4.299. sos
An updated sos package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link associated with each description below.
SOS is a set of tools that gathers information about system hardware and configuration.
Security Fix
- CVE-2011-4083
- The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic.
Bug fixes
- BZ#600813
- In previous versions, the yumlist
yum
plug-in option attempted to gather the repository list, but this option was broken: runningsosreport -k yum.yumlist=True
returned the following error:no such option "yumlist" for plugin (yum)" error
With this update, the yumlistyum
plug-in option is usable, and instead will include the output of theyum list
command, if enabled (sosreport -k yum.yumlist=True
). As this operation can be slow, yum.yumlist is disabled by default. - BZ#682124
- Previously, the ldap plug-in did not include the
/etc/nslcd.conf
file. Consequently, nonslcd.conf
file was found when running sosreport. With this update, sos now includes/etc/nslcd.conf
in its reports on systems that are using the nss-pam-ldapd nsswitch module. - BZ#683404
- Due to a regression, a bug prevented the autofs plug-in from collecting the output of the
/sbin/chkconfig --list autofs
command. This update corrects the problem and the output ofchkconfig --list autofs
is now correctly stored in thesos_commands/autofs/chkconfig_--list_autofs
file. - BZ#704383
- Due to a bug, sosreport did not capture Logical Volume Manager (LVM) information (vgscan, pvscan, lvs, pvs, and vgs). This update fixes this problem and LVM information is now collected.
- BZ#713449
- The sosreport utility could return misleading command output data. This happened because the utility called the
stdout.strip()
function on the returned command output and the function truncated the leading and trailing whitespace characters. With this update, the function is no longer called in this situation and the returned command output is correct. - BZ#721163
- Prior to this update, the sosreport tool did not capture the IPv6 neighbor list. With this update, the code has been modified and sosreport captures the neighbor list as expected.
- BZ#726360
- Prior to this update, the sosreport tool failed to gather all the relevant data from the qpidd plug-in as the
checkenabled()
function was looking for the qpid package. However, no such package exists. With this update, thecheckenabled()
function now looks for the correct qpid-tool packages and sosreport gathers all the relevant qpid data as expected. In addition, a much greater set of configuration files and tool output is collected in this version. - BZ#736718
- The path to the external RHN
hardware.py
plug-in was incorrect. Therefore the utility failed to locate and capture data from the plug-in. With this update, the path has been corrected and the problem no longer occurs.
Enhancements
- BZ#691477
- USB device information provided by
lsusb
,lsusb -v
, andlsusb -t
commands is now collected by sosreport using the hardware plug-in. - BZ#673244
- This update adds the infiniband plug-in to allow sosreport to collect information about InfiniBand devices. If the libibverbs-utils package is installed, this plug-in will be enabled and includes the output of the
ibv_devices
andibv_devinfo
commands in the sosreport debugging archive. - BZ#677124
- This update adds the iscsitarget plug-in to allow sosreport to collect iSCSI target session information and configuration. If the scsi-target-utils package is installed, this plug-in will be enabled and includes the
/etc/tgt/targets.conf
file and the output oftgtadm --lld iscsi --op show --mode target
command in the sosreport debugging archive. - BZ#683219
- Prior to this update, the sosreport general plug-in excluded files larger than 15 MB when the
syslogsize
option was specified. With this update, such files are truncated to 15 MB, in such a manner as to include the latest events, and saved in the/sosreport/sos_commands/
directory. - BZ#694813
- The general plug-in for sosreport now collects information in the
/etc/init
directory. - BZ#697899
- The networking plug-in now collects details about bridged network interfaces if present, including the output of the
brctl show
andbrctl showstp
commands. - BZ#709491
- The vmware plugin now collects information from
/proc/vmmemctl
. - BZ#714293
- The sosreport utility now captures the
/etc/rhsm/
content. - BZ#726427
- The sosreport utility now collects the results of the
ethtool -g
,ethtool -c
, andethtool -a
commands by default. - BZ#729455
- The sosreport utility now collects the cgroups configuration data.
All users of the sos packages are advised to upgrade to these updated packages, which address these issues and add these enhancements.
Updated sos packages that fix two bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
The sos packages contain a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging.
Bug Fixes
- BZ#800460
- An error in the parsing of the "brctl" command's output caused the sosreport utility to log errors on systems with bridged network configurations. The "sosreport" command printed a Python backtrace and certain bridge configuration information was not collected from the system. This update corrects the parsing of the "brctl" command's output so that no backtrace is printed and full bridge configuration data is collected from the system.
- BZ#817921
- Previously, sos used a single fixed path to collect all libvirt logs in one directory. On certain releases of Red Hat Enterprise Virtualization, the libvirtd.log file could be located in the parent directory and, therefore, the libvirtd.log file was not collected on such systems. The sosreport utility now uses a wildcard character that matches both possible locations for the file. The livirtd.log file is now collected reliably on all supported versions of Red Hat Enterprise Virtualization.
Enhancement
- BZ#801328
- This update adds a new plug-in that is necessary to collect the requisite logs for the Gluster product. Information is collected from the files located in the /etc/glusterd/ and /var/log/glusterfs/ directories.
All users of sos are advised to upgrade to this updated package, which fixes these bugs.