1.5. 清理 sos 报告

sos 实用程序提供了一个代码来混淆潜在的敏感数据，如用户名、主机名、IP 或 MAC 地址或其他用户指定的关键字。原始 sos 报告 或 sos 收集 保持不变，新的 *-obfuscated.tar.xz 文件被生成并应该与第三方共享。

注意

您可以将清理功能附加到 sos 报告，或使用 --clean 选项 收集 命令：

[user@server1 ~]$ sudo sos report --clean

先决条件

您已生成 sos 报告 或 sos 收集 tarball。
（可选） 您可以在用户名、主机名和其他想要模糊处理以外的特定关键字列表中。

流程

针对 sos report 或 sos collect tarball 运行 sos clean 命令，并按照屏幕上的说明进行操作。

您可以添加 --keywords 选项，以额外清理给定关键字列表。

您可以添加 --usernames 选项以模糊处理进一步敏感的用户名。

对于通过 lastlog 文件报告的 UID 为 1000 及以上的用户，将自动运行自动用户名清理。这个选项用于可能未显示为实际登录的 LDAP 用户，但可能会在某些日志文件中发生。

[user@server1 ~]$ sudo sos clean /var/tmp/sos-collector-2022-05-15-pafsr.tar.xz
[sudo] password for user:

sos clean (version 4.2)

This command will attempt to obfuscate information that is generally considered to be potentially sensitive. Such information includes IP addresses, MAC addresses, domain names, and any user-provided keywords.

Note that this utility provides a best-effort approach to data obfuscation, but it does not guarantee that such obfuscation provides complete coverage of all such data in the archive, or that any obfuscation is provided to data that does not fit the description above.

Users should review any resulting data and/or archives generated or processed by this utility for remaining sensitive content before being passed to a third party.


Press ENTER to continue, or CTRL-C to quit.

Found 4 total reports to obfuscate, processing up to 4 concurrently

sosreport-primary-rhel8-2022-05-15-nchbdmd :      Extracting...
sosreport-sos-node1-2022-05-15-wmlomgu :      Extracting...
sosreport-sos-node2-2022-05-15-obsudzc :      Extracting...
sos-collector-2022-05-15-pafsr :                   Beginning obfuscation...
sosreport-sos-node1-2022-05-15-wmlomgu :      Beginning obfuscation...
sos-collector-2022-05-15-pafsr :                   Obfuscation completed
sosreport-primary-rhel8-2022-05-15-nchbdmd :      Beginning obfuscation...
sosreport-sos-node2-2022-05-15-obsudzc :      Beginning obfuscation...
sosreport-primary-rhel8-2022-05-15-nchbdmd :      Re-compressing...
sosreport-sos-node2-2022-05-15-obsudzc :      Re-compressing...
sosreport-sos-node1-2022-05-15-wmlomgu :      Re-compressing...
sosreport-primary-rhel8-2022-05-15-nchbdmd :      Obfuscation completed
sosreport-sos-node2-2022-05-15-obsudzc :      Obfuscation completed
sosreport-sos-node1-2022-05-15-wmlomgu :      Obfuscation completed

Successfully obfuscated 4 report(s)

A mapping of obfuscated elements is available at
    /var/tmp/sos-collector-2022-05-15-pafsr-private_map

The obfuscated archive is available at
    /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz

    Size    157.10KiB
    Owner    root

Please send the obfuscated archive to your support representative and keep the mapping file private

验证

验证 sos clean 命令是否在与命令输出中描述匹配的 /var/tmp/ 目录中创建了模糊的存档和模糊的归档。

[user@server1 ~]$ sudo ls -l /var/tmp/sos-collector-2022-05-15-pafsr-private_map /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz
[sudo] password for user:

-rw-------. 1 root root 160868 May 15 16:10 /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz
-rw-------. 1 root root  96622 May 15 16:10 /var/tmp/sos-collector-2022-05-15-pafsr-private_map

检查 *-private_map 文件中的 obfuscation 映射：

[user@server1 ~]$ sudo cat /var/tmp/sos-collector-2022-05-15-pafsr-private_map
[sudo] password for user:

{
    "hostname_map": {
        "pmoravec-rhel8": "host0"
    },
    "ip_map": {
        "10.44.128.0/22": "100.0.0.0/22",
..
    "username_map": {
        "foobaruser": "obfuscateduser0",
        "jsmith": "obfuscateduser1",
        "johndoe": "obfuscateduser2"
    }
}

重要

保持原始的 unobfuscated 归档和 *private_map 文件，因为红帽支持可能会引用您需要转换为原始值的模糊术语。

1.5. 清理 sos 报告

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links