From 99da0d88f066826fc33562045d47f6cc760633b5 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Mon, 15 Mar 2010 17:06:24 -0400 Subject: Provide mechanism in ipautil.run() to not log all arguments. This is primarily designed to not log passwords but it could have other uses. 567867 --- ipapython/ipautil.py | 35 ++++++++++++++++++++++++++++++++++- ipaserver/install/cainstance.py | 11 ++++++++++- 2 files changed, 44 insertions(+), 2 deletions(-) diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 7c41d787..efc7e028 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -89,7 +89,32 @@ def write_tmp_file(txt): return fd -def run(args, stdin=None, raiseonerr=True): +def run(args, stdin=None, raiseonerr=True, nolog=()): + """ + Execute a command and return stdin, stdout and the process return code. + + args is a list of arguments for the command + + stdin is used if you want to pass input to the command + + raiseonerr raises an exception if the return code is not zero + + nolog is a tuple of tuple values that describes things in the argument + list that shouldn't be logged, like passwords. Each tuple consists of + a value to search for in the argument list and an offset from this + location to set to XXX. + + For example, the command ['/usr/bin/setpasswd', '--password', 'Secret123', 'someuser'] + + We don't want to log the password so nolog would be set to: + (('--password', 1),) + + The resulting log output would be: + + /usr/bin/setpasswd --password XXXXXXXX someuser + + If an argument isn't found in the list it is silently ignored. + """ if stdin: p = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) stdout,stderr = p.communicate(stdin) @@ -97,6 +122,14 @@ def run(args, stdin=None, raiseonerr=True): p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) stdout,stderr = p.communicate() + # The command may include passwords that we don't want to log. Run through + # the nolog items + for (item, offset) in nolog: + try: + item_offset = args.index(item) + offset + args[item_offset] = 'XXXXXXXX' + except ValueError: + pass logging.info('args=%s' % ' '.join(args)) logging.info('stdout=%s' % stdout) logging.info('stderr=%s' % stderr) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 585bccef..aedee8cf 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -614,8 +614,17 @@ class CAInstance(service.Service): args.append("-clone") args.append("false") + # Define the things we don't want logged + nolog = (('-client_certdb_pwd', 1), + ('-admin_password', 1), + ('-bind_password', 1), + ('-backup_pwd', 1), + ('-clone_p12_password', 1), + ('-sd_admin_password', 1), + ) + logging.debug(args) - ipautil.run(args) + ipautil.run(args, nolog=nolog) if self.external == 1: print "The next step is to get %s signed by your CA and re-run ipa-server-install as:" % self.csr_file -- cgit