diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-08-31 16:50:47 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-08-31 16:50:47 -0400 |
commit | e05400dad83adabe09e57e9eb04b718c01019e32 (patch) | |
tree | 8e5a2a79cd798912988971df6ce943b2d3d2f46c | |
parent | 99399cc7073204bb125d0f8c848ae9e1ab9b334f (diff) | |
download | freeipa-e05400dad83adabe09e57e9eb04b718c01019e32.tar.gz freeipa-e05400dad83adabe09e57e9eb04b718c01019e32.tar.xz freeipa-e05400dad83adabe09e57e9eb04b718c01019e32.zip |
Remove passwords when running commands including stdout and stderr
This replaces the old no logging mechanism that only handled not logging
passwords passed on the command-line. The dogtag installer was including
passwords in the output.
This also adds no password logging to the sslget invocations and removes
a couple of extraneous log commands.
ticket 156
-rw-r--r-- | ipapython/ipautil.py | 29 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 15 |
2 files changed, 16 insertions, 28 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index e7bcbc046..3f8bba902 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -99,21 +99,19 @@ def run(args, stdin=None, raiseonerr=True, nolog=()): raiseonerr raises an exception if the return code is not zero - nolog is a tuple of tuple values that describes things in the argument - list that shouldn't be logged, like passwords. Each tuple consists of - a value to search for in the argument list and an offset from this - location to set to XXX. + nolog is a tuple of strings that shouldn't be logged, like passwords. + Each tuple consists of a string to be replaced by XXXXXXXX. For example, the command ['/usr/bin/setpasswd', '--password', 'Secret123', 'someuser'] We don't want to log the password so nolog would be set to: - (('--password', 1),) + ('Secret123',) The resulting log output would be: /usr/bin/setpasswd --password XXXXXXXX someuser - If an argument isn't found in the list it is silently ignored. + If an value isn't found in the list it is silently ignored. """ if stdin: p = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) @@ -122,20 +120,19 @@ def run(args, stdin=None, raiseonerr=True, nolog=()): p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) stdout,stderr = p.communicate() - # The command may include passwords that we don't want to log. Run through - # the nolog items - for (item, offset) in nolog: - try: - item_offset = args.index(item) + offset - args[item_offset] = 'XXXXXXXX' - except ValueError: - pass - logging.info('args=%s' % ' '.join(args)) + # The command and its output may include passwords that we don't want + * to log. Run through the nolog items. + args = ' '.join(args) + for value in nolog: + args = args.replace(value, 'XXXXXXXX') + stdout = stdout.replace(value, 'XXXXXXXX') + stderr = stderr.replace(value, 'XXXXXXXX') + logging.info('args=%s' % args) logging.info('stdout=%s' % stdout) logging.info('stderr=%s' % stderr) if p.returncode != 0 and raiseonerr: - raise CalledProcessError(p.returncode, ' '.join(args)) + raise CalledProcessError(p.returncode, args) return (stdout, stderr, p.returncode) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 6babd440f..d356ef82d 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -580,15 +580,8 @@ class CAInstance(service.Service): args.append("false") # Define the things we don't want logged - nolog = (('-client_certdb_pwd', 1), - ('-admin_password', 1), - ('-bind_password', 1), - ('-backup_pwd', 1), - ('-clone_p12_password', 1), - ('-sd_admin_password', 1), - ) + nolog = (self.admin_password, self.dm_password,) - logging.debug(args) ipautil.run(args, nolog=nolog) if self.external == 1: @@ -682,8 +675,7 @@ class CAInstance(service.Service): '-r', '/ca/agent/ca/profileReview?requestId=%s' % self.requestId, '%s:%d' % (self.host_name, AGENT_SECURE_PORT), ] - logging.debug("running sslget %s" % args) - (stdout, stderr, returncode) = ipautil.run(args) + (stdout, stderr, returncode) = ipautil.run(args, nolog=(self.admin_password,)) data = stdout.split('\r\n') params = get_defList(data) @@ -703,8 +695,7 @@ class CAInstance(service.Service): '-r', '/ca/agent/ca/profileProcess', '%s:%d' % (self.host_name, AGENT_SECURE_PORT), ] - logging.debug("running sslget %s" % args) - (stdout, stderr, returncode) = ipautil.run(args) + (stdout, stderr, returncode) = ipautil.run(args, nolog=(self.admin_password,)) data = stdout.split('\r\n') outputList = get_outputList(data) |