diff options
| author | Joshua Harlow <harlowja@gmail.com> | 2013-01-07 10:57:08 -0500 |
|---|---|---|
| committer | Scott Moser <smoser@ubuntu.com> | 2013-01-07 10:57:08 -0500 |
| commit | de7442b73e79820ef1ab28799c31e19c1968e0d1 (patch) | |
| tree | 44e2321658338094e2a8d30e9fdebd515501642d | |
| parent | 3569e71a1579b97f4e33fb46ab3fcef08a4ddad4 (diff) | |
| parent | 15a33d190f2a9247accf8834b005521c615cb6b3 (diff) | |
| download | vyos-cloud-init-de7442b73e79820ef1ab28799c31e19c1968e0d1.tar.gz vyos-cloud-init-de7442b73e79820ef1ab28799c31e19c1968e0d1.zip | |
fix redaction of password field in log (LP: #1096417)
We were trying to avoid the user's password being written to the log, but that
was looking for the wrong option.
LP: #1096417
| -rw-r--r-- | ChangeLog | 1 | ||||
| -rw-r--r-- | cloudinit/distros/__init__.py | 18 |
2 files changed, 12 insertions, 7 deletions
@@ -13,6 +13,7 @@ settings (LP: #1090482) - fix CloudStack DataSource to use Virtual Router as found in /var/lib/dhcpclient rather than default gateway (LP: #1089989) + - fix redaction of password field in log (LP: #1096417) 0.7.1: - sysvinit: fix missing dependency in cloud-init job for RHEL 5.6 - config-drive: map hostname to local-hostname (LP: #1061964) diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py index 6a684b89..8a3e0570 100644 --- a/cloudinit/distros/__init__.py +++ b/cloudinit/distros/__init__.py @@ -297,22 +297,26 @@ class Distro(object): "no_create_home": "-M", } + redact_fields = ['passwd'] + # Now check the value and create the command for option in kwargs: value = kwargs[option] if option in adduser_opts and value \ and isinstance(value, str): adduser_cmd.extend([adduser_opts[option], value]) - - # Redact the password field from the logs - if option != "password": - x_adduser_cmd.extend([adduser_opts[option], value]) - else: + # Redact certain fields from the logs + if option in redact_fields: x_adduser_cmd.extend([adduser_opts[option], 'REDACTED']) - + else: + x_adduser_cmd.extend([adduser_opts[option], value]) elif option in adduser_opts_flags and value: adduser_cmd.append(adduser_opts_flags[option]) - x_adduser_cmd.append(adduser_opts_flags[option]) + # Redact certain fields from the logs + if option in redact_fields: + x_adduser_cmd.append('REDACTED') + else: + x_adduser_cmd.append(adduser_opts_flags[option]) # Default to creating home directory unless otherwise directed # Also, we do not create home directories for system users. |