Bug 2125502

Summary: SoS cleaner does not clean all sensitive things
Product: Red Hat Enterprise Linux 9 Reporter: Pavel Moravec <pmoravec>
Component: sosAssignee: Pavel Moravec <pmoravec>
Status: CLOSED CURRENTRELEASE QA Contact: Upgrades and Supportability <upgrades-and-supportability>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.1CC: agk, bmr, plambri, sbradley, theute
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sos-4.4-1.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-03-16 21:40:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pavel Moravec 2022-09-09 08:01:10 UTC 
This bug was initially created as a copy of Bug #2043233

I am copying this bug because: 

we need to have 8.8 and 9.2 in par


Description of problem:

After installing sos version 4.0-12.el8.4  on an IdM server, I run "sos report --clean" or "sos --clean" and I get a cleaned sos report in a tar file.  When I untar the cleaned  report, I find sensitive information left in the file content, directory names, and file names.



Version-Release number of selected component (if applicable):


    4.0-12.el8.4


How reproducible:


    Reproducible every time for an IdM server on RHEL 8.4


Steps to Reproduce (example.com is not the real domain since the real one is sensitive)


     yum -y install sos

    sos clean --domains example.com,ca.example.com,nj.example.com --keywords example.com, ca.example.com, nj.example.com sosreport.tar

    Number 2 generates a cleaned sosreport.tar.xz and a sosreport_private_map

    Untarred the sosreport.tar.xz

    cd into the sosreport directory

    grep -ir example.com . # EXAMPLE-COM was not obfuscated

    grep -ir 'dc=example,dc=com' . # dc=example,dc=com was not obfuscated

    grep -Er '192.168.' # 192.168.x.in-addr.arpa >8. records returned where x is a number after '192.168.'

    find . -type d > directories.txt

    grep -ir example.com directories.txt #EXAMPLE-COM was not obfuscated in the directories

    grep -ir 15.3.168.192 directories.txt #Returns 15.3.168.192.in-addr.arpa directories

    find . type f > filesnames.txt

    grep -ir example.com filenames.txt # EXAMPLE-COM was not obfuscated in the filenames


Actual results:


     domains and ip addresses are not getting obfuscated.


Expected results:


    all sensitive data should be obfuscated


Additional info:

None
Comment 2 Pavel Moravec 2023-03-16 21:40:12 UTC 
Closing the bugzilla as the fix has been delivered in sos-4.5.0-1.el9 released via https://access.redhat.com/errata/RHBA-2023:1301 errata.