Bug 671051
| Summary: | DB password appearing in traceback email sent by satellite | ||
|---|---|---|---|
| Product: | Red Hat Satellite 5 | Reporter: | Marcelo Moreira de Mello <mmello> |
| Component: | Server | Assignee: | Michael Mráka <mmraka> |
| Status: | CLOSED ERRATA | QA Contact: | Jiri Kastner <jkastner> |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 530 | CC: | cperry, jkastner, mmello, mmraka, xdmoon |
| Target Milestone: | --- | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | spacewalk-backend-1.2.13-34.el5sat | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-03-28 09:32:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 646488 | ||
See also: https://bugzilla.redhat.com/show_bug.cgi?id=164651 https://bugzilla.redhat.com/show_bug.cgi?id=428595 https://bugzilla.redhat.com/show_bug.cgi?id=490624 It should be fixed in spacewalk git by
commit cf722531cf89fb6f1c04b63f0dcb3ae4190e0df6
hide cleartext password from traceback
Fixed in spacewalk package spacewalk-backend-1.3.37-1.
Frame connect in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 385
e = <type 'instance'> ORA-01017: invalid username/password; logon denied
errno = <type 'int'> 1017
self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x9df664c>
ret = <type 'tuple'> (1017, 'ORA-01017: invalid username/password; logon denied\n', 'Connection_Connect(): begin session')
reconnect = <type 'int'> 1
err_args = <type 'list'> ['<CENSORED!>', 1017, 'ORA-01017: invalid username/password; logon denied\n', 'Connection_Connect(): begin session']
errmsg = <type 'str'> ORA-01017: invalid username/password; logon denied
Frame __init__DB in /usr/share/rhn/server/rhnSQL/__init__.py at line 52
username = <type 'str'> <CENSORED!>an
db_class = <type 'classobj'> server.rhnSQL.driver_cx_Oracle.Database
database = <type 'str'> <CENSORED!>
host = <type 'str'> localhost
password = <type 'str'> <CENSORED!>
port = <type 'NoneType'> None
backend = <type 'str'> oracle
Frame initDB in /usr/share/rhn/server/rhnSQL/__init__.py at line 127
username = <type 'str'> <CENSORED!>an
database = <type 'str'> <CENSORED!>
dsn = <type 'str'> <CENSORED!>
host = <type 'str'> localhost
password = <type 'str'> <CENSORED!>
port = <type 'NoneType'> None
backend = <type 'str'> oracle
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0387.html |
Description of problem: DB password is appearing in clear text in traceback email which is generated by satellite server. Version-Release number of selected component (if applicable): Red Hat Network Satellite .53 How reproducible: Always Actual results: Traceback shows DB password Expected results: Traceback hides DB password Additional info: Exception Handler Information Traceback (most recent call last): File "/usr/share/rhn/server/apacheHandler.py", line 72, in headerParserHandler rhnSQL.initDB() File "/usr/share/rhn/server/rhnSQL/__init__.py", line 98, in initDB __init__DB(backend, host, port, username, password, database) File "/usr/share/rhn/server/rhnSQL/__init__.py", line 59, in __init__DB __DB.check_connection() File "/usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py", line 445, in check_connection self.connect() # only allow one try File "/usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py", line 336, in connect raise apply(sql_base.SQLConnectError, err_args) SQLConnectError: (1034, 'ORA-01034: ORACLE not available\nORA-27101: shared memory realm does not exist\nLinux-x86_64 Error: 2: No such file or directory\n', 'RHNPROD', 'Connection_Connect(): begin session') Local variables by frame Frame connect in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 336 e = <type 'instance'> ORA-01034: ORACLE not available ORA-27101: shared memory realm does not exist Linux-x86_64 Error: 2: No such file or directory errno = <type 'int'> 1034 self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x2aeca6361950> ret = <type 'tuple'> (1034, 'ORA-01034: ORACLE not available\nORA-27101: shared memory realm does no t exist\nLinux-x86_64 Error: 2: No such file or directory\n', 'Connection_Connect(): begin session') errmsg = <type 'str'> ORA-01034: ORACLE not available ORA-27101: shared memory realm does not exist Linux-x86_64 Error: 2: No such file or directory Frame check_connection in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 445 h = <type 'instance'> <__builtin__.OracleCursor on <cx_Oracle.Connection to RHNSAT RHNPROD>> self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x2aeca6361950> Frame __init__DB in /usr/share/rhn/server/rhnSQL/__init__.py at line 59 username = <type 'str'> RHNSAT database = <type 'str'> RHNPROD host = <type 'str'> localhost password = <type 'str'> S3cr3tP4S5 port = <type 'NoneType'> None backend = <type 'str'> oracle Frame initDB in /usr/share/rhn/server/rhnSQL/__init__.py at line 104 username = <type 'str'> RHNSAT temp = <type 'str'> S3cr3tP4S5 RHNPROD database = <type 'str'> RHNPROD dsn = <type 'str'> <CENSORED!> host = <type 'str'> localhost password = <type 'str'> S3cr3tP4S5 port = <type 'NoneType'> None