Make sure the nolog argument to ipautil.run is not a bare string

ipautil.run expects a tuple of passwords for nolog; passing a
single string causes all individual letters from that string to
be replaced by Xes.

This fixes such a call, and adds a sanity check to ipautil.run
that prevents lone strings from being used in nolog.

https://fedorahosted.org/freeipa/ticket/2419

2 files changed, 9 insertions, 1 deletions

diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 3cb3683b8..20f7578ce 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -241,6 +241,14 @@ def run(args, stdin=None, raiseonerr=True,
     p_out = None
     p_err = None
 
+    if isinstance(nolog, basestring):
+        # We expect a tuple (or list, or other iterable) of nolog strings.
+        # Passing just a single string is bad: strings are also, so this
+        # would result in every individual character of that string being
+        # replaced by XXXXXXXX.
+        # This is a sanity check to prevent that.
+        raise ValueError('nolog must be a tuple of strings.')
+
     if env is None:
         # copy default env
         env = copy.deepcopy(os.environ)
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index 75907174f..02890ac96 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -305,7 +305,7 @@ class KrbInstance(service.Service):
             self.master_password + '\n',
         )
         try:
-            ipautil.run(args, nolog=(self.master_password), stdin=''.join(dialogue))
+            ipautil.run(args, nolog=(self.master_password,), stdin=''.join(dialogue))
         except ipautil.CalledProcessError, e:
             print "Failed to initialize the realm container"