summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/pkidestroy
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-11-28 09:27:16 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-11-30 15:10:31 -0500
commit719478fd34077fcbf1b6c6ad201c36ff57983490 (patch)
treedd8f1cad6df0d45547111b9e46682975518c1a46 /base/deploy/src/pkidestroy
parentcef7a7704f9f4b48c0a9b242fabd3a919f2068d5 (diff)
downloadpki-719478fd34077fcbf1b6c6ad201c36ff57983490.tar.gz
pki-719478fd34077fcbf1b6c6ad201c36ff57983490.tar.xz
pki-719478fd34077fcbf1b6c6ad201c36ff57983490.zip
Reorganized sensitive parameters.
Previously sensitive parameters are stored in the Sensitive section in the configuration file, separate from the hierarchical structure used by non-sensitive parameters. To allow defining multiple subsystems in a single configuration file the sensitive and non-sensitive parameters have been reorganized into the same hierarchical structure. To maintain the security a new meta-parameter has been added to list all sensitive parameter names. This way the deployment code will know whether a parameter is sensitive, which then will mask the value before displaying it to the screen or storing it in a log file. Ticket #399
Diffstat (limited to 'base/deploy/src/pkidestroy')
-rwxr-xr-xbase/deploy/src/pkidestroy22
1 files changed, 9 insertions, 13 deletions
diff --git a/base/deploy/src/pkidestroy b/base/deploy/src/pkidestroy
index 1597712e1..88a47308f 100755
--- a/base/deploy/src/pkidestroy
+++ b/base/deploy/src/pkidestroy
@@ -29,7 +29,6 @@ try:
import argparse
import logging
import os
- import pprint
import socket
import struct
import subprocess
@@ -88,9 +87,6 @@ def main(argv):
print log.PKI_SUBPROCESS_ERROR_1 % exc
sys.exit(1)
- # Initialize 'pretty print' for objects
- pp = pprint.PrettyPrinter(indent=4)
-
# Read and process command-line arguments.
parser = PKIConfigParser()
parser.process_command_line_arguments(argv)
@@ -116,36 +112,36 @@ def main(argv):
# Read the specified PKI configuration file.
rv = parser.read_pki_configuration_file()
if rv != 0:
- config.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv,
+ config.pki_log.error(log.PKI_UNABLE_TO_PARSE_1, rv,
extra=config.PKI_INDENTATION_LEVEL_0)
sys.exit(1)
else:
# NEVER print out 'sensitive' name/value pairs!!!
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_common_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_common_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_web_server_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_web_server_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_subsystem_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
# NEVER print out 'sensitive' name/value pairs!!!
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_common_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_common_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_web_server_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_web_server_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_subsystem_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
# Combine the various sectional dictionaries into a PKI master dictionary
@@ -154,7 +150,7 @@ def main(argv):
config.pki_log_name
config.pki_log.debug(log.PKI_DICTIONARY_MASTER,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_master_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_master_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
# Remove the specified PKI subsystem.
@@ -181,7 +177,7 @@ def main(argv):
sys.exit(1)
config.pki_log.debug(log.PKI_DICTIONARY_MASTER,
extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_master_dict),
+ config.pki_log.debug(pkilogging.format(config.pki_master_dict),
extra=config.PKI_INDENTATION_LEVEL_0)