Don't log one-time password in logs when configuring client.

https://fedorahosted.org/freeipa/ticket/1801
author: Rob Crittenden <rcritten@redhat.com> 2011-09-22 11:52:58 -0400
committer: Martin Kosek <mkosek@redhat.com> 2011-09-23 15:31:58 +0200
commit: ad37727150abecb19a55fe7ae18bccb3a63052b9 (patch)
tree: 2032a5bf2890419f387fc85977f4bf81ceebce91 /ipa-client
parent: e254ea5d30d6030dcce99835f42ad956f5b9574b (diff)
download: freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.tar.gz
freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.tar.xz
freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.zip
1 files changed, 5 insertions, 4 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 44c2f5fbc..21643cdcd 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -23,17 +23,15 @@ try:
     import sys
 
     import os
-    import stat
     import time
     import socket
     import logging
     import tempfile
     import getpass
-    import re
     from ipaclient import ipadiscovery
     import ipaclient.ipachangeconf
     import ipaclient.ntpconf
-    from ipapython.ipautil import run, user_input, CalledProcessError, file_exists, install_file
+    from ipapython.ipautil import run, user_input, CalledProcessError, file_exists
     import ipapython.services as ipaservices
     from ipapython import ipautil
     from ipapython import dnsclient
@@ -888,6 +886,7 @@ def install(options, env, fstore, statestore):
         return CLIENT_INSTALL_ERROR
 
     if not options.on_master:
+        nolog = tuple()
         # First test out the kerberos configuration
         try:
             (krb_fd, krb_name) = tempfile.mkstemp()
@@ -929,6 +928,7 @@ def install(options, env, fstore, statestore):
                     print stdout
                     return CLIENT_INSTALL_ERROR
             elif options.password:
+                nolog = (options.password,)
                 join_args.append("-w")
                 join_args.append(options.password)
             elif options.prompt_password:
@@ -938,9 +938,10 @@ def install(options, env, fstore, statestore):
                 password = getpass.getpass("Password: ")
                 join_args.append("-w")
                 join_args.append(password)
+                nolog = (password,)
 
             # Now join the domain
-            (stdout, stderr, returncode) = run(join_args, raiseonerr=False, env=env)
+            (stdout, stderr, returncode) = run(join_args, raiseonerr=False, env=env, nolog=nolog)
 
             if returncode != 0:
                 print >>sys.stderr, "Joining realm failed: %s" % stderr,
author	Rob Crittenden <rcritten@redhat.com>	2011-09-22 11:52:58 -0400
committer	Martin Kosek <mkosek@redhat.com>	2011-09-23 15:31:58 +0200
commit	ad37727150abecb19a55fe7ae18bccb3a63052b9 (patch)
tree	2032a5bf2890419f387fc85977f4bf81ceebce91 /ipa-client
parent	e254ea5d30d6030dcce99835f42ad956f5b9574b (diff)
download	freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.tar.gz freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.tar.xz freeipa-ad37727150abecb19a55fe7ae18bccb3a63052b9.zip