From 699a9c48a9ac866ada70206dd1f3b1e1dd23a69c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 29 Oct 2017 15:36:45 +0100 Subject: Change 'show tech-support' behavior to always strip-private Using "show tech-support" cmd will produce the tech-support output without any private information. Using "show tech-support private" cmd will produce the tech-support output with private information included. Note: ===== The Perl script (vyos-strip-config.pl) used to remove any sensible information will in addition remove version numbers if they match the regexp below: # Strip IPv4 addresses $input =~ s/\d+\.\d+\.(\d+)\.(\d+)/xxx.xxx.$1.$2/g if $stripIP; Example: ======== i apt xxx.xxx.9.8.4 amd64 commandline package manager ii apt-transport-https xxx.xxx.9.8.4 amd64 https download transport for APT i apt 1.0.9.8.4 amd64 commandline package manager ii apt-transport-https 1.0.9.8.4 amd64 https download transport for APT This behavior is present in the current implementation and should be addressed during the move to the new Python scripts. --- templates/show/tech-support/private/brief/node.def | 7 +++++++ .../show/tech-support/private/brief/save-uncompressed/node.def | 7 +++++++ .../private/brief/save-uncompressed/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/brief/save/node.def | 7 +++++++ templates/show/tech-support/private/brief/save/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/node.def | 7 +++++++ templates/show/tech-support/private/save-uncompressed/node.def | 7 +++++++ .../show/tech-support/private/save-uncompressed/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/save/node.def | 7 +++++++ templates/show/tech-support/private/save/node.tag/node.def | 8 ++++++++ 10 files changed, 74 insertions(+) create mode 100644 templates/show/tech-support/private/brief/node.def create mode 100644 templates/show/tech-support/private/brief/save-uncompressed/node.def create mode 100644 templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def create mode 100644 templates/show/tech-support/private/brief/save/node.def create mode 100644 templates/show/tech-support/private/brief/save/node.tag/node.def create mode 100644 templates/show/tech-support/private/node.def create mode 100644 templates/show/tech-support/private/save-uncompressed/node.def create mode 100644 templates/show/tech-support/private/save-uncompressed/node.tag/node.def create mode 100644 templates/show/tech-support/private/save/node.def create mode 100644 templates/show/tech-support/private/save/node.tag/node.def (limited to 'templates/show/tech-support/private') diff --git a/templates/show/tech-support/private/brief/node.def b/templates/show/tech-support/private/brief/node.def new file mode 100644 index 0000000..cc06ccf --- /dev/null +++ b/templates/show/tech-support/private/brief/node.def @@ -0,0 +1,7 @@ +help: Show brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save-uncompressed/node.def b/templates/show/tech-support/private/brief/save-uncompressed/node.def new file mode 100644 index 0000000..9292428 --- /dev/null +++ b/templates/show/tech-support/private/brief/save-uncompressed/node.def @@ -0,0 +1,7 @@ +help: Save uncompressed brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def b/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def new file mode 100644 index 0000000..0976413 --- /dev/null +++ b/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save uncompressed brief tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed $5 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save/node.def b/templates/show/tech-support/private/brief/save/node.def new file mode 100644 index 0000000..d069ec2 --- /dev/null +++ b/templates/show/tech-support/private/brief/save/node.def @@ -0,0 +1,7 @@ +help: Save brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save/node.tag/node.def b/templates/show/tech-support/private/brief/save/node.tag/node.def new file mode 100644 index 0000000..f56d02e --- /dev/null +++ b/templates/show/tech-support/private/brief/save/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save compressed brief tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save $5 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/node.def b/templates/show/tech-support/private/node.def new file mode 100644 index 0000000..32b4c15 --- /dev/null +++ b/templates/show/tech-support/private/node.def @@ -0,0 +1,7 @@ +help: Show consolidated tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save-uncompressed/node.def b/templates/show/tech-support/private/save-uncompressed/node.def new file mode 100644 index 0000000..424e78a --- /dev/null +++ b/templates/show/tech-support/private/save-uncompressed/node.def @@ -0,0 +1,7 @@ +help: Save consolidated tech-support report uncompressed (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed + else + echo Must be an admin user to run this command. + fi diff --git a/templates/show/tech-support/private/save-uncompressed/node.tag/node.def b/templates/show/tech-support/private/save-uncompressed/node.tag/node.def new file mode 100644 index 0000000..f2f7572 --- /dev/null +++ b/templates/show/tech-support/private/save-uncompressed/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save uncompressed tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed $4 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save/node.def b/templates/show/tech-support/private/save/node.def new file mode 100644 index 0000000..87819f6 --- /dev/null +++ b/templates/show/tech-support/private/save/node.def @@ -0,0 +1,7 @@ +help: Save consolidated tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save/node.tag/node.def b/templates/show/tech-support/private/save/node.tag/node.def new file mode 100644 index 0000000..5a7b500 --- /dev/null +++ b/templates/show/tech-support/private/save/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save compressed tech-support report to the specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save $4 + else + echo Must be an admin user to run this command + fi -- cgit v1.2.3