RHBA-2015:1323 - Bug Fix Advisory

Topic

An updated sos package that fixes several bugs and adds various enhancements is
now available for Red Hat Enterprise Linux 6.

Description

The sos package contains a set of utilities that gather information from system
hardware, logs, and configuration files. The information can then be used for
diagnostic purposes and debugging.

The sudo package has been upgraded to upstream version 3.2, which provides a
number of bug fixes and enhancements over the previous version. The most notable
bug fixes and enhancements are as follows:

• Increased log size limits.
• Enhanced file archiving and improved sosreport robustness.
• Introduced a number of new plug-ins.
• Implemented the "--profile" option, thus adding profile support for plug-in

selection.

• Added the "--verify", "--log-size", and "--all-logs" global plug-in

command-line options.

• The time-out limit for commands introduced by this rebase has been extended,

providing the crm_report utility enough time to complete.

(BZ#1144525, BZ#1190723)

This update also fixes the following bugs:

• The "glusterfsd: no process killed" message could previously be displayed in

the standard output stream when generating a report. This update modifies the
gluster plug-in to use the built-in callout functions, and the message is no
longer displayed in this situation. (BZ#912946)

• Prior to this update, if the user defined passwords in the /etc/fstab and

/boot/grub/grub.conf files, the sosreport utility included these passwords into
the report. Consequently, the report tarball contained the passwords, either in
plain text format or hashed, which was considered insecure. With this update,
sosreport excludes passwords and other secrets when generating the report. As a
result, /etc/fstab and /boot/grub/grub.conf collected in the report tarball do
not contain the passwords. (BZ#1196717)

• Prior to this update, the data collected by the OpenShift sosreport plug-in

from certain non-default configuration files could contain sensitive data. The
plug-in has been modified to remove any sensitive information from these
configuration files. As a result, the OpenShift sosreport plug-in no longer
captures sensitive data from the mentioned configuration files. (BZ#1203330)

• The networking plug-in for the sos utility previously reported an "unhandled

exception" error when the NetworkManager tool was disabled. With this update,
the status of the nmcli utility is properly checked before the networking
plug-in processes its output, which prevents the plug-in from generating the
error. (BZ#1206661)

• Previously, passwords were not removed from some of the files collected by the

crm_report utility. Consequently, the data collected by crm_report could contain
passwords in plain text format. This update adds the "cluster.crm_scrub" option
to sosreport. The option is enabled by default and removes the password
information from the crm_report data collected by sosreport. As a result, the
data collected by crm_report no longer contains any password information in
plain text format. (BZ#1206581)

In addition, this update adds the following enhancement:

• The sosreport plug-in now enables capturing data required to debug Satellite

Capsule Server problems. (BZ#1135290)

Users of sos are advised to upgrade to this updated package, which fixes these
bugs and adds these enhancements.

Solution

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

• BZ - 912946 - gluster error while generating sosreport in RHEL 6.4.
• BZ - 1119822 - Add /etc/redhat-storage-release to sosreport collection
• BZ - 1135290 - RHEL 6 sosreport integration for Satellite 6 Capsule server debugging
• BZ - 1146416 - Inclusion of the FCoE plugin
• BZ - 1157715 - rpm.py plugin always runs -V
• BZ - 1165878 - activemq plugin does not collect configuration files or logs
• BZ - 1166874 - Add the files from /var/lib/openshift/.settings/* to the openshift sosreport plugin.
• BZ - 1171186 - Cluster plugin not activated when only luci is present on the system (while it collects files also for luci)
• BZ - 1174186 - Teach sosreport to collect tuned information
• BZ - 1181113 - sos tracebacks when running from non-existing directory
• BZ - 1187490 - gluster plugin for sos should collect a new log file, /var/log/glusterfs/cmd_history.log
• BZ - 1190723 - crm_report not being collected with sosreport
• BZ - 1196717 - backport fstab and grub.conf password stripping from upstream
• BZ - 1203330 - OpenShift plugin does not scrub several configuration files
• BZ - 1206661 - networking plugin fails if NetworkManager is disabled
• BZ - 1209442 - MySQL plugin should collect /var/log/mysqld.log
• BZ - 1209455 - Fix "ip addr" collection
• BZ - 1234226 - sos should collect engine-config settings and domain information

CVEs

(none)

References

(none)