From 3aba67d53584ba81bcebe87bb0e7612f18e56c7a Mon Sep 17 00:00:00 2001
From: "Bryn M. Reeves" <bmr@redhat.com>
Date: Thu, 3 Apr 2014 21:30:07 +0100
Subject: [PATCH 64/72] Add oVirt plugin

Add a plugin for oVirt based on the RHEV log collector plugin
with improvements and suggestions from Sandro Bonazzola.

Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
 sos/plugins/ovirt.py | 136 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 136 insertions(+)
 create mode 100644 sos/plugins/ovirt.py

diff --git a/sos/plugins/ovirt.py b/sos/plugins/ovirt.py
new file mode 100644
index 0000000..3e64538
--- /dev/null
+++ b/sos/plugins/ovirt.py
@@ -0,0 +1,136 @@
+## Copyright (C) 2014 Red Hat, Inc., Sandro Bonazzola <sbonazzo@redhat.com>
+## Copyright (C) 2014 Red Hat, Inc., Bryn M. Reeves <bmr@redhat.com>
+## Copyright (C) 2010 Red Hat, Inc.
+
+### This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+import os
+import re
+import signal
+
+
+from sos.plugins import Plugin, RedHatPlugin
+
+
+# Class name must be the same as file name and method names must not change
+class Ovirt(Plugin, RedHatPlugin):
+    """oVirt Engine related information"""
+
+    DB_PASS_FILES = re.compile(
+        flags=re.VERBOSE,
+        pattern=r"""
+        ^
+        /etc/
+        (rhevm|ovirt-engine)/
+        engine.conf
+        (\.d/.+.conf)?
+        $
+        """
+    )
+
+    DEFAULT_SENSITIVE_KEYS = (
+        'ENGINE_DB_PASSWORD:ENGINE_PKI_TRUST_STORE_PASSWORD:'
+        'ENGINE_PKI_ENGINE_STORE_PASSWORD'
+    )
+
+    plugin_name = "ovirt"
+
+    option_list = [
+        ('jbosstrace', 'Enable oVirt Engine JBoss stack trace collection', '', True),
+        ('sensitive_keys', 'Sensitive keys to be masked', '', DEFAULT_SENSITIVE_KEYS)
+    ]
+
+    def setup(self):
+        if self.get_option('jbosstrace'):
+            engine_pattern = "^ovirt-engine\ -server.*jboss-modules.jar"
+            pgrep = "pgrep -f '%s'" % engine_pattern
+            lines = self.call_ext_prog(pgrep)[1].splitlines()
+            engine_pids = [int(x) for x in lines]
+            if not engine_pids:
+                self.soslog.error('Unable to get ovirt-engine pid')
+                self.add_alert('Unable to get ovirt-engine pid')
+            for pid in engine_pids:
+                try:
+                    # backtrace written to '/var/log/ovirt-engine/console.log
+                    os.kill(pid, signal.SIGQUIT)
+                except OSError as e:
+                    self.soslog.error('Unable to send signal to %d' % pid, e)
+
+        self.add_forbidden_path('/etc/ovirt-engine/.pgpass')
+        self.add_forbidden_path('/etc/rhevm/.pgpass')
+        # Copy engine config files.
+        self.add_copy_specs([
+            "/etc/ovirt-engine",
+            "/etc/rhevm",
+            "/var/log/ovirt-engine",
+            "/var/log/rhevm",
+            "/etc/sysconfig/ovirt-engine",
+            "/usr/share/ovirt-engine/conf",
+            "/var/log/ovirt-guest-agent",
+            "/var/lib/ovirt-engine/setup-history.txt",
+            "/var/lib/ovirt-engine/setup/answers",
+            "/var/lib/ovirt-engine/external_truststore",
+            "/var/tmp/ovirt-engine/config"
+        ])
+
+    def postproc(self):
+        """
+        Obfuscate sensitive keys.
+        """
+        self.do_file_sub(
+            "/etc/ovirt-engine/engine-config/engine-config.properties",
+            r"Password.type=(.*)",
+            r"Password.type=********"
+        )
+        self.do_file_sub(
+            "/etc/rhevm/rhevm-config/rhevm-config.properties",
+            r"Password.type=(.*)",
+            r"Password.type=********"
+        )
+
+        engine_files = (
+            'ovirt-engine.xml',
+            'ovirt-engine_history/current/ovirt-engine.v1.xml',
+            'ovirt-engine_history/ovirt-engine.boot.xml',
+            'ovirt-engine_history/ovirt-engine.initial.xml',
+            'ovirt-engine_history/ovirt-engine.last.xml',
+        )
+        for filename in engine_files:
+            self.do_file_sub(
+                "/var/tmp/ovirt-engine/config/%s" % filename,
+                r"<password>(.*)</password>",
+                r"<password>********</password>"
+            )
+
+        self.do_file_sub(
+            "/etc/ovirt-engine/redhatsupportplugin.conf",
+            r"proxyPassword=(.*)",
+            r"proxyPassword=********"
+        )
+
+        sensitive_keys = self.DEFAULT_SENSITIVE_KEYS
+        #Handle --alloptions case which set this to True.
+        keys_opt = self.get_option('sensitive_keys')
+        if keys_opt and keys_opt is not True:
+            sensitive_keys = keys_opt
+        key_list = [x for x in sensitive_keys.split(':') if x]
+        for key in key_list:
+                self.do_path_regex_sub(
+                    self.DB_PASS_FILES,
+                    r'{key}=(.*)'.format(key=key),
+                    r'{key}=********'.format(key=key)
+                )
+
+# vim: expandtab tabstop=4 shiftwidth=4
-- 
1.9.3