868988 – rhevm-installation: during upgrade I can see the db password in the install log

Bug 868988 - rhevm-installation: during upgrade I can see the db password in the install log

Summary: rhevm-installation: during upgrade I can see the db password in the install log

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-setup
Sub Component:
Version:	3.0.7
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Kiril Nesenko
QA Contact:	Tareq Alayan
Docs Contact:
URL:
Whiteboard:	integration
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-10-22 16:39 UTC by Dafna Ron
Modified:	2014-07-11 00:09 UTC (History)
CC List:	8 users (show)
Fixed In Version:	si23
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-12-04 20:02:23 UTC
oVirt Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
upgrade log (23.88 KB, application/x-xz) 2012-10-22 16:39 UTC, Dafna Ron	no flags	Details
View All

Description Dafna Ron 2012-10-22 16:39:43 UTC

Created attachment 631633 [details]
upgrade log

Description of problem:

when we run command: 

2012-10-22 18:00:36::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '<MYPASSWORD>'

the log shows the db password in clear text. 

Version-Release number of selected component (if applicable):

3.0 -> si21.1

How reproducible:

100%

Steps to Reproduce:
1. upgrade 3.0 setup to si21.1
2.
3.
  
Actual results:

'/usr/bin/psql -U postgres -c ALTER ROLE engine WITH ENCRYPTED PASSWORD shows db password in clear test

Expected results:

password should be hidden

Additional info: full log

Comment 3 Tareq Alayan 2012-11-11 12:09:04 UTC

verified: in upgrade log we cannot see password on plain text: 

2012-11-07 18:23:55::DEBUG::common_utils::342::root:: retcode = 0
2012-11-07 18:23:55::DEBUG::common_utils::302::root:: Executing command --> '/usr/bin/psql -U ******** -c ALTER ROLE engine WITH ENCRYPTED PASSWORD '********';'
2012-11-07 18:23:55::DEBUG::common_utils::340::root:: output = ALTER ROLE

Note You need to log in before you can comment on or make changes to this bug.