ó uÈÔec@sYddlmZmZmZddlmZddlmZdeefd„ƒYZdS(iÿÿÿÿ(tPlugint RedHatPlugint SoSPredicate(tglob(texiststIpacBsheZdZdZdZeZeZdZdZ d „Z d „Z d „Z d „Z d „Zd„ZRS(s Identity, policy, audit tipatidentitytapaches/etc/ipas ipa-servers ipa-clientsfreeipa-serversfreeipa-clientcCsN|jdƒs'tdƒs'tdƒr+dS|jdƒsFtdƒrJdSdS(Ns pki-servers /var/lib/pkis/usr/share/doc/ipa-server-4.2.0tv4s pki-commons/var/lib/pki-ca/tv3(t is_installedRtNone(tself((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pytcheck_ipa_server_versions   cCs.td|jƒs&td|jƒr*tSdS(Ns%s/conf/ca/CS.cfgs%s/conf/CS.cfg(Rtpki_tomcat_dir_v4tpki_tomcat_dir_v3tTrue(R ((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pyt ca_installed'scCs&|jdƒs|jdƒr"tSdS(Ns ipa-serversfreeipa-server(R R(R ((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pytipa_server_installed-sc Csl|dkr:|jdddddddd d d g ƒn.|d krh|jd dddddgƒndS(NR s /var/log/pki/pki-tomcat/ca/debugs!/var/log/pki/pki-tomcat/ca/systems'/var/log/pki/pki-tomcat/ca/transactionss(/var/log/pki/pki-tomcat/ca/selftests.logs"/var/log/pki/pki-tomcat/catalina.*s/var/log/pki/pki-ca-spawn.*s!/var/log/pki/pki-tomcat/kra/debugs"/var/log/pki/pki-tomcat/kra/systems(/var/log/pki/pki-tomcat/kra/transactionss/var/log/pki/pki-kra-spawn.*R s/var/log/pki-ca/debugs/var/log/pki-ca/systems/var/log/pki-ca/transactionss/var/log/pki-ca/selftests.logs/var/log/pki-ca/catalina.*(t add_copy_spec(R t ipa_version((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pytretrieve_pki_logs2s(   cCsd|_d|_d|_d|_|jƒ}|jƒry|jdƒ|jd|ƒ|jddd d d gƒn|jƒr¢|jd ƒ|j |ƒn|jd ddddddddddddddddddd d!d"d#gƒ|d$kr|j|_ |j|_ n|j|_ |j|_ |j d%|j ƒ|jd&|j ƒ|j d'd(d)d*d+d,d-d.d/d0|j d1|j d2|j g ƒ|j d3d4d5d6d7d8d9gƒt|d:d;gƒ}|j d<d=|ƒx%td>ƒD]}|j d?|ƒqøWdS(@Ns/var/lib/pki/pki-tomcats/var/lib/pki-cas/etc/pki/pki-tomcat/cas /etc/pki-casIPA server install detectedsIPA version is [%s]s/var/log/ipaserver-install.logs"/var/log/ipaserver-kra-install.logs/var/log/ipareplica-install.logs"/var/log/ipareplica-ca-install.logs/var/log/ipa-custodia.audit.logs$CA is installed: retrieving PKI logss/var/log/ipaclient-install.logs/var/log/ipaupgrade.logs/var/log/krb5kdc.logs#/var/log/dirsrv/slapd-*/logs/accesss#/var/log/dirsrv/slapd-*/logs/errorss/etc/dirsrv/slapd-*/dse.ldifs&/etc/dirsrv/slapd-*/schema/99user.ldifs /etc/hostss/etc/httpd/alias/*s /etc/named.*s/etc/ipa/ca.crts/etc/ipa/default.confs/etc/ipa/kdcproxy/kdcproxy.confs$/etc/ipa/kdcproxy/ipa-kdc-proxy.confs/etc/ipa/kdcproxy.confs/root/.ipa/log/cli.logs#/var/lib/certmonger/requests/[0-9]*s/var/lib/certmonger/cas/[0-9]*s/var/lib/ipa/ra-agent.pems/var/lib/ipa/certs/httpd.crts/var/kerberos/krb5kdc/kdc.crts(/var/lib/ipa/sysrestore/sysrestore.states)/var/log/ipa/healthcheck/healthcheck.log*R scertutil -L -d %s/aliass %s/CS.cfgs/etc/pki/nssdb/key*s/etc/dirsrv/slapd-*/key*s/etc/dirsrv/slapd-*/pin.txts/etc/dirsrv/slapd-*/pwdfile.txts/etc/httpd/alias/ipasession.keys/etc/httpd/alias/key*s/etc/httpd/alias/pin.txts/etc/httpd/alias/pwdfile.txts/etc/named.keytabs %s/alias/key*s%s/flatfile.txts%s/password.confs"ls -la /etc/dirsrv/slapd-*/schema/s certutil -L -d /etc/httpd/alias/spki-server cert-find --show-alls%pki-server subsystem-cert-validate cas klist -ket /etc/dirsrv/ds.keytabs%klist -ket /etc/httpd/conf/ipa.keytabs,klist -ket /var/lib/ipa/gssproxy/http.keytabtservicest certmongers getcert listtpreds/etc/dirsrv/slapd-*/scertutil -L -d %s(RRtpki_tomcat_conf_dir_v4tpki_tomcat_conf_dir_v3RRt _log_debugRRRtpki_tomcat_dirtpki_tomcat_conf_dirtadd_cmd_outputtadd_forbidden_pathRR(R Rt getcert_predtcertdb_directory((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pytsetupJs–                    cCsfd}d}|jd||ƒ|jdddƒd}x't|ƒD]}|j|dd ƒqEWdS( Ns(\s*arg \"password )[^\"]*s \1********s/etc/named.confs getcert lists (pin=)'(\d+)'s\1'***'s#/var/lib/certmonger/requests/[0-9]*s(key_pin=)(\d+)s\1***(t do_file_subtdo_cmd_output_subR(R tmatchtsubstt request_logst request_log((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pytpostproc¬s  (RR(s/etc/ipa(s ipa-servers ipa-clientsfreeipa-serversfreeipa-client(t__name__t __module__t__doc__t plugin_nametprofilestFalset ipa_servert ipa_clienttfilestpackagesRRRRR#R*(((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pyRs    bN(t sos.pluginsRRRRtos.pathRR(((s3/usr/lib/python2.7/site-packages/sos/plugins/ipa.pyt s