From 6cf993a6e5da252525d55374b984fe76e688ff51 Mon Sep 17 00:00:00 2001
From: Sandro Bonazzola <sbonazzo redhat com>
Date: Tue, 16 Dec 2014 12:34:24 +0000
Subject: [PATCH 29/93] [ovirt] remove password leak from engine setup answer
file
Signed-off-by: Sandro Bonazzola <sbonazzo@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
---
sos/plugins/ovirt.py | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/sos/plugins/ovirt.py b/sos/plugins/ovirt.py
index 6e3a092..638a07b 100644
--- a/sos/plugins/ovirt.py
+++ b/sos/plugins/ovirt.py
@@ -197,5 +197,20 @@ class Ovirt(Plugin, RedHatPlugin):
r'{key}=********'.format(key=key)
)
+ # Answer files contain passwords
+ for key in (
+ 'OVESETUP_CONFIG/adminPassword',
+ 'OVESETUP_CONFIG/remoteEngineHostRootPassword',
+ 'OVESETUP_DWH_DB/password',
+ 'OVESETUP_DB/password',
+ 'OVESETUP_REPORTS_CONFIG/adminPassword',
+ 'OVESETUP_REPORTS_DB/password',
+ ):
+ self.do_path_regex_sub(
+ r'/var/lib/ovirt-engine/setup/answers/.*',
+ r'{key}=(.*)'.format(key=key),
+ r'{key}=********'.format(key=key)
+ )
+
# vim: expandtab tabstop=4 shiftwidth=4
--
1.9.3