Open Stack

Reviewed:  https://review.openstack.org/97305
Committed: https://git.openstack.org/cgit/openstack/oslo-incubator/commit/?id=5e3d3a544f803c453cb86a7df04becd6a7b1a4c3
Submitter: Jenkins
Branch:    master

commit 5e3d3a544f803c453cb86a7df04becd6a7b1a4c3
Author: Brad Pokorny <bpokorny at us.ibm.com>
Date:   Mon Jun 2 18:06:37 2014 +0000

    Mask passwords included without quotes at the ends of commands
    
    The current password masking doesn't scrub passwords from commands
    in the case where the password doesn't have quotes around it and
    the password is the last string in the command.  This commit updates
    one of the regular expressions to catch this case.
    
    Adds tests to ensure passwords at the ends of commands are properly
    sanitized.
    
    Change-Id: Id57a0cb05cd76ef8c26def738305ade6b085aaa7
    Closes-Bug: #1320028


** Changed in: oslo
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1320028

Title:
  libvirt volume.py's _run_iscsiadm function logs iscsi
  node.session.auth.password if debug

Status in OpenStack Compute (Nova):
  In Progress
Status in Oslo - a Library of Common OpenStack Code:
  Fix Committed

Bug description:
  If debug logging is enabled, the  _run_iscsiadm function in volume.py
  logs the iscsi node.session.auth.password in plain text.

  2014-05-13 08:12:21.915 29013 DEBUG nova.virt.libvirt.volume [req-
  d21bb680-feb9-4242-9d18-057af79d26e8 0
  3112d0d7268b458bb5c997c33cd8a8c0] iscsiadm ('--op', 'update', '-n',
  'node.session.auth.password', '-v', u'password'): stdout= stderr=
  _run_iscsiadm /usr/lib/python2.7/site-
  packages/nova/virt/libvirt/volume.py:248

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1320028/+subscriptions