Uploaded image for project: 'Red Hat Insights Engineering'
  1. Red Hat Insights Engineering
  2. RHINENG-18491

After updating core to 3.5.14 or 3.5.15, obfuscation of hostname and ip address is enabled by default

XMLWordPrintable

    • Important
    • 3
    • Framework Sprint May27-Jun13

      ** Note that this is a public ticket, please refrain from adding any sensitive data. **

      Soon after upgrading the core to 3.5.15 , The end-users have started reporting an issue where insights-client is working fine but it's always obfuscating the hostnames. 

      Based on my self-investigation, It's not a 3.15.5 issue but most probably a issue in 3.15.4 that was never reverted and hence 3.15.5 also has the same issue. 

       

      Changelog : https://api.access.redhat.com/r/insights/v1/static/core/changelog.el9.txt  

       

      --> https://github.com/RedHatInsights/insights-core/commit/8f6ee99f410d10f2ca2263ae1e2a00a6763ad76f is the commit that introduces obfuscation_list option to deprecate the older obfuscation options and also always obfuscates the hostnames now. 

       

      So every system with core 3.5.15 would be reported in console_dot via obfuscated hostname and ip addresses. 

       

      Test done:

       

      # insights-client --version
Client: 3.2.8
Core: 3.5.15-1
# insights-client --no-upload
# mkdir /tmp/insights
# tar xf /var/cache/insights-client/insights-20250603172339-def1eb.tar.gz -C /tmp/insights
# cd /tmp/insights
# cat insights-20250603172339-def1eb/data/blacklist_report 
{"obfuscation_list": ["ipv4", "hostname"], "commands": 0, "files": 0, "components": 0, "patterns": 0, "keywords": 0, "using_new_format": true, "using_patterns_regex": false}
# cat insights-20250603172339-def1eb/data/insights_commands/hostname
83d5342d12eb.example.com

      My findings: 

      When the insights-client.conf  is like this:

       

      # grep obfuscate /etc/insights-client/insights-client.conf
obfuscate=False
obfuscate_hostname=False
or
# grep obfuscate /etc/insights-client/insights-client.conf
obfuscate=True
obfuscate_hostname=False

      Then `obfuscation_list` is triggered somehow and always obfuscates the ipv4 as well as hostname . 

      When they are commented out i.e. 

       

       

      # grep obfuscate /etc/insights-client/insights-client.conf
#obfuscate=False
#obfuscate_hostname=False
or
# grep obfuscate /etc/insights-client/insights-client.conf
#obfuscate=True
#obfuscate_hostname=False

       

       

      Then obfuscation_list is set to null and everything works as usual i.e. no obfuscation happens. 

       

              rhn-support-xialiu Xiangce Liu
              rhn-support-saydas Sayan Das
              Qianqian Zhang Qianqian Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              15 Start watching this issue

                Created:
                Updated:
                Resolved: