a >h>@sddlZddlZddlmZddlmZddlmZddl m Z ddl m Z ddl mZddlmZdd lmZdd lmZmZmZmZd Zd Zd ZGdddeZGdddeZdS)N)_sos)Policy) InitSystem) SystemdInit)CrioContainerRuntime)PodmanContainerRuntime)DockerContainerRuntime)LxdContainerRuntime) shell_out is_executableboldsos_get_command_outputz/etc/os-release containerZHOSTcs.eZdZdZdZdZdZdZdZdZ dZ dZ dZ dZ dZdZdZdZd ZdZdZd9fd d Zed dZed:ddZddZddZddZddZddZddZeddZedd Z ed!d"Z!d#d$Z"d%d&Z#d'd(Z$d)d*Z%d+d,Z&d-d.Z'd/d0Z(d1d2Z)d;d3d4Z*d5d6Z+d7d8Z,Z-S)< LinuxPolicyzfThis policy is meant to be an abc class that provides common implementations used in Linux distrosNonez/bin:/sbin:/usr/bin:/usr/sbinNdockerFz/usr/binzsos-collector-tmpTcs tj|||d|r||_n|p(d|_||durD||_n$tjdr`t |jd|_nt |_i|_ |j rt |dt|dt|dt|dg}|D]F}|r||j |j<|j|jkr|j |j|j d<|j |jq|j rd|j vrt|j }|j |d|j d<dS)N)sysroot probe_runtime remote_exec/z/run/systemd/system/)chroot)Zpolicydefaultr)super__init__r_container_initinit_kernel_modulesZ init_systemospathisdirrrZruntimesrrrrr Zcheck_is_activenamedefault_container_runtimeZload_container_infolistkeys)selfrinitrrZ_crunZruntimeidx __class__A/usr/lib/python3.9/site-packages/sos/policies/distros/__init__.pyr;s:   zLinuxPolicy.__init__cCsddgS)Nz /etc/passwdz /etc/shadowr)clsr)r)r*set_forbidden_pathsdszLinuxPolicy.set_forbidden_pathscsfdd}|r||StjjrNtjjtjtjjkrNdSttddd}||WdS1s~0YdS)| This function is responsible for determining if the underlying system is supported by this policy. cs`jg}jr|j|D]8}|dr"|ddddd}||vr"dSq"dS)N)zNAME=zID==rz"'TF)os_release_name os_release_idappend splitlines startswithsplitstrip)ZcontentZ_matcheslineZ_distror+r)r*_check_releaseqs   z)LinuxPolicy.check.._check_releaseTrutf-8encodingN) rrisfileos_release_filebasenamerealpathopen OS_RELEASEread)r,remoter9fr)r+r*checkks  zLinuxPolicy.checkcCs|jSN)releaser$r)r)r*kernel_versionszLinuxPolicy.kernel_versioncCs|jSrH)hostnamerJr)r)r* host_nameszLinuxPolicy.host_namecCs|jSrH)ZsmprJr)r)r* is_kernel_smpszLinuxPolicy.is_kernel_smpcCs|jSrH)machinerJr)r)r*get_archszLinuxPolicy.get_archcCs|S)z)Returns the name usd in the pre_work step)rMrJr)r)r*get_local_nameszLinuxPolicy.get_local_namecCstdd|S)Nz[^-a-z,A-Z.0-9]r)resub)r$r r)r)r*sanitize_filenameszLinuxPolicy.sanitize_filenamecCs4|tkr||n||jd||dS)Nz Distribution Policy)rdisplay_self_help set_titler1display_distro_helpr,sectionr)r)r* display_helps zLinuxPolicy.display_helpcCs|d|ddS)NzSoS Distribution PolicieszDistributions supported by SoS will each have a specific policy defined for them, to ensure proper operation of SoS on those systems.)rVadd_textrXr)r)r*rUs zLinuxPolicy.display_self_helpc Cs6|jr |jtjur ||jn |d|ddd}|d|j|jd|jdd|jd|jdd|d}|jD],}|jdd |d d |d d ddq|d}|jtdd dddddd dd|j D]@\}}d |j }|jdd |d|jd|d ddqdS)Nz; Detailed help information for this policy is not availableFzDefault --upload location: zDefault container runtime: )newlinez $PATH used when running report: zReference URLs z>8rz<30r0z<40z#Presets Available With This Policy z Preset Namez<20Z Descriptionz<45zEnabled Options)__doc__rr[ _upload_urlr!PATHZ add_section vendor_urlsr ZpresetsitemsjoinZoptsZto_argsZdesc) r,rYZ_polZrefsecurlZpresecpresetvalueZ_optsr)r)r*rWsF      * zLinuxPolicy.display_distro_helpcCs^ttjvrZtjtdvrZd|_ttjvrZtjts6dStjtjt|j|_tjtSdS)zCheck if sos is running in a container and perform container specific initialisation based on ENV_HOST_SYSROOT. )rZociZpodmanTN) ENV_CONTAINERrenvironZ _in_containerENV_HOST_SYSROOTrabspathZ_tmp_dirrJr)r)r*rs    zLinuxPolicy._container_initc Csg|_tj}tdd|jd}|jdd|ddD|d|d }z`t |d d d >}|D](}| d d dd}|j |qjWdn1s0YWn6t y}z|j d|WYd}~n d}~00ddd}d|d|df} | D](} || } tj| r| } qJq|j ddSg} z^t | d d d :} | D]$}d|vrd| | ddqdWdn1s0YWn8t y}z|j d|WYd}~n d}~00|D] \} }|| vr|j | qdS)zxObtain a list of loaded kernel modules to reference later for plugin enablement and SoSPredicate checks Zlsmodr)timeoutrcSsg|]}|dqS)r)r6r7).0r8r)r)r* sz3LinuxPolicy.init_kernel_modules..r0Nz/usr/lib/modules/z/modules.builtinr:r;r<rz.koz Unable to read kernel builtins: ZCONFIG_NET_DEVLINKZCONFIG_BLK_DEV_DM)ZdevlinkZdm_modz /boot/config-z /lib/modules/z/configz#Unable to find booted kernel configz=yz%Unable to read booted kernel config: )Z kernel_modsrunamerIr rr4extend join_sysrootrBr6r3IOErrorsoslogwarningrexistsrb)r$rIlinesbuiltinsZmfiler8ZkmoderrZconfig_stringsZkconfigsZkconfigZ booted_configZkfileZbuiltinrfr)r)r*rsP    0(     <( zLinuxPolicy.init_kernel_modulescCs*|jr&|jdkr&tj|j|d}|S)Nr)rrrrclstrip)r$rr)r)r*rq#szLinuxPolicy.join_sysrootcCs(|jd}|jr||||_dS)NZ cmdlineopts)ZcommonsZ low_priority_configure_low_priorityprompt_for_case_idcase_idr$Z cmdline_optsr)r)r*pre_work(s zLinuxPolicy.pre_workcCs8|js |js |js ttd|_|jr,|jnd|_|jS)NzNOptionally, please enter the case id that you are generating this report for: r)Zbatchquietr|input_r}r)r)r*r{3szLinuxPolicy.prompt_for_case_idc Cst}tdrdtd|dd}|ddkr<|jdqpd|d d |dd }|j|n |jd zt d |jdWn6t y}z|jd|WYd}~n d}~00dS)ayUsed to constrain sos to a 'low priority' execution, potentially letting individual policies set their own definition of what that is. By default, this will attempt to assign sos to an idle io class via ionice if available. We will also renice our own pid to 19 in order to not cause competition with other host processes for CPU time. Zionicezionice -c3 -p )rkstatusrzSet IO class to idlez Error setting IO class to idle: outputz (exit code )zNWarning: unable to constrain report to idle IO class: ionice is not available.zSet niceness of report to 19z%Error setting report niceness to 19: N) rgetpidr r rsinfoerrorZui_logrtnice Exception)r$Z_pidretmsgrxr)r)r*rz@s&    z#LinuxPolicy._configure_low_prioritycCsdS)zIf sos report commands need to always be prefixed with something, for example running in a specific container image, then it should be defined here. If no prefix should be set, return an empty string instead of None. rr)rJr)r)r*set_sos_prefix_szLinuxPolicy.set_sos_prefixcCsdS)zcIf a host requires additional cleanup, the command should be set and returned here rr)rJr)r)r*set_cleanup_cmdhszLinuxPolicy.set_cleanup_cmdcCsdS)aIReturns the command that will create the container that will be used for running commands inside a container on hosts that require it. This will use the container runtime defined for the host type to launch a container. From there, we use the defined runtime to exec into the container's namespace. :param image: The name of the image if not using the policy default :type image: ``str`` or ``None`` :param auth: The auth string required by the runtime to pull an image from the registry :type auth: ``str`` or ``None`` :param force_pull: Should the runtime forcibly pull the image :type force_pull: ``bool`` :returns: The command to execute to launch the temp container :rtype: ``str`` rr))r$ZimageZauthZ force_pullr)r)r*create_sos_containerosz LinuxPolicy.create_sos_containercCs|jd|jS)aRestarts the container created for sos collect if it has stopped. This is called immediately after create_sos_container() as the command to create the container will exit and the container will stop. For current container runtimes, subsequently starting the container will default to opening a bash shell in the container to keep it running, thus allowing us to exec into it again. z start Zcontainer_runtimesos_container_namerJr)r)r*restart_sos_containers z!LinuxPolicy.restart_sos_containercCs"|jr|jd|jd|S|S)aReturns the command that allows us to exec into the created container for sos collect. :param cmd: The command to run in the sos container :type cmd: ``str`` :returns: The command to execute to run `cmd` in the container :rtype: ``str`` z exec r]r)r$cmdr)r)r*format_container_commands z$LinuxPolicy.format_container_command)NNTN)r)NNF).__name__ __module__ __qualname__r^vendorr`r%r?r1r2r_r!Z_preferred_hash_nameZ containerizedZcontainer_imageZsos_path_stripZ sos_pkg_nameZ sos_bin_pathrZcontainer_version_commandZcontainer_authfiler classmethodr-rGrKrMrNrPrQrTrZrUrWrrrqr~r{rzrrrrr __classcell__r)r)r'r*r#s`)     *;     rc@s,eZdZdZdgZdZdZed ddZdS) GenericLinuxPolicyzThis Policy will be returned if no other policy can be loaded. This should allow for IndependentPlugins to be executed on any system)zUpstream Projectz https://github.com/sosreport/sosZSoSaSoS was unable to determine that the distribution of this system is supported, and has loaded a generic configuration. This may not provide desired behavior, and users are encouraged to request a new distribution-specifc policy at the GitHub project above. rcCstdS)r.N)NotImplementedError)r,rEr)r)r*rGszGenericLinuxPolicy.checkN)r) rrrr^rarZ vendor_textrrGr)r)r)r*rs r)rrRZsosrrZ sos.policiesrZsos.policies.init_systemsrZ!sos.policies.init_systems.systemdrZsos.policies.runtimes.criorZsos.policies.runtimes.podmanrZsos.policies.runtimes.dockerrZsos.policies.runtimes.lxdr Z sos.utilitiesr r r r rCrgrirrr)r)r)r* s$