Some/all of the fence agents, when run in --verbose mode which we use when invoking them, will print output that includes the password passed to the BMC.
For example fence_ipmilan will print output like this:
Executing: /usr/bin/ipmitool -I lanplus -H example.com -U user -P thepassword -p 623 -L ADMINISTRATOR chassis power stat
If the power command fails, beaker-provision logs this output as part of the failure so that the administrator has a better chance of figuring out what went wrong. But as a result the passwords end up leaked in /var/log/beaker/provision.log.
Similar to bug 986108 (which censors passwords in the repr() of the power commands) beaker-provision should censor any instance of the password which appears in the power script's output, before it logs it and reports it back to Beaker.
While writing a test case for this I hit long-standing bug 968715: we don't store anywhere near the complete failure message when power commands fail. All I get in my test case is:
ValueError: Power script /home/dcallagh/work/beaker/LabContr
so I'd like to fix that up (perhaps via bug 1318524) for this one.
Plus matching change for dogfood: https://gerrit.beaker-project.org/5191
Beaker 24.0 has been released.