Bug 671051 - DB password appearing in traceback email sent by satellite
DB password appearing in traceback email sent by satellite
Status: CLOSED ERRATA
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Server (Show other bugs)
530
All All
urgent Severity urgent
: ---
: ---
Assigned To: Michael Mráka
Jiri Kastner
: Regression
Depends On:
Blocks: sat54-errata
  Show dependency treegraph
 
Reported: 2011-01-19 22:42 EST by Marcelo Moreira de Mello
Modified: 2011-03-28 05:32 EDT (History)
5 users (show)

See Also:
Fixed In Version: spacewalk-backend-1.2.13-34.el5sat
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-03-28 05:32:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcelo Moreira de Mello 2011-01-19 22:42:05 EST
Description of problem:

DB password is appearing in clear text in
traceback email which is generated by satellite server.

Version-Release number of selected component (if applicable):
Red Hat Network Satellite .53

How reproducible:
Always

Actual results:

Traceback shows  DB password

Expected results:

Traceback hides DB password

Additional info:
Exception Handler Information
Traceback (most recent call last):

File "/usr/share/rhn/server/apacheHandler.py", line 72, in headerParserHandler

    rhnSQL.initDB()
  File "/usr/share/rhn/server/rhnSQL/__init__.py", line 98, in initDB
    __init__DB(backend, host, port, username, password, database)
  File "/usr/share/rhn/server/rhnSQL/__init__.py", line 59, in __init__DB
    __DB.check_connection()

File "/usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py", line 445, in check_connection

    self.connect() # only allow one try

File "/usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py", line 336, in connect

    raise apply(sql_base.SQLConnectError, err_args)

SQLConnectError: (1034, 'ORA-01034: ORACLE not available\nORA-27101: shared memory realm does not exist\nLinux-x86_64 Error: 2: No such file or directory\n', 'RHNPROD', 'Connection_Connect(): begin session')

Local variables by frame

Frame connect in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 336 e = <type 'instance'> ORA-01034: ORACLE not available

ORA-27101: shared memory realm does not exist
Linux-x86_64 Error: 2: No such file or directory

                       errno = <type 'int'> 1034

self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x2aeca6361950> ret = <type 'tuple'> (1034, 'ORA-01034: ORACLE not available\nORA-27101: shared memory realm does no t exist\nLinux-x86_64 Error: 2: No such file or directory\n', 'Connection_Connect(): begin session')

errmsg = <type 'str'> ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist
Linux-x86_64 Error: 2: No such file or directory



Frame check_connection in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 445 h = <type 'instance'> <__builtin__.OracleCursor on <cx_Oracle.Connection to RHNSAT RHNPROD>> self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x2aeca6361950>

Frame __init__DB in /usr/share/rhn/server/rhnSQL/__init__.py at line 59
                    username = <type 'str'> RHNSAT
                    database = <type 'str'> RHNPROD
                        host = <type 'str'> localhost
                    password = <type 'str'> S3cr3tP4S5
                        port = <type 'NoneType'> None
                     backend = <type 'str'> oracle

Frame initDB in /usr/share/rhn/server/rhnSQL/__init__.py at line 104
                    username = <type 'str'> RHNSAT
                        temp = <type 'str'> S3cr3tP4S5 RHNPROD
                    database = <type 'str'> RHNPROD
                         dsn = <type 'str'> <CENSORED!>
                        host = <type 'str'> localhost
                    password = <type 'str'> S3cr3tP4S5
                        port = <type 'NoneType'> None
Comment 4 Michael Mráka 2011-01-20 04:28:41 EST
It should be fixed in spacewalk git by
commit cf722531cf89fb6f1c04b63f0dcb3ae4190e0df6
    hide cleartext password from traceback

Fixed in spacewalk package spacewalk-backend-1.3.37-1.
Comment 6 Jiri Kastner 2011-03-25 06:29:05 EDT
Frame connect in /usr/share/rhn/server/rhnSQL/driver_cx_Oracle.py at line 385
                           e = <type 'instance'> ORA-01017: invalid username/password; logon denied
  
                       errno = <type 'int'> 1017
                        self = <type 'instance'> <server.rhnSQL.driver_cx_Oracle.Database instance at 0x9df664c>
                         ret = <type 'tuple'> (1017, 'ORA-01017: invalid username/password; logon denied\n', 'Connection_Connect(): begin session')
                   reconnect = <type 'int'> 1
                    err_args = <type 'list'> ['<CENSORED!>', 1017, 'ORA-01017: invalid username/password; logon denied\n', 'Connection_Connect(): begin session']
                      errmsg = <type 'str'> ORA-01017: invalid username/password; logon denied


Frame __init__DB in /usr/share/rhn/server/rhnSQL/__init__.py at line 52
                    username = <type 'str'> <CENSORED!>an
                    db_class = <type 'classobj'> server.rhnSQL.driver_cx_Oracle.Database
                    database = <type 'str'> <CENSORED!>
                        host = <type 'str'> localhost
                    password = <type 'str'> <CENSORED!>
                        port = <type 'NoneType'> None
                     backend = <type 'str'> oracle

Frame initDB in /usr/share/rhn/server/rhnSQL/__init__.py at line 127
                    username = <type 'str'> <CENSORED!>an
                    database = <type 'str'> <CENSORED!>
                         dsn = <type 'str'> <CENSORED!>
                        host = <type 'str'> localhost
                    password = <type 'str'> <CENSORED!>
                        port = <type 'NoneType'> None
                     backend = <type 'str'> oracle
Comment 9 errata-xmlrpc 2011-03-28 05:32:23 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0387.html

Note You need to log in before you can comment on or make changes to this bug.