diff options
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/krbinstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/service.py | 7 |
2 files changed, 7 insertions, 2 deletions
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index d89ad0b33..e7c111637 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -335,7 +335,7 @@ class KrbInstance(service.Service): #populate the directory with the realm structure args = ["kdb5_ldap_util", "-D", "uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"] try: - ipautil.run(args) + ipautil.run(args, nolog=(self.kdc_password, self.master_password)) except ipautil.CalledProcessError, e: print "Failed to populate the realm structure in kerberos", e diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 27c55618e..ef3becdf3 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -124,12 +124,17 @@ class Service: fd = None path = ipautil.SHARE_DIR + ldif hostname = installutils.get_fqdn() + nologlist=() if sub_dict is not None: txt = ipautil.template_file(path, sub_dict) fd = ipautil.write_tmp_file(txt) path = fd.name + # do not log passwords + if sub_dict.has_key('PASSWORD'): + nologlist = sub_dict['PASSWORD'], + if self.dm_password: [pw_fd, pw_name] = tempfile.mkstemp() os.write(pw_fd, self.dm_password) @@ -143,7 +148,7 @@ class Service: try: try: - ipautil.run(args) + ipautil.run(args, nolog=nologlist) except ipautil.CalledProcessError, e: logging.critical("Failed to load %s: %s" % (ldif, str(e))) finally: |