Description of problem: oVirt plugin for sosreport includes /etc/ovirt-engine/aaa directory, which commonly includes bind-dn and password Version-Release number of selected component (if applicable): 3.5.0 and onwards How reproducible: 100% Steps to Reproduce: 1. Specify a password in /etc/ovirt-engine/aaa/<anyprofile>.properties 2. Run a sosreport Actual results: The properties file for the profile contains the password, used for binding to the directory Expected results: Passwords should be replaced by ****** Additional info:
Please open a corresponding ticket on sos report: https://github.com/sosreport/sos and push the patch there too. Starting with EL6.7 and already on Fedora and EL7+ log-collector is using sos plugins only.
Please when opening upstream issues please include enough information that the reader can tell what is being reported (and ideally fix it) without having to visit another site (i.e. everything that's in comment#0 not "See this rhbz#").
Issue reported at https://github.com/sosreport/sos/issues/588
Closing upstream since ovirt sos report is handled in sos upstream project. Please open a BZ on RHEL (And Fedora for upstream) sos component for including the submitted patch.
This should remain open as a tracker for the fix in SOS. Please add the dependency once that bubg is created.
(In reply to Yaniv Dary from comment #5) > This should remain open as a tracker for the fix in SOS. Please add the > dependency once that bubg is created. I don't see why a bug in a sos plugin not shipped within log-collector should be tracked in log-collector. We can require a newer version of sos if you want, but this is not what this bug is about.
FYI we'll be attempting to get a sos-3.3 release out fairly soon (with this patch) and will update Fedora packages once that is out.
Upstream: https://github.com/sosreport/sos/commit/da3f566
Thanks Bryn!
Why did you remove the blocker?
Why should this be a blocker? We need to require a package which is not even released upstream and which is not yet in any supported distribution. If we block on this we need to postpone oVirt 3.6.0 until sos-3.3 will be out in Fedora and CentOS.
Devel NAK: Waiting on upstream sos to release 3.3.
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
In oVirt testing is done on single release by default. Therefore I'm removing the 4.0 flag. If you think this bug must be tested in 4.0 as well, please re-add the flag. Please note we might not have testing resources to handle the 4.0 clone.
We're hoping to release sos-3.3 next week. I'll update the bug again with a link to the release once it's out.
Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA.
oVirt 4.0 beta has been released, moving to RC milestone.
Do you know when this version will be released?
We're hoping to tag a beta commit today with a view to 3.3 being release mid next week.
(In reply to Bryn M. Reeves from comment #20) > We're hoping to tag a beta commit today with a view to 3.3 being release mid > next week. What is the ETA for release in RHEL? 7.3?
bug 1293044. Please speak to Pavel Moravec (pmoravec) for specific RHEL7 package queries - he's been the RHEL7 maintainer for a couple of releases now.
Can you please provide the info request in comment #21?
Upstream SOS 3.3 has been released. - check if already available in Fedora - check if already available in EPEL / Virt SIG - check if it works out of the box with current log-collector code. If not, please open a rebase bug in order to support it.
I'm hoping to have a rawhide build done late this week or early next, with updates to follow for other supported Fedora releases.
(In reply to Bryn M. Reeves from comment #26) > I'm hoping to have a rawhide build done late this week or early next, with > updates to follow for other supported Fedora releases. Bryn, any updates?
Lev, 3.3 is now within RHEL and 3.4 is now available in Fedora. Can you please update log-collector requires on 3.3 and check data within the report to match what asked in comment #0 ?
(In reply to Sandro Bonazzola from comment #30) > Lev, 3.3 is now within RHEL and 3.4 is now available in Fedora. > Can you please update log-collector requires on 3.3 and check data within > the report to match what asked in comment #0 ? Done, fixed in ovirt-log-collector-4.1.1. Verified: $ cat internal.properties config.datasource.jdbcurl=jdbc:postgresql://localhost:5432/engine?sslfactory=org.postgresql.ssl.NonValidatingFactory config.datasource.dbuser=engine config.datasource.dbpassword=********* config.datasource.jdbcdriver=org.postgresql.Driver
Verified on ovirt-log-collector-4.1.1-1.el7ev.noarch cat ./sosreport-engine-20170510142909/etc/ovirt-engine/aaa/internal.properties config.datasource.jdbcurl=jdbc:postgresql://localhost:5432/engine?sslfactory=org.postgresql.ssl.NonValidatingFactory config.datasource.dbuser=engine config.datasource.dbpassword=********* config.datasource.jdbcdriver=org.postgresql.Driver config.datasource.schemaname=aaa_jdbc