Bug 868988

Summary: rhevm-installation: during upgrade I can see the db password in the install log
Product: Red Hat Enterprise Virtualization Manager Reporter: Dafna Ron <dron>
Component: ovirt-engine-setupAssignee: Kiril Nesenko <knesenko>
Status: CLOSED CURRENTRELEASE QA Contact: Tareq Alayan <talayan>
Severity: high Docs Contact:
Priority: high    
Version: 3.0.7CC: bazulay, dfediuck, dyasny, iheim, mgoldboi, mkenneth, Rhev-m-bugs, ykaul
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: integration
Fixed In Version: si23 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-04 20:02:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
upgrade log none

Description Dafna Ron 2012-10-22 16:39:43 UTC
Created attachment 631633 [details]
upgrade log

Description of problem:

when we run command: 

2012-10-22 18:00:36::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '<MYPASSWORD>'

the log shows the db password in clear text. 

Version-Release number of selected component (if applicable):

3.0 -> si21.1

How reproducible:

100%

Steps to Reproduce:
1. upgrade 3.0 setup to si21.1
2.
3.
  
Actual results:

'/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD shows db password in clear test

Expected results:

password should be hidden

Additional info: full log

Comment 3 Tareq Alayan 2012-11-11 12:09:04 UTC
verified: in upgrade log we cannot see password on plain text: 

2012-11-07 18:23:55::DEBUG::common_utils::342::root:: retcode = 0
2012-11-07 18:23:55::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U ******** -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '********';'
2012-11-07 18:23:55::DEBUG::common_utils::340::root:: output = ALTER ROLE