive to provide for automatic failover from RHCP failures to the public RH dropbox Fz0Upload to Red Hat Customer Portal failed due to z . Trying N) rnrrmrr#upload_archiverrYrerrgri)r1r~Zuploadedrr2r4r5rs  zRHELPolicy.upload_archivecCsFz,|jd}|j|dd}t|dWStk r@YnXdS)Nzredhat-release*rrDF)r&all_pkgs_by_name_regexr'intr)r1ZrrZpkgnamer4r4r5 dist_versions zRHELPolicy.dist_versioncCsdD]&}|j|ddr|tSq|ddk rD|tS|ddk r\|tS|ddk rt|tS|ddk s|ddk r|tS|d dk r|t Sd D] }||dk r|t Sq|t S) N)ZrescueZ emergencyz.targetFzsatellite-commonz rhosp-releaseZcfmez ovirt-engineZvdsmzautomation-controller-server)zautomation-eda-controllerz automation-eda-controller-server) Z init_systemZ is_running find_presetr pkg_by_namer rr rr r r)r1targetpkgr4r4r5 probe_presets&      zRHELPolicy.probe_preset)NNTN)T)NN) rTrUrV__doc__rWos_release_fileRHEL_RELEASE_STRrA os_release_idrgdisclaimer_textmsgriZ _upload_urlZ_upload_methodrorr$rkrlrnrprrzr|rrrrrrr^r4r4r2r5r=s<     K  r=c@s"eZdZdZdgZdZdZdZdS)r<ZCentOS)Community Websitezhttps://www.centos.org/z/etc/centos-releasez CentOS Linuxr6N)rTrUrVrWrXrrArr4r4r4r5r<s r<csveZdZdZdZededZdZdZ dZ dZ d Z d Z dfd d ZedddZddZdddZddZZS)r>aB Red Hat CoreOS is a containerized host built upon Red Hat Enterprise Linux and as such this policy is built on top of the RHEL policy. For users, this should be entirely transparent as any behavior exhibited or influenced on RHEL systems by that policy will be seen on RHCOS systems as well. The one change is that this policy ensures that sos collect will deploy a container on RHCOS systems in order to facilitate sos report collection, as RHCOS discourages non-default package installation via rpm-ostree which is used to maintain atomicity for RHCOS nodes. The default container image used by this policy is the support-tools image maintained by Red Hat on registry.redhat.io. Note that this policy is only loaded when sos is directly run on an RHCOS node - if sos collect uses the `oc` transport (the default transport that will be attempted by the ocp cluster profile), then the policy loaded inside the launched pod will be RHEL. Again, this is expected and will not impact how sos report collections are performed. zRed Hat Enterprise Linux CoreOSzThis command will collect diagnostic and configuration information from this %(os_release_name)s system. An archive containing the collected information will be generated in %(tmpdir)s and may be provided to a %(vendor)s support representative. r_Trz®istry.redhat.io/rhel8/support-toolsz/hostz rpm -q sosz/var/lib/kubelet/config.jsonNcstj||||ddSrar#r$r0r2r4r5r$s zRedHatCoreOSPolicy.__init__c Cs|r d|kSd}ttjkr|Stjtt}z>t|ddd&}|D]}||j|kO}qJW5QRXWntk r~YnX|S)NZCoreOSFrzutf-8)encoding) rr.environropenread splitlinesrAIOError)rBZremoteZcoreosZ host_releaseZhfileliner4r4r5checks zRedHatCoreOSPolicy.checkcCs |tSrQ)rr rjr4r4r5rszRedHatCoreOSPolicy.probe_presetFc CsL|p|j}|rdnd}|jd|jd|jd|d|d|p@dd| S)Nz --pull=alwaysrz run -di --name zE --privileged --ipc=host --net=host --pid=host -e HOST=/host -e NAME=z -e IMAGE=r9zr -v /run:/run -v /var/log:/var/log -v /etc/machine-id:/etc/machine-id -v /etc/localtime:/etc/localtime -v /:/host )container_imagecontainer_runtimesos_container_name)r1ZimageZauthZ force_pullZ_imageZ_pullr4r4r5create_sos_containers  4z'RedHatCoreOSPolicy.create_sos_containercCs d|jS)Nzpodman rm --force )rrjr4r4r5set_cleanup_cmd,sz"RedHatCoreOSPolicy.set_cleanup_cmd)NNTN)r)NNF)rTrUrVrrArgrrZ containerizedrrZsos_path_stripZcontainer_version_commandZcontainer_authfiler$r]rrrrr^r4r4r2r5r>s*   r>csBeZdZdZdZddgZdZdZdZdfd d Z d d Z Z S)r?aj The policy for Fedora based systems, regardless of spin/edition. This policy is based on the parent Red Hat policy, and thus will only check for RPM packages when considering packaged-based plugin enablement. Packages installed by other sources are not considered. There is no default --upload location for this policy. If users need to upload an sos report archive from a Fedora system, they will need to provide the location via --upload-url, and optionally login credentials for that location via --upload-user and --upload-pass (or the appropriate environment variables). zthe Fedora Project)rzhttps://fedoraproject.org/)zCommunity Forumsz%https://discussion.fedoraproject.org/z/etc/fedora-releasez Fedora Linuxr8NTcstj||||ddSrarr0r2r4r5r$Fs zFedoraPolicy.__init__cCs&|dp|jdd}t|dS)Nzfedora-releasezfedora-release-.*rsrD)rr&rr)r1rr4r4r5fedora_versionLs zFedoraPolicy.fedora_version)NNTN) rTrUrVrrWrXrrArr$rr^r4r4r2r5r?0s r?)0rr.r(rIZsos.policies.authrZsos.report.pluginsrZsos.presets.redhatrrrrrr r r r r Zsos.policies.distrosrrrZ!sos.policies.package_managers.rpmrZ%sos.policies.package_managers.flatpakrZsos.policies.package_managersrZ sos.utilitiesrrrrrrgr}r ImportErrorrrrrmrir=r<r>r?r4r4r4r5 s8  0     }  X