Open Stack

Reviewed:  https://review.openstack.org/39436
Committed: http://github.com/openstack/oslo-incubator/commit/3f2f70e0785e11434f6f863ce8eacc1b0ef1782d
Submitter: Jenkins
Branch:    master

commit 3f2f70e0785e11434f6f863ce8eacc1b0ef1782d
Author: Zhongyue Luo <zhongyue.nah at intel.com>
Date:   Wed Jul 31 16:46:00 2013 +0800

    Helper function to sanitize db url credentials
    
    The database url is sanitized in logfiles because of security issues.
    However the connected url itself is useful information to devs and admins.
    This patch provides a helper function to sanitize only the credentials
    in a database url. All projects must process the CONF.database.connection
    value using "sanitize_db_url" when updating the db package
    
    Fixes bug #1076833
    
    Change-Id: Id6cf7b120ef6c3fcda7f33fd26676b62a4475bb2


** Changed in: oslo
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1076833

Title:
  Allow sql password to be configured separately from sql_connection

Status in Oslo - a Library of Common OpenStack Code:
  Fix Committed

Bug description:
  Can we use the nova's way to deal with sql connection value?
          LOG.debug(_('Full set of FLAGS:'))
          for flag in FLAGS:
              flag_get = FLAGS.get(flag, None)
              # hide flag contents from log if contains a password
              # should use secret flag when switch over to openstack-common
              if ("_password" in flag or "_key" in flag or
                      (flag == "sql_connection" and "mysql:" in flag_get)):
                  LOG.debug(_('%(flag)s : FLAG SET ') % locals())
              else:
                  LOG.debug('%(flag)s : %(flag_get)s' % locals())

To manage notifications about this bug go to:
https://bugs.launchpad.net/oslo/+bug/1076833/+subscriptions