Canonical Juju

juju logging of crossmodel relations leaks secrets

Bug #1884670 reported by Haw Loeung on 2020-06-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Confirmed	Low	Unassigned

Bug Description

Hi,

Juju cross-model relations logging leaks secrets, example:

| 2020-06-22 21:18:02 DEBUG juju.apiserver.common.crossmodel crossmodel.go:168 postgresql/3 updated settings (map[allowed-subnets:10.25.0.0/22 allowed-units:remote-c22abYYYYYYY/65 remote-c22abYYYYYYY/67 database:mydb egress-subnets:10.25.0.6/32 host:10.25.0.6 ingress-address:10.25.0.6 master:dbname=mydb host=10.25.0.5 password=XXXXXXXXXXX port=5432 user=juju_remote-c22abYYYYYYY password:XXXXXXXXXXX port:5432 private-address:10.25.0.6 schema_password:XXXXXXXXXXX schema_user:juju_remote-c22abYYYYYYY standbys:dbname=mydb host=10.25.0.6 password=XXXXXXXXXXX port=5432 user=juju_remote-c22abYYYYYYY state:hot standby user:juju_remote-c22abYYYYYYY version:12])

Tags:

Revision history for this message

Ian Booth (wallyworld) wrote on 2020-06-29:

Sadly, I think this can happen elsewhere too because we lack the schema support to allow attributes to be flagged as "secret".

Pen Gale (pengale) on 2020-10-26

Changed in juju:
status:	New → Confirmed
importance:	Undecided → Medium

Revision history for this message

Canonical Juju QA Bot (juju-qa-bot) wrote on 2022-11-03:

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance:	Medium → Low
tags:	added: expirebugs-bot

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.