Bug 1415652 - IPA replica install log shows password in plain text
Summary: IPA replica install log shows password in plain text
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: IPA Maintainers
QA Contact: Pavel Picka
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-23 11:07 UTC by Abhijeet Kasurde
Modified: 2017-08-01 09:44 UTC (History)
3 users (show)

Fixed In Version: ipa-4.5.0-1.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 09:44:33 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:2304 normal SHIPPED_LIVE ipa bug fix and enhancement update 2017-08-01 12:41:35 UTC

Description Abhijeet Kasurde 2017-01-23 11:07:03 UTC
Description of problem:

[root@server1 ~]# ipa-replica-install -p SimpleSample123 
Configuring client side components
Using existing certificate '/etc/ipa/ca.crt'.
Discovery was successful!
Client hostname: server1.testrelm.test
Realm: TESTRELM.TEST
DNS Domain: testrelm.test
IPA Server: server1.testrelm.test
BaseDN: dc=testrelm,dc=test


[root@server1 ~]# grep SimpleSample123 /var/log/ipareplica-install.log 
2017-01-23T11:04:10Z DEBUG args=/usr/sbin/ipa-client-install --unattended --no-ntp --password SimpleSample123

Version-Release number of selected component (if applicable):
ipa-server-4.4.0-12.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
as above

Actual results:
Password show in plain text in log file

Expected results:
Password should be masked as other passwords are masked.

Comment 2 Jan Cholasta 2017-01-30 09:24:22 UTC
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/6633

Comment 3 Petr Vobornik 2017-02-08 11:07:16 UTC
Fixed upstream.

master:
054c1e013aee6fdbee2e9966c32df02d91f0c2c1 replica install: do not log host OTP

Comment 6 Pavel Picka 2017-06-06 11:59:20 UTC
ipa-server-4.5.0-14.el7.x86_64 - Verfied

Comment 7 errata-xmlrpc 2017-08-01 09:44:33 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2304


Note You need to log in before you can comment on or make changes to this bug.