summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-07-12 10:02:09 +0200
committerMartin Kosek <mkosek@redhat.com>2011-07-13 15:16:24 +0200
commit02520ab98c5c5614c4b11f1a7c35a2f14001dc06 (patch)
tree02fe1ddfc70e05a5e5a1064ecbd752e5491d4d01 /ipaserver
parent0cb65fd9f6865d606625ddb16206090779462c1f (diff)
downloadfreeipa-02520ab98c5c5614c4b11f1a7c35a2f14001dc06.zip
freeipa-02520ab98c5c5614c4b11f1a7c35a2f14001dc06.tar.gz
freeipa-02520ab98c5c5614c4b11f1a7c35a2f14001dc06.tar.xz
Remove sensitive information from logs
When -w/--password option is passed to ipa-replica-install it is printed to ipareplica-install.log. Make sure that the value of this option is hidden. https://fedorahosted.org/freeipa/ticket/1378
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/replication.py7
1 files changed, 4 insertions, 3 deletions
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
index fddb737..22d4e1a 100644
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -55,15 +55,16 @@ def replica_conn_check(master_host, host_name, realm, check_ca,
"--auto-master-check", "--realm", realm,
"--principal", "admin",
"--hostname", host_name]
+ nolog=tuple()
if admin_password:
args.extend(["--password", admin_password])
+ nolog=(admin_password,)
if check_ca:
args.append('--check-ca')
- logging.debug("Running ipa-replica-conncheck with following arguments: %s" %
- " ".join(args))
- (stdin, stderr, returncode) = ipautil.run(args,raiseonerr=False, capture_output=False)
+ (stdin, stderr, returncode) = ipautil.run(args,raiseonerr=False,capture_output=False,
+ nolog=nolog)
if returncode != 0:
sys.exit("Connection check failed!" +