Bug 1619385
| Summary: | Password hashes in Automate Log | |||
|---|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Christian Jung <cbolz> | |
| Component: | Automate | Assignee: | Lucy Fu <lufu> | |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Dmitry Misharov <dmisharo> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | 5.9.3 | CC: | cbolz, dmetzger, dmisharo, mfeifer, mkanoor, obarenbo, pmcgowan, simaishi, tfitzger | |
| Target Milestone: | GA | Keywords: | Regression, TestOnly, ZStream | |
| Target Release: | 5.10.0 | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | 5.10.0.18 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1634808 (view as bug list) | Environment: | ||
| Last Closed: | 2019-02-12 16:49:18 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1634808 | |||
|
Description
Christian Jung
2018-08-20 16:43:23 UTC
Hi Christian, Thanks for the update. I'm going to change this ticket to be more generic. Regards, Tina New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/2247c8a028940a82d3e9fd1fa29d4e8e64e5629e commit 2247c8a028940a82d3e9fd1fa29d4e8e64e5629e Author: Lucy Fu <lufu> AuthorDate: Thu Sep 13 10:46:57 2018 -0400 Commit: Lucy Fu <lufu> CommitDate: Thu Sep 13 10:46:57 2018 -0400 Add regex for dialog password fields. https://bugzilla.redhat.com/show_bug.cgi?id=1619385 app/models/miq_request_workflow.rb | 2 +- spec/models/miq_request_workflow_spec.rb | 6 + 2 files changed, 7 insertions(+), 1 deletion(-) New commits detected on ManageIQ/manageiq-automation_engine/master: https://github.com/ManageIQ/manageiq-automation_engine/commit/c9a6e9803760f8c1dad48715eb9178cd03bfad2a commit c9a6e9803760f8c1dad48715eb9178cd03bfad2a Author: Lucy Fu <lufu> AuthorDate: Thu Sep 13 09:33:17 2018 -0400 Commit: Lucy Fu <lufu> CommitDate: Thu Sep 13 09:33:17 2018 -0400 The "_id" attribute should be added only for VMDB objects. The "_id" attribute is not meant for fields like password::dialog_password_field. https://bugzilla.redhat.com/show_bug.cgi?id=1619385 lib/miq_automation_engine/engine/miq_ae_engine/miq_ae_object.rb | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) https://github.com/ManageIQ/manageiq-automation_engine/commit/4a3cf53f7f61aa5b00661081042ac17f5c7253cb commit 4a3cf53f7f61aa5b00661081042ac17f5c7253cb Author: Lucy Fu <lufu> AuthorDate: Thu Sep 13 09:28:19 2018 -0400 Commit: Lucy Fu <lufu> CommitDate: Thu Sep 13 09:28:19 2018 -0400 Hide the password value in automate and evm.log. https://bugzilla.redhat.com/show_bug.cgi?id=1619385 lib/miq_automation_engine/engine/miq_ae_engine.rb | 10 +- lib/miq_automation_engine/engine/miq_ae_engine/miq_ae_domain_search.rb | 2 +- lib/miq_automation_engine/engine/miq_ae_engine/miq_ae_workspace_runtime.rb | 2 +- lib/miq_automation_engine/engine/miq_ae_method_service/miq_ae_service.rb | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) New commit detected on ManageIQ/manageiq-gems-pending/master: https://github.com/ManageIQ/manageiq-gems-pending/commit/744d4c983cdb5ab8ba68e68938860e2dd3e11dd7 commit 744d4c983cdb5ab8ba68e68938860e2dd3e11dd7 Author: Lucy Fu <lufu> AuthorDate: Fri Sep 14 13:20:18 2018 -0400 Commit: Lucy Fu <lufu> CommitDate: Fri Sep 14 13:20:18 2018 -0400 Add regex for URL encoded password value. https://bugzilla.redhat.com/show_bug.cgi?id=1619385 lib/gems/pending/util/miq-password.rb | 7 +- spec/util/miq-password_spec.rb | 6 +- 2 files changed, 8 insertions(+), 5 deletions(-) New commit detected on ManageIQ/manageiq-gems-pending/hammer: https://github.com/ManageIQ/manageiq-gems-pending/commit/448fc49b99ee8eb97c532450287337eb82978054 commit 448fc49b99ee8eb97c532450287337eb82978054 Author: Brandon Dunne <brandondunne> AuthorDate: Tue Sep 25 14:52:08 2018 -0400 Commit: Brandon Dunne <brandondunne> CommitDate: Tue Sep 25 14:52:08 2018 -0400 Merge pull request #373 from lfu/password_log_1619385 Changes to MiqPassword.sanitize_string to support URL encoded password. (cherry picked from commit 2fa61e91ce5eeba1dc969e38c76faaee61cb7eb6) https://bugzilla.redhat.com/show_bug.cgi?id=1619385 lib/gems/pending/util/miq-password.rb | 7 +- spec/util/miq-password_spec.rb | 6 +- 2 files changed, 8 insertions(+), 5 deletions(-) New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/e0f463be18b1afed262cf40fa63ae33a03c25d64 commit e0f463be18b1afed262cf40fa63ae33a03c25d64 Author: Lucy Fu <lufu> AuthorDate: Thu Sep 27 14:03:14 2018 -0400 Commit: Lucy Fu <lufu> CommitDate: Thu Sep 27 14:03:14 2018 -0400 Hide the password values in the log messages. https://bugzilla.redhat.com/show_bug.cgi?id=1619385 app/models/manageiq/providers/embedded_ansible/automation_manager/playbook.rb | 3 +- 1 file changed, 2 insertions(+), 1 deletion(-) New commit detected on ManageIQ/manageiq/hammer: https://github.com/ManageIQ/manageiq/commit/bf5c14fce3f3d9681369e0132d2bbc7489426ab0 commit bf5c14fce3f3d9681369e0132d2bbc7489426ab0 Author: Greg McCullough <gmccullo> AuthorDate: Thu Sep 27 14:39:57 2018 -0400 Commit: Greg McCullough <gmccullo> CommitDate: Thu Sep 27 14:39:57 2018 -0400 Merge pull request #18028 from lfu/password_log_2_1619385 Hide the password values in the log messages. (cherry picked from commit 4aee0f3931a86a3b68f8305ee7d56c78df91b056) https://bugzilla.redhat.com/show_bug.cgi?id=1619385 app/models/manageiq/providers/embedded_ansible/automation_manager/playbook.rb | 3 +- 1 file changed, 2 insertions(+), 1 deletion(-) Fixed and verified in 5.10.0.19.20181009184346_1c8bf5d. Passwords hashes are not shown in the logs, "*" characters shown instead. |