Hello o/ I've verified this by deploying OpenStack Yoga on Jammy via juju then running sos report on the various machines
## Check ceph obfuscation ubuntu@stg-reproducer-bryanfraschetti-project-bastion:~$ juju ssh ceph- rgw/0 # Before enabling proposed ubuntu@juju-35531a-verif-testing-4:~$ sudo sos report ubuntu@juju-35531a-verif-testing-4:~$ tar -xf /tmp/sosreport-juju-35531a-verif-testing-4-2025-06-06-fnzgjcu.tar.xz ubuntu@juju-35531a-verif-testing-4:~$ cat sosreport-juju-35531a-verif-testing-4-2025-06-06-fnzgjcu/etc/ceph/ceph.conf Observed that password (rgw keystone admin password) is present in plaintext # After enabling proposed ubuntu@juju-35531a-verif-testing-4:~$ sudo add-apt-repository -y "deb http://archive.ubuntu.com/ubuntu jammy-proposed main restricted universe multiverse" ubuntu@juju-35531a-verif-testing-4:~$ sudo apt update && sudo apt upgrade -y ubuntu@juju-35531a-verif-testing-4:~$ sudo sos report ubuntu@juju-35531a-verif-testing-4:~$ tar -xf /tmp/sosreport-juju-35531a-verif-testing-4-2025-06-06-ouwvavz.tar.xz ubuntu@juju-35531a-verif-testing-4:~$ cat sosreport-juju-35531a-verif-testing-4-2025-06-06-ouwvavz/etc/ceph/ceph.conf [global] ... File contents ... rgw keystone admin user = s3_swift rgw keystone admin password = ********* rgw keystone api version = 3 rgw keystone admin domain = service_domain ... Continued file contents Note that rgw keystone admin password is successfully obfuscated # Check for existence of auth.log, syslog, kern.log, and ubuntu- advantage.log ubuntu@juju-35531a-verif-testing-4:~$ ls -alh sosreport-juju-35531a-verif-testing-4-2025-06-06-ouwvavz/var/log/ # Note that I truncated the listing to just those of concern for brevity total 700K drwxrwxr-x 7 root root 4.0K Jun 6 19:03 . drwxr-xr-x 7 root root 4.0K Jun 6 18:27 .. -rw-r----- 1 syslog adm 10K Jun 6 19:04 auth.log -rw-r----- 1 root adm 43K Jun 6 18:26 dmesg -rw-r----- 1 syslog adm 68K Jun 6 19:04 kern.log -rw-r----- 1 syslog adm 261K Jun 6 19:04 syslog -rw-r----- 1 root root 16K Jun 6 19:04 ubuntu-advantage.log ## Check Horizon obfuscation ubuntu@stg-reproducer-bryanfraschetti-project-bastion:~$ juju ssh openstack-dashboard/0 # Before enabling proposed ubuntu@juju-35531a-verif-testing-14:~$ sudo sos report ubuntu@juju-35531a-verif-testing-14:~$ tar -xf /tmp/sosreport-juju-35531a-verif-testing-14-2025-06-06-qfunzxc.tar.xz ubuntu@juju-35531a-verif-testing-14:~$ egrep "PASSWORD|SECRET_KEY" sosreport-juju-35531a-verif-testing-14-2025-06-06-qfunzxc/etc/openstack-dashboard/local_settings.py Observed that SECRET_KEY, PASSWORD, and EMAIL_HOST_PASSWORD are not obfuscated # After enabling proposed ubuntu@juju-35531a-verif-testing-14:~$ sudo add-apt-repository -y "deb http://archive.ubuntu.com/ubuntu jammy-proposed main restricted universe multiverse" ubuntu@juju-35531a-verif-testing-14:~$ sudo apt update && sudo apt upgrade -y ubuntu@juju-35531a-verif-testing-14:~$ sudo sos report ubuntu@juju-35531a-verif-testing-14:~$ sudo tar -xf /tmp/sosreport-juju-35531a-verif-testing-14-2025-06-06-lrqqhif.tar.xz ubuntu@juju-35531a-verif-testing-14:~$ egrep "PASSWORD|SECRET_KEY" sosreport-juju-35531a-verif-testing-14-2025-06-06-lrqqhif/etc/openstack-dashboard/local_settings.py SECRET_KEY = ********* 'PASSWORD': ********* EMAIL_HOST_PASSWORD = ********* Note that all are now successfully obfuscated # Check for auth.log, syslog, kern.log, and ubuntu-advantage.log ubuntu@juju-35531a-verif-testing-14:~$ ls -alh sosreport-juju-35531a-verif-testing-14-2025-06-06-lrqqhif/var/log/ # Note that I truncated the listing to just those of concern for brevity total 804K drwxrwxr-x 7 root root 4.0K Jun 6 19:30 . drwxr-xr-x 7 root root 4.0K Jun 6 18:27 .. -rw-r----- 1 syslog adm 18K Jun 6 19:31 auth.log -rw-r----- 1 root adm 43K Jun 6 18:26 dmesg -rw-r----- 1 syslog adm 68K Jun 6 19:31 kern.log -rw-r----- 1 syslog adm 276K Jun 6 19:31 syslog -rw-r----- 1 root root 16K Jun 6 19:31 ubuntu-advantage.log I will repeat this testing on noble and oracular -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2101134 Title: [sru] Obfuscation/Collection issues in sosreport/sos 4.8.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-pro/+bug/2101134/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
