관리-도구

편집 파일: __init__.cpython-39.pyc

a ����-�_g;�����������������������@���s$
��d�d
l�Z�d�d
l
Z
d�dlmZ
�d�dlmZ
�d�dlmZ
�d�dlm Z
�d�dl mZ
�d�dlm Z
�d�dlmZ
�d�d lmZ
�d�d lmZ
�d�dlmZmZmZmZmZ
�zd�d
lZdZW�n�ey�
�
�
�d ZY�n0�zd�d
lZd�dlmZ
�dZ!W�n�ey�
�
�
�d Z!Y�n0�dZ"dZ#dZ$G�dd��de�Z%G�dd��de%�Z&d
S�)�����N)
�getpass)
�_sos)
�Policy)
� InitSystem)
�SystemdInit)
�CrioContainerRuntime)
�PodmanContainerRuntime)
�DockerContainerRuntime)
�LxdContainerRuntime)� shell_out� is_executable�bold�sos_get_command_output�TIMEOUT_DEFAULTTF)
�Configz/etc/os-release� containerZHOSTc�����������������������s^��e�Z
d�Zd
ZdZdZdZdZdZdZ dZ dZdZdZ dZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZd Z dZ!dZ"dZ#d Z$dZ%dZ&dZ'dq��f
d d� Z(e)dd���
Z*e)drdd�
�
Z+dd��Z,dd��Z-dd��Z.dd��Z/dd��Z0dd��Z1e)dd ���
Z2e)d!d"���
Z3e)d#d$���
Z4d%d&��Z5d'd(��Z6d)d*��Z7d+d,��Z8d-d.��Z9d/d0��Z:d1d2��Z;d3d4��Z<d5d6��Z=d7d8��Z>d9d:��Z?d;d<��Z@d=d>��ZAdsd?d@�
ZBdAdB��ZCdCdD��ZDdEdF��ZEdGdH��ZFdIdJ��ZGdKdL��ZHdMdN��ZIdOdP��ZJdQdR��ZKdSdT��ZLdUdV��ZMdtdWdX�
ZNdYdZ��ZOdud[d\�
ZPd]d^��ZQdvd_d`�
ZRdadb��ZSdwdcdd�
ZTdxdedf�
ZUdgdh��ZVdidj��ZWdydkdl�
ZXdmdn��ZYdodp��ZZ���Z[S�)z�LinuxPolicyzfThis policy is meant to be an abc class that provides common implementations used in Linux distros�Nonez/bin:/sbin:/usr/bin:/usr/sbinN���
/zhttps://s3.amazonaws.com�dockerFz/usr/binzsos-collector-tmpTc��������������������s
��t���j
|
||d
�
�|
r|
|�_n|����p(d|�_|����
�|d�u
rD||�_n$tj�d�
r`t |�jd�
|�_nt ��|�_i�|�_|�j�
rt |�d�
t|�d�
t|�d�
t|�d�
g}|D�]F}|���r�||�j|j<�|j|�jkr�|�j|j�|�jd<�|�j|j����
�q�|�j�
rd|�jv
�
rt|�j����
}|�j|d��|�jd<�d�S�)N)�sysroot� probe_runtime�remote_execr���z/run/systemd/system/)
�chroot)
Zpolicy�defaultr
���)�super�__init__r����_container_init�init_kernel_modulesZinit_system�os�path�isdirr���r���Zruntimesr���r���r ���r���r ���Zcheck_is_active�name�default_container_runtimeZload_container_info�list�keys)�selfr����initr���r���Z_crunZruntime�idx�
� __class__���A/usr/lib/python3.9/site-packages/sos/policies/distros/__init__.pyr���c���s:����

�







�





zLinuxPolicy.__init__c
�����������
������C���s���d
dgS�)Nz/etc/passwdz/etc/shadowr,����
�clsr,���r,���r-����set_forbidden_paths����s����
�zLinuxPolicy.set_forbidden_pathsc��������������������s������f
d
d�}|
r||
�
S�t�j
���j�
rNt�j
���j�
t�j
�t�j
���j�
�
krNdS�ttddd��}||����
W��d���
�S�1�s~0�
�
�
�Y�
�dS�)�| This function is responsible for determining if the underlying system is supported by this policy. c
��������������������s`�����j�g
}
��j
r|
���j
�

�|����D�]8}|�d
�
r"|�d�
dd���d��d�
}||
v�r"
�dS�q"dS�)N)zNAME=zID=�
=�
���r
���z"'TF)�os_release_name� os_release_id�append� splitlines� startswith�split�strip)ZcontentZ_matches�lineZ_distror.���r,���r-����_check_release����s����








z)LinuxPolicy.check.<locals>._check_releaseT�
r�utf-8�
�encodingN) r ���r!����isfile�os_release_file�basename�realpath�open� OS_RELEASE�read)r/����remoter<����
fr,���r.���r-����check����s����


��
zLinuxPolicy.checkc
�����������
���
���C���s���|�j�S��
N)
�release�
r'���r,���r,���r-����kernel_version����s����
zLinuxPolicy.kernel_versionc
�����������
���
���C���s���|�j�S�rK���)
�hostnamerM���r,���r,���r-���� host_name����s����
zLinuxPolicy.host_namec
�����������
���
���C���s���|�j�S�rK���)
ZsmprM���r,���r,���r-���� is_kernel_smp����s����
zLinuxPolicy.is_kernel_smpc
�����������
���
���C���s���|�j�S�rK���)
�machinerM���r,���r,���r-����get_arch����s����
zLinuxPolicy.get_archc
�����������
������C���s���|�����S�)
z)Returns the name usd in the pre_work step)
rP���rM���r,���r,���r-����get_local_name����s����zLinuxPolicy.get_local_namec�����������������C���s���t��
d
d|
�S�)Nz[^-a-z,A-Z.0-9]r�����re�sub)r'���r#���r,���r,���r-����sanitize_filename����s����
zLinuxPolicy.sanitize_filenamec�����������������C���s4���|�t�kr|��
|
�

�n|
�|�j��d
��

�|��|
�

�d�S�)Nz Distribution Policy)r����display_self_help� set_titler4����display_distro_help�r/����sectionr,���r,���r-����display_help����s����

zLinuxPolicy.display_helpc�����������������C���s���|
��d
�

�|
�
d�

�d�S�)NzSoS Distribution Policiesz�Distributions supported by SoS will each have a specific policy defined for them, to ensure proper operation of SoS on those systems.)rZ����add_textr\���r,���r,���r-���rY�������s����

�zLinuxPolicy.display_self_helpc����������� ������C���s6
��|�j�r |�j�t
j�u
r |
�|�j��

�n |
�d
�

�|�d�d�d�}|
�d|j����

�|
jd|j���dd�
�|
jd|j���dd�
�|
�d�
}|�jD�],}|jdd �|d �d�|d�d ��dd�
�q�|
�d�
}|jtdd �dd�dd�dd���
dd�
�|j � ��D�]@\}}d�|j� ���
}|jdd �|d�|jd�|d��dd�
�q�d�S�)Nz; Detailed help information for this policy is not availableFzDefault --upload location: zDefault container runtime: )
�newlinez $PATH used when running report: zReference URLs�
z>8r
���z<30r3���z<40z#Presets Available With This Policy zPreset Namez<20ZDescriptionz<45zEnabled Options)�__doc__r���r_����_upload_urlr$����PATHZadd_section�vendor_urlsr ���Zpresets�items�joinZoptsZto_argsZdesc) r/���r]���Z_polZrefsec�urlZpresec�preset�valueZ_optsr,���r,���r-���r[�������sF����

�

�

�

�

*



���



�zLinuxPolicy.display_distro_helpc
�����������
������C���s^���t�t
jv�rZt
jt��d
v�rZd|�_tt
jv�rZt
jt�s6dS�t
j�t
jt�|�j��
|�_t
jt�S�dS�)z�Check if sos is running in a container and perform container specific initialisation based on ENV_HOST_SYSROOT. )r���ZociZpodmanTN)� ENV_CONTAINERr ����environZ _in_container�ENV_HOST_SYSROOTr!����abspathZ_tmp_dirrM���r,���r,���r-���r�������s����





�
zLinuxPolicy._container_initc
�������������� ���C���s��g�|�_�t
���j}
td
d|�jd����}|�j��dd��|dd��D��
�

�|��d|
��d ��
}z`t |d dd��>}|D�](}|� d �
d�� d�
d�}|�j��|�

�qjW�d���
�n1�s�0�
�
�
�Y�
�W�n6�ty�
�}
�z|�j �d|����

�W�Y�d}~n d}~0�0�ddd�}d|
���d|
��d�f} | D�](} |��| �
} t
j�| �
�
r| }
��
qJ�
q|�j �d�

�dS�g�} z^t |d dd��:}|D�]$}d|v��
rd| �|� d�
d��

��
qdW�d���
�n1��
s�0�
�
�
�Y�
�W�n8�t�
y�
�}
�z|�j �d|����

�W�Y�d}~n d}~0�0�|���D�] \} }|| v��
r�|�j��| �

��
q�dS�)zxObtain a list of loaded kernel modules to reference later for plugin enablement and SoSPredicate checks Zlsmodr
���)�timeoutr���c
�����������������S���s���g�|�]}
|
����d���
���qS�)
r
���)r9���r:���)�.0r;���r,���r,���r-���� <listcomp>
��s���
z3LinuxPolicy.init_kernel_modules.<locals>.<listcomp>r3���Nz/usr/lib/modules/z/modules.builtinr=���r>���r?���r������z.koz Unable to read kernel builtins: ZCONFIG_NET_DEVLINKZCONFIG_BLK_DEV_DM)ZdevlinkZdm_modz /boot/config-z /lib/modules/z/configz#Unable to find booted kernel configz=yz%Unable to read booted kernel config: )Zkernel_modsr ����unamerL���r���r���r7����extend�join_sysrootrE���r9���r6����IOError�soslog�warningr!����existsrf���)r'���rL����lines�builtinsZmfiler;���Zkmod�errZconfig_stringsZkconfigsZkconfigZ booted_configZkfileZbuiltinrj���r,���r,���r-���r���
��sP����


�
�



0

(
�
�









<

(

zLinuxPolicy.init_kernel_modulesc�����������������C���s*���|�j�r&|�j�d
kr&t
j�|�j�|
�d
�
�}
|
S�)Nr���)r���r ���r!���rg����lstrip)r'���r!���r,���r,���r-���ru���K
��s����


zLinuxPolicy.join_sysrootc
�����������������C���s8
��|�j�d
�}
|
j
r|
j
nd}|
jr(|����
�|
j|�_|
j|�_|
j|�_|
j|�_d|�_ |
j |�_ |
j|�_|
j|�_|
j |�_ |
j|�_|
j|�_|
js�|
js�|r�||�j�d
�_
nttd�
|��
|�j�d
�_
|
j
r�|
j
|�_
|
j�
s4|
j�
s4|
jr�|����r�|
jdks�|����
�|����
�n,|
jdk�
r(|����
�|����
�|����
�|����
�|�j�d�

�d�S�)N�cmdlineoptsr���zSOptionally, please enter the case id that you are generating this report for [%s]: �s3)�commonsZcase_idZlow_priority�_configure_low_priority� upload_url�upload_user�upload_directoryZupload_pass�upload_password�upload_archive_name�upload_s3_endpoint�upload_s3_region�upload_s3_access_key�upload_s3_bucket�upload_s3_object_prefix�upload_s3_secret_keyZbatch�quiet�input�
_Zupload�get_upload_url�upload_protocol�prompt_for_upload_user�prompt_for_upload_password�prompt_for_upload_s3_bucket�prompt_for_upload_s3_endpoint�prompt_for_upload_s3_access_key�prompt_for_upload_s3_secret_key�ui_log�info)r'���Zcmdline_optsZcaseidr,���r,���r-����pre_workP
��sR����











�


��

�
�






zLinuxPolicy.pre_workc
�������������� ���C���s����t��
��}
td
�
rdtd|
���dd�}|d�dkr<|�j�d�

�qpd|d ���d |d���d�}|�j�|�

�n|�j�d�

�zt�� d �

�|�j�d�

�W�n6�t y�
�}
�z|�j�d|����

�W�Y�d}~n d}~0�0�dS�)ay
��Used to constrain sos to a 'low priority' execution, potentially letting individual policies set their own definition of what that is. By default, this will attempt to assign sos to an idle io class via ionice if available. We will also renice our own pid to 19 in order to not cause competition with other host processes for CPU time. Zionicezionice -c3 -p �����
ro����statusr
���zSet IO class to idlez Error setting IO class to idle: �outputz (exit code �
)zNWarning: unable to constrain report to idle IO class: ionice is not available.����zSet niceness of report to 19z%Error setting report niceness to 19: N)r ����getpidr���r���rw���r�����errorr����rx����nice� Exception)r'���Z_pid�ret�msgr|���r,���r,���r-���r�����
��s&����


�

�
�



z#LinuxPolicy._configure_low_priorityc
�����������������C���s4���|�����s0d
|��
����d|������d�}
tt|
�
�
|�_dS�)zvShould be overridden by policies to determine if an access key needs to be provided for upload or not z0Please provide the upload access key for bucket � via endpoint �: N)�get_upload_s3_access_key�get_upload_s3_bucket�get_upload_s3_endpointr����r����r�����r'���r����r,���r,���r-���r�����
��s����
���z+LinuxPolicy.prompt_for_upload_s3_access_keyc
�����������������C���s0���|�����s,d
|��
����d|������d�}
t|
�
|�_dS�)zuShould be overridden by policies to determine if a secret key needs to be provided for upload or not z0Please provide the upload secret key for bucket r����r����N)�get_upload_s3_secret_keyr����r����r���r����r����r,���r,���r-���r�����
��s����
���z+LinuxPolicy.prompt_for_upload_s3_secret_keyc
�����������������C���sH���|�j�sB|�j
r*|�j
�d
�
r*|�j
dd��|�_�nttd�
�
}
|
�d�
|�_�|�j�S�)zqShould be overridden by policies to determine if a bucket needs to be provided for upload or not �s3://r����Nz"Please provide the upload bucket: r���)r����r����r8���r����r����r:���)r'���� user_inputr,���r,���r-���r�����
��s����



z'LinuxPolicy.prompt_for_upload_s3_bucketc
�����������������C���s>���|�j�}
|�j
s8d
|������d|
��d�}tt|�
�
}|p4|
|�_
|�j
S�)ztShould be overridden by policies to determine if an endpoint needs to be provided for upload or not z.Please provide the upload endpoint for bucket z (default: z): )�_upload_s3_endpointr����r����r����r����)r'���Zdefault_endpointr����r����r,���r,���r-���r�����
��s����

���

z)LinuxPolicy.prompt_for_upload_s3_endpointc
�����������������C���s*���|�����s&d
|��
����d�}
tt|
�
�
|�_dS�)zdShould be overridden by policies to determine if a user needs to be provided or not zPlease provide upload user for r����N)�get_upload_userr����r����r����r����r����r,���r,���r-���r�����
��s����

z"LinuxPolicy.prompt_for_upload_userc
�����������������C���s4���|�����s0|��
��|�jkr0d
|��
����d�}
t|
�
|�_dS�)zsShould be overridden by policies to determine if a password needs to be provided for upload or not z'Please provide the upload password for r����N)�get_upload_passwordr�����_upload_userr���r����r����r,���r,���r-���r�����
��s����
�
�z&LinuxPolicy.prompt_for_upload_passwordc�����������������C���sL���|
|�_�|�j
s|����|�_
|�j
s$td
�
�
|����}|�j�td|��������
�

�|��S�)a �� Entry point for sos attempts to upload the generated archive to a policy or user specified location. Currently there is support for HTTPS, SFTP, and FTP. HTTPS uploads are preferred for policy-defined defaults. Policies that need to override uploading methods should override the respective upload_https(), upload_sftp(), and/or upload_ftp() methods and should NOT override this method. :param archive: The archive filepath to use for upload :type archive: ``str`` In order to enable this for a policy, that policy needs to implement the following: Required Class Attrs :_upload_url: The default location to use. Note these MUST include protocol header :_upload_user: Default username, if any else None :_upload_password: Default password, if any else None The following Class Attrs may optionally be overidden by the Policy :_upload_directory: Default FTP server directory, if any The following methods may be overridden by ``Policy`` as needed `prompt_for_upload_user()` Determines if sos should prompt for a username or not. `get_upload_user()` Determines if the default or a different username should be used `get_upload_https_auth()` Format authentication data for HTTPS uploads `get_upload_url_string()` Print a more human-friendly string than vendor URLs z;No upload destination provided by policy or by --upload-urlzAttempting upload to ) r����r����r����r�����_determine_upload_typer����r����r�����get_upload_url_string)r'����archiveZupload_funcr,���r,���r-����upload_archive�
��s����,





�zLinuxPolicy.upload_archivec
�����������������C���sv���|�j�|�j
|�j|�jd
�}
|�jd�j|
v�r6|
|�jd�j�S�d|�jv
rHtd�
�
|�j�d�
\}}||
v
rntd|����
�
|
|�S�)a
��Based on the url provided, determine what type of upload to attempt. Note that this requires users to provide a FQDN address, such as https://myvendor.com/api or ftp://myvendor.com instead of myvendor.com/api or myvendor.com )�ftp�sftp�httpsr���r~���z://z#Must provide protocol in upload URLz&Unsupported or unrecognized protocol: ) � upload_ftp�upload_sftp�upload_https� upload_s3r����r����r����r����r9���)r'���ZprotsZprotr����r,���r,���r-���r����#��s����


�






z"LinuxPolicy._determine_upload_typec�����������������C���s&���|
s|�����}
|s|��
��}tj�|
|�S�)
ah
��Formats the user/password credentials using basic auth :param user: The username for upload :type user: ``str`` :param password: Password for `user` to use for upload :type password: ``str`` :returns: The user/password auth suitable for use in requests calls :rtype: ``requests.auth.HTTPBasicAuth()`` )r����r�����requests�authZ HTTPBasicAuth)r'����user�passwordr,���r,���r-����get_upload_https_auth9��s ����


z!LinuxPolicy.get_upload_https_authc
�����������
������C���s���t��
d
d�p|�jp|�jS�)z�Helper function to determine if we should use the policy default upload access key or one provided by the user :returns: The access_key to use for upload :rtype: ``str`` ZSOSUPLOADS3ACCESSKEYN)r ����getenvr�����_upload_s3_access_keyrM���r,���r,���r-���r����L��s ����
��z$LinuxPolicy.get_upload_s3_access_keyc
�����������
������C���s���|�j�s|��
��
�|�j�S�)
z�Helper function to determine if we should use the policy default upload endpoint or one provided by the user :returns: The S3 Endpoint to use for upload :rtype: ``str`` )r����r����rM���r,���r,���r-���r����W��s����

z"LinuxPolicy.get_upload_s3_endpointc
�����������
���
���C���s���|�j�p |�j
S�)
z�Helper function to determine if we should use the policy default upload region or one provided by the user :returns: The S3 region to use for upload :rtype: ``str`` )r�����_upload_s3_regionrM���r,���r,���r-����get_upload_s3_regionb��s����z LinuxPolicy.get_upload_s3_regionc
�����������������C���sb���|�j�rH|�j��
d
�
rH|�j�dd���dd�}
|
d�|�_t|
�
dkrH|
d�|�_|�jsV|����
�|�jp`|�jS�)z�Helper function to determine if we should use the policy default upload bucket or one provided by the user :returns: The S3 bucket to use for upload :rtype: ``str`` r����r����Nr���r3���r
���)r����r8���r9���r�����lenr����r�����_upload_s3_bucket)r'���Zbucket_and_prefixr,���r,���r-���r����k��s����






z LinuxPolicy.get_upload_s3_bucketc
�����������
���
���C���s���|�j�p |�j
S�)
z�Helper function to determine if we should use the policy default upload object prefix or one provided by the user :returns: The S3 object prefix to use for upload :rtype: ``str`` )r�����_upload_s3_object_prefixrM���r,���r,���r-����get_upload_s3_object_prefix{��s����z'LinuxPolicy.get_upload_s3_object_prefixc
�����������
������C���s���t��
d
d�p|�jp|�jS�)z�Helper function to determine if we should use the policy default upload secret key or one provided by the user :returns: The S3 secret key to use for upload :rtype: ``str`` ZSOSUPLOADS3SECRETKEYN)r ���r����r�����_upload_s3_secret_keyrM���r,���r,���r-���r�������s ����
��z$LinuxPolicy.get_upload_s3_secret_keyc
�����������������C���sF���|�j�s:|�j
r:|�jr:|�jr:|����}
|����}d
|
��d|���|�_|�j�pD|�jS�)z�Helper function to determine if we should use the policy default upload url or one provided by the user :returns: The URL to use for upload :rtype: ``str`` r����r���)r����r����r����r����r����r����rc���)r'����bucket�prefixr,���r,���r-���r�������s����
���


zLinuxPolicy.get_upload_urlc�����������������C���s���d
}t��
|d|
�}|S�)Nz([^:]+://[^:]+:)([^@]+)(@.+)z\1********\3rU���)r'���rh����patternZobfuscated_urlr,���r,���r-����_get_obfuscated_upload_url���s����


z&LinuxPolicy._get_obfuscated_upload_urlc
�����������
������C���s���|���|��
���
S�)
z�Used by distro policies to potentially change the string used to report upload location from the URL to a more human-friendly string )r����r����rM���r,���r,���r-���r�������s����z!LinuxPolicy.get_upload_url_stringc
�����������
������C���s���t��
d
d�p|�jp|�jS�)z�Helper function to determine if we should use the policy default upload user or one provided by the user :returns: The username to use for upload :rtype: ``str`` Z SOSUPLOADUSERN)r ���r����r����r����rM���r,���r,���r-���r�������s ����
��zLinuxPolicy.get_upload_userc
�����������
������C���s���t��
d
d�p|�jp|�jS�)a_
��Helper function to determine if we should use the policy default upload password or one provided by the user A user provided password, either via option or the 'SOSUPLOADPASSWORD' environment variable will have precendent over any policy value :returns: The password to use for upload :rtype: ``str`` ZSOSUPLOADPASSWORDN)r ���r����r�����_upload_passwordrM���r,���r,���r-���r�������s ���� 
��zLinuxPolicy.get_upload_passwordc�������������� ���C���s<��t�d
�
st
d�
�
zddl}W�n.�tyJ
�}
�zt
d�
|�W�Y�d}~n d}~0�0�d}|
s\|����}
|sh|����}|�����dd�}d |
��d |���}|j|dd�}d dd|j |j g} |j| dd�} | dkr�d}n�| dk�
r|�|�

�d d|j |j g}|j|dd�dk}|�
st|� ��
�t
d|��������
�
nX| dk�
r<t
d|������d��
�
n8| dk�
rZt
d|��������
�
n| dk�
rtt
d|j����
�
|�
s�|� ��
�t
d|��������
�
d|�j��d |�������}|�|�

�d!|j |j d"g} |j| d#d�}|dk�
r�|�d$�

�dS�|dk�
r�t
d%�
�
|dk�rt
d&|j����
�
|dk�r(t
d'�
�
t
d(|j����
�
dS�))a�
��Attempts to upload the archive to an SFTP location. Due to the lack of well maintained, secure, and generally widespread python libraries for SFTP, sos will shell-out to the system's local ssh installation in order to handle these uploads. Do not override this method with one that uses python-paramiko, as the upstream sos team will reject any PR that includes that dependency. r����zSFTP is not locally supportedr
���NzFSFTP upload requires python3-pexpect, which is not currently installedFzsftp://r���z sftp -oStrictHostKeyChecking=no �
@r>���r?���zsftp>z password:zConnection refused����r����Tr3���zPermission denied� ���z#Incorrect username or password for ����zConnection refused by z. Incorrect port?����z!Timeout hit trying to connect to ����z,Unexpected error trying to connect to sftp: zUnable to connect via SFTP to zput ra���z100%zNo such file or directory����ZbyezTimeout expired while uploadingzUnknown error during upload: z&Unable to write archive to destinationz!Unexpected response from server: )r���r�����pexpect�ImportErrorr����r����r�����replaceZspawnZTIMEOUTZEOF�expectZsendline�closer�����beforer�����_get_sftp_upload_name)r'���r����r����r����r|���Zsftp_connectedZsftp_urlZsftp_cmdr����Zsftp_expectsr)���Zpass_expectsZput_cmdZput_expectsZput_successr,���r,���r-���r�������s�����




�








�





�



� 

�

� 

�


�
� 


�








zLinuxPolicy.upload_sftpc
�����������������C���s*���|�j��
d
�
d�}
|�jr&tj�|�j|
�}
|
S�)a
��If a specific file name pattern is required by the SFTP server, override this method in the relevant Policy. Otherwise the archive's name on disk will be used :returns: Filename as it will exist on the SFTP server :rtype: ``str`` r���rr���)r����r9���r����r ���r!���rg���)r'����fnamer,���r,���r-���r����'��s����


z!LinuxPolicy._get_sftp_upload_namec�����������������C���s���t�j
|����|
|����|td
�S�)z�If upload_https() needs to use requests.put(), use this method. Policies should override this method instead of the base upload_https() :param archive: The open archive file object )�datar�����verifyro���)r�����putr����r����r���)r'���r����r����r,���r,���r-����_upload_https_put4��s����

�zLinuxPolicy._upload_https_putc
�����������
���
���C���s���i�S�)
zJDefine any needed headers to be passed with the POST request here r,���rM���r,���r,���r-����_get_upload_headers?��s����zLinuxPolicy._get_upload_headersc�����������������C���s:���d
|
j��
d�
d�|
|����fi
}tj|����||����|td�S�)z�If upload_https() needs to use requests.post(), use this method. Policies should override this method instead of the base upload_https() :param archive: The open archive file object �filer���rr���)�filesr����r����ro���)r#���r9���r����r����Zpostr����r����r���)r'���r����r����r����r,���r,���r-����_upload_https_postD��s����
��

�zLinuxPolicy._upload_https_postc
�����������������C���s����t�st
d
�
�
t|�jd���}
|�jd�jdkr2|�j}n|�jd�j}|�jd�jdu�}|dkrd|��|
|�}n|�� |
|�}|j dv
r�|j dkr�t
d �
�
t
d |j ��d|j����
�
W�d���
�d S�1�s�0�
�
�
�Y�
�dS�)z�Attempts to upload the archive to an HTTPS location. :returns: ``True`` if upload is successful :rtype: ``bool`` :raises: ``Exception`` if upload was unsuccessful z7Unable to upload due to missing python requests library�rbr~����autoFr����)����������i�
��z/Authentication failed: invalid user credentialszPOST request returned r����NT)�REQUESTS_LOADEDr����rE���r����r����Z upload_method�_upload_methodZupload_no_ssl_verifyr����r����Zstatus_code�reason)r'���Zarc�methodr����r=���r,���r,���r-���r����S��s&����









�
�zLinuxPolicy.upload_httpsc�������������� ���C���s�
��d
dl�}d
dl
}|
s|����}
|
du�r,td�
�
|
�dd�}
|sD|����}|sP|����}|s`|�jp^|�j}z.|j |
||dd�}|s�td�
�
|� |�

�W��
n�|jy�
�}
�ztd |
����
|�W�Y�d}~n�d}~0��|jy�
�}
�ztd |
����
|�W�Y�d}~n�d}~0��|j �
y�
�}
�z�t|�
���d
�} | dk�
r6td|��d ��
|�| dk�
rRtd|��d ��
|�| dk�
rltd|����
|�tdt|�
����
|�W�Y�d}~n d}~0�0�t|�jd��.} |�d|�j�d�
d����| �
�W�d���
�n1��
s�0�
�
�
�Y�
�|���
�dS�)aT��Attempts to upload the archive to either the policy defined or user provided FTP location. :param url: The URL to upload to :type url: ``str`` :param directory: The directory on the FTP server to write to :type directory: ``str`` or ``None`` :param user: The user to authenticate with :type user: ``str`` :param password: The password to use for `user` :type password: ``str`` :returns: ``True`` if upload is successful :rtype: ``bool`` :raises: ``Exception`` if upload in unsuccessful r
���NzIno FTP server specified by policy, use --upload-url to specify a locationzftp://r���r����r����z3connection failed, did you set a user and password?z timeout hit while connecting to zunable to connect to Z503zcould not login as '�
'Z530zinvalid password for user 'Z550z"could not set upload directory to z#error trying to establish session: r����zSTOR r���rr���T)�ftplib�socketr����r����r����r����r����r�����_upload_directoryZFTP�cwdro���ZgaierrorZ error_perm�strr9���rE���r����Z storbinary�quit)r'���rh���Z directoryr����r����r����r����Zsessionr|����errnoZ_arcfiler,���r,���r-���r����r��sV����











$

$








�
�
�

�$
zLinuxPolicy.upload_ftpc�������������� ���C���s&
��t�st
d
�
�
|
s|����}
|s$|����}|s6|�����d�
}|s�|����}|dkr`|�d�
r`|dd��}|dkr�|�d�
s�|r�|��d�nd}|s�|�� ��}|s�|�� ��}tdd�
}tj d|
||||d �}z*||�j�d�
d ��} |�|�j|| �
�W�dS��t
�
y
�}
�z t
dt| �
����
| �W�Y�d} ~ n d} ~ 0�0�dS�) a���Attempts to upload the archive to an S3 bucket. :param endpoint: The S3 endpoint to upload to :type endpoint: str :param region: The S3 region to upload to :type region: str :param bucket: The name of the S3 bucket to upload to :type bucket: str :param prefix: The prefix for the S3 object/key :type prefix: str :param access_key: The access key for the S3 bucket :type access_key: str :param secret_key: The secret key for the S3 bucket :type secret_key: str :returns: True if upload is successful :rtype: bool :raises: Exception if upload is unsuccessful z4Unable to upload due to missing python boto3 libraryr���r���r3���Nzapp/sos)
Zuser_agent_extrar���)Zendpoint_urlZregion_nameZaws_access_key_idZaws_secret_access_keyZconfigrr���TzFailed to upload to S3: )�BOTO3_LOADEDr����r����r����r����r:���r����r8����endswithr����r�����BotocoreConfig�boto3Zclientr����r9���Zupload_filer����)r'���ZendpointZregionr����r����Z access_keyZ secret_keyZboto3_configZ s3_client�key�
er,���r,���r-���r�������sB����











 



�


�

zLinuxPolicy.upload_s3c
�����������
���
���C���s���d
S�)z�If sos report commands need to always be prefixed with something, for example running in a specific container image, then it should be defined here. If no prefix should be set, return an empty string instead of None. r���r,���rM���r,���r,���r-����set_sos_prefix���s����zLinuxPolicy.set_sos_prefixc
�����������
���
���C���s���d
S�)zcIf a host requires additional cleanup, the command should be set and returned here r���r,���rM���r,���r,���r-����set_cleanup_cmd��s����zLinuxPolicy.set_cleanup_cmdc��������������
���C���s���d
S�)aI��Returns the command that will create the container that will be used for running commands inside a container on hosts that require it. This will use the container runtime defined for the host type to launch a container. From there, we use the defined runtime to exec into the container's namespace. :param image: The name of the image if not using the policy default :type image: ``str`` or ``None`` :param auth: The auth string required by the runtime to pull an image from the registry :type auth: ``str`` or ``None`` :param force_pull: Should the runtime forcibly pull the image :type force_pull: ``bool`` :returns: The command to execute to launch the temp container :rtype: ``str`` r���r,���)r'���Zimager����Z force_pullr,���r,���r-����create_sos_container��s����z LinuxPolicy.create_sos_containerc
�����������
������C���s���|�j���d
|�j
���S�)a�
��Restarts the container created for sos collect if it has stopped. This is called immediately after create_sos_container() as the command to create the container will exit and the container will stop. For current container runtimes, subsequently starting the container will default to opening a bash shell in the container to keep it running, thus allowing us to exec into it again. z start �Zcontainer_runtime�sos_container_namerM���r,���r,���r-����restart_sos_container#��s���� z!LinuxPolicy.restart_sos_containerc�����������������C���s"���|�j�r|�j���d
|�j
��d|
���S�|
S�)a
��Returns the command that allows us to exec into the created container for sos collect. :param cmd: The command to run in the sos container :type cmd: ``str`` :returns: The command to execute to run `cmd` in the container :rtype: ``str`` z exec ra���r
��)r'����cmdr,���r,���r-����format_container_command/��s ����

�z$LinuxPolicy.format_container_command)NNTN)
r���)NN)NN)
T)
T)NNNN)NNNNNN)NNF)\�__name__� __module__�__qualname__rb����vendorrd���r(���rB���r4���r5���rc���r����r����r����r����r����r����r����r����r����r����r$���Z_preferred_hash_namer����r����r����r����r����r����r����r����r����Z containerizedZcontainer_imageZsos_path_stripZsos_pkg_nameZsos_bin_pathr
��Zcontainer_version_commandZcontainer_authfiler����classmethodr0���rJ���rN���rP���rQ���rS���rT���rX���r^���rY���r[���r���r���ru���r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r����r�
��r

��r
��r
��� __classcell__r,���r,���r*���r-���r���2���s����
































�
��)




*;6  8    c   F�
�� D  r���c�������������������@���s,���e�Z
d�Zd
Zdg
ZdZdZed dd�
�
ZdS�) �GenericLinuxPolicyz�This Policy will be returned if no other policy can be loaded. This should allow for IndependentPlugins to be executed on any system)zUpstream Projectz https://github.com/sosreport/sosZSoSa

��SoS was unable to determine that the distribution of this system is supported, and has loaded a generic configuration. This may not provide desired behavior, and users are encouraged to request a new distribution-specifc policy at the GitHub project above. r���c��������������
���C���s���t��
d
S�)r1���N)
�NotImplementedError)r/���rH���r,���r,���r-���rJ���L��s����zGenericLinuxPolicy.checkN)
r���) r
��r
��r
��rb���re���r
��Zvendor_textr
��rJ���r,���r,���r,���r-���r
��@��s���



r
��)'r ���rV���r���Zsosr���r����Zsos.policiesr���Zsos.policies.init_systemsr���Z!sos.policies.init_systems.systemdr���Zsos.policies.runtimes.crior���Zsos.policies.runtimes.podmanr���Zsos.policies.runtimes.dockerr ���Zsos.policies.runtimes.lxdr ���Z sos.utilitiesr���r���r ���r���r���r����r����r����r����Zbotocore.configr���r����r����rF���rk���rm���r���r
��r,���r,���r,���r-����<module> ���sF���

















��������