Bug 1107751
Summary: | backport fstab and grub.conf password stripping from upstream | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Bryn M. Reeves <bmr> | |
Component: | sos | Assignee: | Bryn M. Reeves <bmr> | |
Status: | CLOSED ERRATA | QA Contact: | David Kutálek <dkutalek> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 5.10 | CC: | agk, bmr, dkutalek, gavin | |
Target Milestone: | rc | Keywords: | Patch, Upstream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | sos-1.7-9.73.el5 | Doc Type: | Bug Fix | |
Doc Text: |
Cause:
Previous versions of sos would include password material in the grub.conf and fstab files collected by the bootloader and filesys plugins if present on the collection system.
Consequence:
Passwords (either plain text or hashed) could be included in the report tarball.
Fix:
Password and other secrets are now redacted during collection.
Result:
No passwords from the fstab or grub.conf files are now included in the report tarball.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1196717 (view as bug list) | Environment: | ||
Last Closed: | 2014-09-16 00:31:55 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
Bryn M. Reeves
2014-06-10 14:17:19 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1200.html |