Issued:
2014-09-16
Updated:
2014-09-16

RHBA-2014:1200 - sos bug fix update

Synopsis

sos bug fix update

Type/Severity

Bug Fix Advisory

Topic

The updated sos package that fixes several bugs is now available for Red Hat Enterprise Linux 5.

Description

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging.

This update fixes the following bugs:

  • Previously, the sosreport utility did not include the output of the "brctl show" command for all systems. Consequently, information on bridged network configurations was only available in the report tarball on systems using Xen for virtualization. With this update, the networking module collects the output of "brctl show" as well as "brctl showstp" commands for each configured bridge, and thus bridged network configuration information is now available in the report tarball for all hosts. (BZ#833406)

  • Previous versions of the sosreport utility used the legacy ifconfig command to detect network interfaces, but ifconfig did not support interfaces named via biosdevname. As a consequence, no information on biosdevname interfaces was present in the report tarball. With this update, the sosreport networking plug-in now uses the "ip" command to detect interfaces of all types, and full information on biosdevname interfaces is now included. (BZ#980177)

  • Previously, the sosreport utility collected the krb5.keytab file from Kerberos installations. Although encrypted, this file can contain sensitive key material. With this update, sosreport collects a summary of krb5.keytab using the klist command but does not collect the krb5.keytab file itself. As a result, krb5.keytab data is still available but no sensitive information is included in the report tarball. (BZ#1029017)

  • Previously, the sosreport "ds" plug-in collected all directory server logs by default. Depending on the log configuration, this could lead to very large report sizes. With this update, sosreport collects by default only the current version of the directory server logs regarding to "access", "errors" and "audit", and rotated logs are not collected by default. In addition, the plug-in now supports an "all_logs" option that can be used to request the old behavior. As a result, the default report size for directory server hosts is now smaller and more consistent unless full log data is explicitly requested. (BZ#1086736)

  • Prior to this update, the sosreport utility could include password material in the grub.conf and fstab files collected by the boot loader and file system plug-ins if present on the collection system. Consequently, passwords, either plain text or hashed, could be included in the report tarball. With this bug fix update, password and other secrets are now removed during collection, and passwords from the fstab or grub.conf files can no longer appear in the report tarball. (BZ#1107751)

Users of sos are advised to upgrade to this updated package, which fixes these bugs.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for Power, big endian5ppc
Red Hat Enterprise Linux for IBM z Systems5s390x
Red Hat Enterprise Linux Workstation5x86_64
Red Hat Enterprise Linux Workstation5i386
Red Hat Enterprise Linux Server5x86_64
Red Hat Enterprise Linux Server5ia64
Red Hat Enterprise Linux Server5i386
Red Hat Enterprise Linux Server from RHUI5x86_64
Red Hat Enterprise Linux Server from RHUI5i386
Red Hat Enterprise Linux Desktop5x86_64
Red Hat Enterprise Linux Desktop5i386

Updated Packages

  • sos-1.7-9.73.el5.noarch.rpm
  • sos-1.7-9.73.el5.src.rpm

Fixes

CVEs

References

(none)

Additional information