+++ This bug was initially created as a clone of Bug #1410030 +++
Description of problem:
plain password should not be displayed in logs
Version-Release number of selected component (if applicable):
virt-viewer-2.0-13.el7
How reproducible:
100%
Steps to Reproduce:
1. Enable "auth_unix_rw='sasl'" in /etc/libvirt/libvirtd.conf.
add auth_unix_rw="sasl" in the /etc/libvirt/libvirtd.conf
2. Add sasl user
# saslpasswd2 -a libvirt xiaodwan
(input your passwd)
3. Restart libvirtd service
# service libvirtd restart
4. Connect to a vm by qemu+unix and --attach and --debug option.
# virt-viewer -c qemu+unix:///system demo -a --debug
Actual results:
Plain password is printed.
(virt-viewer:25350): virt-viewer-DEBUG: Got libvirt credential request for 2 credential(s)
(virt-viewer:25350): virt-viewer-DEBUG: Got 'xiaodwan' 8 2
(virt-viewer:25350): virt-viewer-DEBUG: Got 'xxxx' 6 5
Expected results:
plain password should not be printed.
Additional info:
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.
The official life cycle policy can be reviewed here:
http://redhat.com/rhel/lifecycle
This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:
https://access.redhat.com/