[sudo] Capture sudo and sudoers debug log files #3765
Conversation
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
sos/report/plugins/sudo.py
Outdated
| log_file_sudoers = "/var/log/sudoers_debug" | ||
| try: | ||
| with open(config_file, 'r', encoding='UTF-8') as cfile: | ||
| for line in cfile.read().splitlines(): |
There was a problem hiding this comment.
for line in cfile: will iterate over the file without reading the entire thing into memory at once, and will automatically split on newlines.
sos/report/plugins/sudo.py
Outdated
| words = line.split('=') | ||
| if words[0].strip() == 'Debug': | ||
| if words[1].strip() == 'sudo': | ||
| log_file_sudo = words[2].strip() | ||
| if words[1].strip() == 'sudoers.so': | ||
| log_file_sudoers = words[2].strip() | ||
| except IOError as error: | ||
| self._log_error(f'Could not open conf file {config_file}: ' | ||
| f'{error}') | ||
|
|
||
| if not self.get_option("all_logs"): | ||
| self.add_copy_spec([log_file_sudo, log_file_sudoers]) | ||
| else: | ||
| self.add_copy_spec([log_file_sudo+'*', log_file_sudoers+'*']) | ||
|
|
There was a problem hiding this comment.
log_files = ['/var/log/sudo_debug', '/var/log/sudoers_debug']
with open(config_file, 'r', encoding='UTF-8') as cfile:
for line in cfile:
if line.startswith('Debug'):
log_files.append(line.split()[2])
if not self.get_option('all_logs'):
self.add_copy_spec(log_files)
else:
self.add_copy_spec([f"{log}*" for log in log_files]We don't seem to actually care which file is for sudo or sudoers, as we are just passing the filepaths on regardless. With this we also get the other subsystems which are probably valuable if someone has gone through the effort of separating them out. And if the defaults don't exist, add_copy_spec() gracefully skips them.
With the above, we also don't spuriously split the line before we determine if we care about the line by it being started with the Debug keyword. Also, on my Fedora and RHEL boxes locally none of the config files use = as a delimiter, so not sure why we want to split on that?
There was a problem hiding this comment.
Nice, I'll make these changes.
Regarding the = that was an oversight on my side when copying from another plugin. Fixed in the next force push.
Capture sudo and sudoers debug log files. Signed-off-by: Jose Castillo <[email protected]>
jcastill
force-pushed
the
jcastillo-capture-sudo-logs
branch
from
052efc5
to
e28de3f
Compare
|
/packit rebuild-failed |
Capture sudo and sudoers debug log files.
Please place an 'X' inside each '[]' to confirm you adhere to our Contributor Guidelines