[sync][sru] sos upstream 4.0

During the Debian packaging, I found a bug that I fixed in:
https://github.com/sosreport/sos/commit/1d7bab6c7ce3f78758113ca3cdf3e9fa1762df24

I also divert from upstream by instructing sos.conf to save sosreport contents into /tmp instead of now enforce location /var/tmp in order to keep same behaviour and because no tmpfiles.d cleanup directive in Debian's systemd implementation is in place at the moment for /var/tmp.

This bug was fixed in the package sosreport - 4.0-1
Sponsored for Eric Desrochers (slashd)

---------------
sosreport (4.0-1) unstable; urgency=medium

  * New 4.0 upstream release.

    Release information and tarballs are available at:
    - https://github.com/sosreport/sos/releases/tag/4.0

  * Other specific modifications:
    - d/p/0001-debian-change-tmp-dir-location.patch
    - d/p/0002-fix-dict-order-py38-incompatiblity.patch

  * d/control: Maintainer change from Louis to Eric.

 -- Eric Desrochers <email address hidden> Wed, 19 Aug 2020 22:49:24 +0000

"4.0-1~ubuntu0.20.04.1" has been uploaded in the focal upload queue, waiting for approval to start building in focal-proposed where more verification will happen across Canonical support team.

- Eric

A suggestion on bringing sos 4.0 to bionic

Leave the original sosreport as it is, so that it doesn't break anything for any users

Introduce a new package called sosreport4 which packages sos 4.0. This would will then give the opportunity to use the new version of sos so that newer data can be collected as well as being able to support the likes of "sos clean" and "sos collect"

Similar how the packaging of python is done, we have python and python3

@arif-ali,

I like the idea.

Let me talk with an Ubuntu archive admin.

Most likely sosreport4 would have to go in universe at first and then go over the MIR process if need be.

I also like to have sosreport4 in Universe and sosreport in Main, since sosreport4 is still experimental ish.

Let's see what an Admin Archive think of that first.

That's also going to involve more package work:

* Does sosreport and sosreport4 needs to break/conflict ? or can co-exist ?
I think it would make more sense to have one or the other.

* Make sure sosreport and sosreport4 follow the same upgrade path if one upgrade from focal to groovy. Note that groovy only has sosreport package which default to 4.0

To summarise the idea:

Groovy (Currently in place as we speak):
- binary package name: sosreport | upstream version: 4.0

Focal (arif-ali proposal):
- binary package name: sosreport | upstream version: 3.0
- binary package name: sosreport4 | upstream version: 4.0

Bionic (arif-ali proposal):
- binary package name: sosreport | upstream version: 3.0
- binary package name: sosreport4 | upstream version: 4.0

As discussed the above proposal might require a meta package call 'sosreport4' in Groovy to ease the upgrade path.

Again let's wait for a Ubuntu archive admin to look at this.

Considering that "sos report" (AKA soreport) doesn't have any feature/behavioural breaks (just usual plugins update/addition/...), and that 4.X focuses more on addition such as "sos clean" and "sos collect", I start to think it's not worth the maintenance of 2 splitting things out.

After a discussion with sil2100 (to get a neutral opinion) he agreed with the above statement.

- Eric

Hello Eric, or anyone else affected,

Accepted sosreport into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/sosreport/4.0-1~ubuntu0.20.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Approved sosreport 4.0 for focal. One thing I want to make sure people testing this are aware of is this snippet from the regression potential section:

"The old config (/etc/sos.conf) contents will not be carried over after update. Users will have to modify the new file (/etc/sos/sos.conf) instead (if needed)."

Normally we'd proceed with providing maintscripts that would handle the mv_conffile for the location change, but here it might not be required. But in case we get a lot of complaints, we can always revisit.

[VERIFICATION FOCAL]

[sos report (new main binary) / sosreport (former binary name)]

Work as usual. It has been tested with simple.sh script, which runs various/several sos scenarios/arguments/...).

[sos clean]

Obfuscation works as expect.

Take a bit of time to complete, but nothing preventing the release of the package for now, spending most of its time at obfuscating data.

Verification includes:
    - Ipv4 address/network obfuscation : OK

3: wlp58s0 inet 100.0.0.1/24 brd 100.0.0.255 scope global dynamic noprefixroute wlp58s0\ obfuscatedword0 7000
8sec preferred_lft 70008sec

#mapping file:
    "ip_map": {
        ...
        "10.10.30.123/24": "100.0.0.1/24",
        ...
}

    - Host name, and domain name obfuscation: OK

$ cat path_to_obfuscated_sosreport/hostname
host0

$ cat path_to_obfuscated_sosreport/var/log/*
Aug 28 08:57:14 host0 kernel: [ 472.635702] usb usb3: New USB device strings: Mfr=3, Product=2, SerialNumber=1
Aug 28 08:57:14 host0 kernel: [ 472.635710] usb usb3: Product: xHCI Host Controller

# mapping file:

    "hostname_map": {
        "thinkpad": "host0"

    - User-provided keyword obfuscations: OK

3: wlp58s0 inet 100.0.0.1/24 brd 100.0.0.255 scope global dynamic noprefixroute wlp58s0\ obfuscatedword0 7000
8sec preferred_lft 70008sec

#mapping file:
    "keyword_map": {
        "valid_lft": "obfuscatedword0"
    }

[sos collect & sos mask (alias)]

sos collector has been tested using SSH key authorization
No problem reported, and it works as expected.

[VERIFICATION FOCAL] [PART 2]

No ERROR nor WARNING found during my testing on container, VM and physical machine (laptop/workstation)

I would like to see testing and feedbacks from others now.

Test report:

- Tested collection of logs, all looks OK.
- Tested obfuscation, extracted obfuscated sosreport and checked *some* of the obfuscated files, all looks OK.
- I obfuscated the original sosreport again, this time I provided a keyword (--keyword ubuntu) to obfuscate and did it OK. It added the word 'ubuntu' to the mapfile:
    "keyword_map": {
        "ubuntu": "obfuscatedword0"
    }

Possible issues:
1) On the 2nd obfuscated sosreport, I still noticed 'ubuntu' in some files:
- installed-debs
- sos_commands/dpkg/dpkg_-l
- sos_commands/snappy/snap_--version

I realize this was a trick word and not a real-world example, but wanted to point it out.

2) I started from scratch, I created a new report, obfuscated it again, this time I did NOT pass any keywords, but it still obfuscated the word 'ubuntu' (and reported it in the mapfile). Is there a cache or something I need to clean up from the previous run? If so, probably needs to be documented.

Jose

Thanks Jose.

1) There is a list of file to skip obfuscation:
https://github.com/sosreport/sos/blob/master/sos/cleaner/obfuscation_archive.py#L56-L77

2) Yes, sos keeps track of obfuscation directive in /etc/sos/cleaner/default_mapping.
Most likely you still have the 'ubuntu' keyword saved in there.

- Eric

Initial Test

* sos report

Ran through the simple.sh as per the document. Had to change all the /var/tmp to /tmp, and then all went through without a problem

sos report passed, and didn't have any problems

same test using sosreport instead, as that is what customers would be used to

Ran all my commands with "-a --batch --case-id=0123456"

* sos clean

tested sos report with --mask option

after extracting, I still have one file, which still shows the hostname

sosreport-host0-0123456-2020-09-10-qbfomdn/sos_commands/lvm2/lvmdump_-d_.tmp.sos.csjtzsye.sosreport-focal-test-0123456-2020-09-10-qbfomdn.sos_commands.lvm2.lvmdump:Creating dump directory: /tmp/sos.csjtzsye/sosreport-focal-test-0123456-2020-09-10-qbfomdn/sos_commands/lvm2/lvmdump

same issue if you use sos clean on top of the sosreport tarball

@arif,

lvmdump obfuscation issue as well as other hostname unobfuscated bit found) has been reported upstream: https://github.com/sosreport/sos/issues/2236

I personally don't consider this a major blocker for the actual release, because one still has to validate and check the content before passing it along to any 3rd party.

sos clean message:

"
Note that this utility provides a best-effort approach to data obfuscation, but
it does not guarantee that such obfuscation provides complete coverage of all
such data in the archive, or that any obfuscation is provided to data that does
not fit the description above.
"

- Eric

....

"
Users should review any resulting data and/or archives generated or processed by
this utility for remaining sensitive content before being passed to a third
party.
"

Since from my understanding the sos clean command is a new feature in this release, I don't think we should block the release because of it being imperfect. As long as all the issues have been reported and made their way upstream, I think we are good to go as is.

This bug was fixed in the package sosreport - 4.0-1~ubuntu0.20.04.1

---------------
sosreport (4.0-1~ubuntu0.20.04.1) focal; urgency=medium

  * New 4.0 upstream release. (LP: #1892275)

    Release information and tarballs are available at:
    - https://github.com/sosreport/sos/releases/tag/4.0

  * Other specific modifications:
    - d/p/0001-debian-change-tmp-dir-location.patch
    - d/p/0002-fix-dict-order-py38-incompatibility.patch

  * d/control: Maintainer change from Louis to Eric.

 -- Eric Desrochers <email address hidden> Thu, 27 Aug 2020 13:59:51 +0000

The verification of the Stable Release Update for sosreport has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Reviewing the Bionic SRU, I see some changes between Focal and the Bionic backport:

debhelper compat moved back to 11
Removal of setuptools, sphinx and pexpect from Python dependencies

...but I don't see any mention of these changes in the changelog.

Were these changes intentional? Presumably the debhelper change was, but what about the Python dependency changes? Are they going to cause an accidental regression in some corner case? Please could you explain why the changes are needed, and mention them in the changelog?

I ask SRU team to drop 'sosreport' in Bionic's upload queue, as I'd like to add more things to the package after re-consideration.

Will re-submit soon.

- Eric

Settting Bionic to 'Won't fix' as I will focus effort on new 4.1 release via LP: #1917894