diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2017-01-30 10:33:10 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-02-07 13:57:48 +0100 |
| commit | 054c1e013aee6fdbee2e9966c32df02d91f0c2c1 (patch) | |
| tree | 3265cdee0ed8a574cbbfc554207f544f00635a3c /ipaserver | |
| parent | bd83fdf51621fe777c1f7823dcb13c4dfa26fa8e (diff) | |
| download | freeipa-054c1e013aee6fdbee2e9966c32df02d91f0c2c1.tar.gz freeipa-054c1e013aee6fdbee2e9966c32df02d91f0c2c1.tar.xz freeipa-054c1e013aee6fdbee2e9966c32df02d91f0c2c1.zip | |
replica install: do not log host OTP
Do not log the value of the --password option of ipa-client-install when it
is run from ipa-replica-install before replica promotion.
https://fedorahosted.org/freeipa/ticket/6633
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Abhijeet Kasurde <akasurde@redhat.com>
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/install/server/replicainstall.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 18222c80e..7d7a4996f 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -876,6 +876,7 @@ def ensure_enrolled(installer): args = [paths.IPA_CLIENT_INSTALL, "--unattended", "--no-ntp"] stdin = None + nolog = [] if installer.domain_name: args.extend(["--domain", installer.domain_name]) @@ -888,6 +889,7 @@ def ensure_enrolled(installer): if installer.password: args.extend(["--password", installer.password]) + nolog.append(installer.password) else: if installer.admin_password: # Always set principal if password was set explicitly, @@ -908,7 +910,7 @@ def ensure_enrolled(installer): if installer.mkhomedir: args.append("--mkhomedir") - ipautil.run(args, stdin=stdin, redirect_output=True) + ipautil.run(args, stdin=stdin, nolog=nolog, redirect_output=True) print() except Exception: raise ScriptError("Configuration of client side components failed!") |