Bug 868988
Summary: | rhevm-installation: during upgrade I can see the db password in the install log | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Dafna Ron <dron> | ||||
Component: | ovirt-engine-setup | Assignee: | Kiril Nesenko <knesenko> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Tareq Alayan <talayan> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | 3.0.7 | CC: | bazulay, dfediuck, dyasny, iheim, mgoldboi, mkenneth, Rhev-m-bugs, ykaul | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | integration | ||||||
Fixed In Version: | si23 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-12-04 20:02:23 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
verified: in upgrade log we cannot see password on plain text: 2012-11-07 18:23:55::DEBUG::common_utils::342::root:: retcode = 0 2012-11-07 18:23:55::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U ******** -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '********';' 2012-11-07 18:23:55::DEBUG::common_utils::340::root:: output = ALTER ROLE |
Created attachment 631633 [details] upgrade log Description of problem: when we run command: 2012-10-22 18:00:36::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '<MYPASSWORD>' the log shows the db password in clear text. Version-Release number of selected component (if applicable): 3.0 -> si21.1 How reproducible: 100% Steps to Reproduce: 1. upgrade 3.0 setup to si21.1 2. 3. Actual results: '/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD shows db password in clear test Expected results: password should be hidden Additional info: full log