Description of problem: Journalctl output is sometimes requested for analyzing bugs, but the output may contain sensitive information, such as host names, user names, MAC addresses, IP addresses, etc. This is a proposal to offer an option to "sanitize" journalctl output according to various criteria. Version-Release number of selected component (if applicable): systemd-238-10.git438ac26.fc28.x86_64 How reproducible: Always. Steps to Reproduce: 1. $ journalctl -b 2. Search for host names, user names, MAC addresses, IP addresses, etc. Actual results: Sensitive information is scattered throughout the output. Expected results: Sensitive information is optionally "obfuscated", resulting in "sanitized" output. Additional info: The "abrt" and "selinux" reporting tools can already "sanitize" bug reports before posting.
Add RFE, Security keywords.
Please open a bug upstream or start a thread on systemd-devel. I doubt that this can be meaningfully done, but even if it can, it's not a downstream Fedora thing.
(In reply to Zbigniew Jędrzejewski-Szmek from comment #2) > ... I doubt that this can be meaningfully done, ... My proposal would be to add support for tagging log entries as "sensitive" and leave the decision as to what should be tagged up to the developers of programs doing the logging. With such tags, users could run something like this: $ journalctl --no-sensitive --no-hostname -b That would filter out records or fields that have been tagged as "sensitive".
There's already a general mechanism to add arbitrary metadata to log entries. For example this could be done by either sticking SENSITIVE=_all into the metadata of the record, or adding SENSITIVE=MESSAGE,LOGIN,... (the names of some other fields in the log message which the application considers sensitive). The problem is not in defining a mechanism like that, but in convincing authors of various daemons to make use of it. If you think this is useful, convince e.g. authors or maintainers of sshd to implement this on the source side.
(In reply to Zbigniew Jędrzejewski-Szmek from comment #4) > ... a general mechanism to add arbitrary metadata to log entries. ... Thanks for pointing that out. > ... convincing authors of various daemons to make use of it. ... OK. The kernel is one of the "offenders": Bug 1647159 - UDF does not respect console log level when DVD is mounted