From 699a9c48a9ac866ada70206dd1f3b1e1dd23a69c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 29 Oct 2017 15:36:45 +0100 Subject: Change 'show tech-support' behavior to always strip-private Using "show tech-support" cmd will produce the tech-support output without any private information. Using "show tech-support private" cmd will produce the tech-support output with private information included. Note: ===== The Perl script (vyos-strip-config.pl) used to remove any sensible information will in addition remove version numbers if they match the regexp below: # Strip IPv4 addresses $input =~ s/\d+\.\d+\.(\d+)\.(\d+)/xxx.xxx.$1.$2/g if $stripIP; Example: ======== i apt xxx.xxx.9.8.4 amd64 commandline package manager ii apt-transport-https xxx.xxx.9.8.4 amd64 https download transport for APT i apt 1.0.9.8.4 amd64 commandline package manager ii apt-transport-https 1.0.9.8.4 amd64 https download transport for APT This behavior is present in the current implementation and should be addressed during the move to the new Python scripts. --- templates/show/tech-support/brief/node.def | 4 ++-- templates/show/tech-support/brief/save-uncompressed/node.def | 4 ++-- .../show/tech-support/brief/save-uncompressed/node.tag/node.def | 4 ++-- templates/show/tech-support/brief/save/node.def | 4 ++-- templates/show/tech-support/brief/save/node.tag/node.def | 4 ++-- templates/show/tech-support/node.def | 4 ++-- templates/show/tech-support/private/brief/node.def | 7 +++++++ .../show/tech-support/private/brief/save-uncompressed/node.def | 7 +++++++ .../private/brief/save-uncompressed/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/brief/save/node.def | 7 +++++++ templates/show/tech-support/private/brief/save/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/node.def | 7 +++++++ templates/show/tech-support/private/save-uncompressed/node.def | 7 +++++++ .../show/tech-support/private/save-uncompressed/node.tag/node.def | 8 ++++++++ templates/show/tech-support/private/save/node.def | 7 +++++++ templates/show/tech-support/private/save/node.tag/node.def | 8 ++++++++ templates/show/tech-support/save-uncompressed/node.def | 4 ++-- templates/show/tech-support/save-uncompressed/node.tag/node.def | 4 ++-- templates/show/tech-support/save/node.def | 4 ++-- templates/show/tech-support/save/node.tag/node.def | 6 +++--- 20 files changed, 95 insertions(+), 21 deletions(-) create mode 100644 templates/show/tech-support/private/brief/node.def create mode 100644 templates/show/tech-support/private/brief/save-uncompressed/node.def create mode 100644 templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def create mode 100644 templates/show/tech-support/private/brief/save/node.def create mode 100644 templates/show/tech-support/private/brief/save/node.tag/node.def create mode 100644 templates/show/tech-support/private/node.def create mode 100644 templates/show/tech-support/private/save-uncompressed/node.def create mode 100644 templates/show/tech-support/private/save-uncompressed/node.tag/node.def create mode 100644 templates/show/tech-support/private/save/node.def create mode 100644 templates/show/tech-support/private/save/node.tag/node.def (limited to 'templates/show/tech-support') diff --git a/templates/show/tech-support/brief/node.def b/templates/show/tech-support/brief/node.def index 23f588e..9a4a624 100644 --- a/templates/show/tech-support/brief/node.def +++ b/templates/show/tech-support/brief/node.def @@ -1,7 +1,7 @@ -help: Show brief tech-support report +help: Show brief tech-support report (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/brief/save-uncompressed/node.def b/templates/show/tech-support/brief/save-uncompressed/node.def index 7d36614..84b4ed0 100644 --- a/templates/show/tech-support/brief/save-uncompressed/node.def +++ b/templates/show/tech-support/brief/save-uncompressed/node.def @@ -1,7 +1,7 @@ -help: Save uncompressed brief tech-support report +help: Save uncompressed brief tech-support report (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/brief/save-uncompressed/node.tag/node.def b/templates/show/tech-support/brief/save-uncompressed/node.tag/node.def index f1a94c3..dad3949 100644 --- a/templates/show/tech-support/brief/save-uncompressed/node.tag/node.def +++ b/templates/show/tech-support/brief/save-uncompressed/node.tag/node.def @@ -1,8 +1,8 @@ -help: Save uncompressed brief tech-support report to specified path/file +help: Save uncompressed brief tech-support report to specified path/file (private information removed) allowed: echo -n ' :@/> :@/>' run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed $5 + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed $5 | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/brief/save/node.def b/templates/show/tech-support/brief/save/node.def index 966a984..2f8a561 100644 --- a/templates/show/tech-support/brief/save/node.def +++ b/templates/show/tech-support/brief/save/node.def @@ -1,7 +1,7 @@ -help: Save brief tech-support report +help: Save brief tech-support report (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/brief/save/node.tag/node.def b/templates/show/tech-support/brief/save/node.tag/node.def index bf6d45f..f0cfe4a 100644 --- a/templates/show/tech-support/brief/save/node.tag/node.def +++ b/templates/show/tech-support/brief/save/node.tag/node.def @@ -1,8 +1,8 @@ -help: Save compressed brief tech-support report to specified path/file +help: Save compressed brief tech-support report to specified path/file (private information removed) allowed: echo -n ' :@/> :@/>' run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save $5 + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save $5 | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/node.def b/templates/show/tech-support/node.def index 34d8e22..c211e90 100644 --- a/templates/show/tech-support/node.def +++ b/templates/show/tech-support/node.def @@ -1,7 +1,7 @@ -help: Show consolidated tech-support report +help: Show consolidated tech-support report (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support + source ${vyatta_datadir}/vyatta-op/functions/tech-support | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/private/brief/node.def b/templates/show/tech-support/private/brief/node.def new file mode 100644 index 0000000..cc06ccf --- /dev/null +++ b/templates/show/tech-support/private/brief/node.def @@ -0,0 +1,7 @@ +help: Show brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save-uncompressed/node.def b/templates/show/tech-support/private/brief/save-uncompressed/node.def new file mode 100644 index 0000000..9292428 --- /dev/null +++ b/templates/show/tech-support/private/brief/save-uncompressed/node.def @@ -0,0 +1,7 @@ +help: Save uncompressed brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def b/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def new file mode 100644 index 0000000..0976413 --- /dev/null +++ b/templates/show/tech-support/private/brief/save-uncompressed/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save uncompressed brief tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save-uncompressed $5 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save/node.def b/templates/show/tech-support/private/brief/save/node.def new file mode 100644 index 0000000..d069ec2 --- /dev/null +++ b/templates/show/tech-support/private/brief/save/node.def @@ -0,0 +1,7 @@ +help: Save brief tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/brief/save/node.tag/node.def b/templates/show/tech-support/private/brief/save/node.tag/node.def new file mode 100644 index 0000000..f56d02e --- /dev/null +++ b/templates/show/tech-support/private/brief/save/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save compressed brief tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support-brief save $5 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/node.def b/templates/show/tech-support/private/node.def new file mode 100644 index 0000000..32b4c15 --- /dev/null +++ b/templates/show/tech-support/private/node.def @@ -0,0 +1,7 @@ +help: Show consolidated tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save-uncompressed/node.def b/templates/show/tech-support/private/save-uncompressed/node.def new file mode 100644 index 0000000..424e78a --- /dev/null +++ b/templates/show/tech-support/private/save-uncompressed/node.def @@ -0,0 +1,7 @@ +help: Save consolidated tech-support report uncompressed (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed + else + echo Must be an admin user to run this command. + fi diff --git a/templates/show/tech-support/private/save-uncompressed/node.tag/node.def b/templates/show/tech-support/private/save-uncompressed/node.tag/node.def new file mode 100644 index 0000000..f2f7572 --- /dev/null +++ b/templates/show/tech-support/private/save-uncompressed/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save uncompressed tech-support report to specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed $4 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save/node.def b/templates/show/tech-support/private/save/node.def new file mode 100644 index 0000000..87819f6 --- /dev/null +++ b/templates/show/tech-support/private/save/node.def @@ -0,0 +1,7 @@ +help: Save consolidated tech-support report (contains private information) +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/private/save/node.tag/node.def b/templates/show/tech-support/private/save/node.tag/node.def new file mode 100644 index 0000000..5a7b500 --- /dev/null +++ b/templates/show/tech-support/private/save/node.tag/node.def @@ -0,0 +1,8 @@ +help: Save compressed tech-support report to the specified path/file (contains private information) +allowed: echo -n ' :@/> :@/>' +run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; + then + source ${vyatta_datadir}/vyatta-op/functions/tech-support save $4 + else + echo Must be an admin user to run this command + fi diff --git a/templates/show/tech-support/save-uncompressed/node.def b/templates/show/tech-support/save-uncompressed/node.def index 4036eaf..4d828f1 100644 --- a/templates/show/tech-support/save-uncompressed/node.def +++ b/templates/show/tech-support/save-uncompressed/node.def @@ -1,7 +1,7 @@ -help: Save consolidated tech-support report uncompressed +help: Save consolidated tech-support report uncompressed (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed | strip-private else echo Must be an admin user to run this command. fi diff --git a/templates/show/tech-support/save-uncompressed/node.tag/node.def b/templates/show/tech-support/save-uncompressed/node.tag/node.def index 8a637c6..4006afe 100644 --- a/templates/show/tech-support/save-uncompressed/node.tag/node.def +++ b/templates/show/tech-support/save-uncompressed/node.tag/node.def @@ -1,8 +1,8 @@ -help: Save uncompressed tech-support report to specified path/file +help: Save uncompressed tech-support report to specified path/file (private information removed) allowed: echo -n ' :@/> :@/>' run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed $4 + source ${vyatta_datadir}/vyatta-op/functions/tech-support save-uncompressed $4 | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/save/node.def b/templates/show/tech-support/save/node.def index 54635d6..ee1a2f1 100644 --- a/templates/show/tech-support/save/node.def +++ b/templates/show/tech-support/save/node.def @@ -1,7 +1,7 @@ -help: Save consolidated tech-support report +help: Save consolidated tech-support report (private information removed) run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support save + source ${vyatta_datadir}/vyatta-op/functions/tech-support save | strip-private else echo Must be an admin user to run this command fi diff --git a/templates/show/tech-support/save/node.tag/node.def b/templates/show/tech-support/save/node.tag/node.def index 26e91a0..675418b 100644 --- a/templates/show/tech-support/save/node.tag/node.def +++ b/templates/show/tech-support/save/node.tag/node.def @@ -1,8 +1,8 @@ -help: Save compressed tech-support report to the specified path/file -allowed: echo -n ' :@/> :@/>' +help: Save compressed tech-support report to the specified path/file (private information removed) +allowed: echo -n ' :@/> :@/>' run: if [ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/admin" ]; then - source ${vyatta_datadir}/vyatta-op/functions/tech-support save $4 + source ${vyatta_datadir}/vyatta-op/functions/tech-support save $4 | strip-private else echo Must be an admin user to run this command fi -- cgit v1.2.3