Description of problem: creating a user displays password in plain text in the pulp.log Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. create a user with password 2. tail the log 3. Actual results: [root@pulp-f16 ~]# pulp-admin user create --login test --password redhat User [test] successfully created From the log 2012-07-24 13:53:28,725 13584:140275870033664: pulp.server.webservices.controllers.users:INFO: users:62 $$$$$$$$$$$ test : test 2012-07-24 13:53:28,887 13584:140275529664256: pulp.server.dispatch.task:INFO: task:148 Task 7984be35-d5b8-11e1-8896-5452007c4f00: CallRequest: UserManager.create_user(u'test', u'redhat', u'test', None) SUCCEEDED Expected results: Additional info:
Jason - Not sure what we can do about this, but this is bad. Any ideas?
Added a flag to obfuscate the args and kwargs when logging, printing, etc the str representation of a call_request Fix pushed in: master: 7a64ecbf7b822fad50eaedb0bfb3eb3e814265d6 pulp_CR-1_patches: 9e6c9e1617095de72a12fa1e7e14f0e297f01bf4
build: 0.318.
verified [root@preethi-el6-pulp ~]# rpm -q pulp-rpm-server pulp-rpm-server-0.0.318-1.el6.noarch [root@preethi-el6-pulp ~]# [root@preethi-el6-pulp ~]# pulp-admin user create --login preethi --pass redhat User [preethi] successfully created From pulp.log 2012-07-25 09:06:42,289 17816:140680542246656: pulp.server.dispatch.task:INFO: task:148 Task 93f9f438-d659-11e1-9729-525400c5886c: CallRequest: UserManager.create_user(**OBFUSCATED**, **OBFUSCATED**, **OBFUSCATED**, **OBFUSCATED**) SUCCEEDED
Pulp 2.0 released.