[sos-devel] [PATCH] remove password leak from ovirt-engine setup answer file
Sandro Bonazzola
sbonazzo at redhat.com
Mon Nov 17 15:23:41 UTC 2014
Change-Id: Ie86186b48e04141d2ed7ee9b2185eb3a09bbc166
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1162781
Signed-off-by: Sandro Bonazzola <sbonazzo at redhat.com>
---
sos/plugins/ovirt.py | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/sos/plugins/ovirt.py b/sos/plugins/ovirt.py
index 172c1e0..0f1db12 100644
--- a/sos/plugins/ovirt.py
+++ b/sos/plugins/ovirt.py
@@ -182,5 +182,20 @@ class Ovirt(Plugin, RedHatPlugin):
r'{key}=********'.format(key=key)
)
+ # Answer files contain passwords
+ for key in (
+ 'OVESETUP_CONFIG/adminPassword',
+ 'OVESETUP_CONFIG/remoteEngineHostRootPassword',
+ 'OVESETUP_DWH_DB/password',
+ 'OVESETUP_DB/password',
+ 'OVESETUP_REPORTS_CONFIG/adminPassword',
+ 'OVESETUP_REPORTS_DB/password',
+ ):
+ self.do_path_regex_sub(
+ r'/var/lib/ovirt-engine/setup/answers/.*',
+ r'{key}=(.*)'.format(key=key),
+ r'{key}=********'.format(key=key)
+ )
+
# vim: expandtab tabstop=4 shiftwidth=4
--
1.9.3
More information about the sos-devel
mailing list