Karbor

Karbor logs rabbitmq password on connection log

Bug #1859540 reported by wangyu on 2020-01-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Karbor	Fix Released	Undecided	Unassigned

Bug Description

Karbor may log rabbitmq password on connection when DEBUG is on.

Example on karbor-protection and karbor-operationengine log after enabling DEBUG:

2020-01-13 20:56:20.138 49854 DEBUG karbor.service [-] transport_url : rabbit://openstack:RABBIT_PASS@controller wait /usr/lib/python2.7/site-packages/karbor/service.py:425

In a production environment, this is pretty bad.

This bug report is similar to another cinder bug: https://bugs.launchpad.net/cinder/+bug/1750074

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-04-08: Fix merged to karbor (master)

Reviewed: https://review.opendev.org/702326
Committed: https://git.openstack.org/cgit/openstack/karbor/commit/?id=a0415ae7f54293a93366d979811331489282474c
Submitter: Zuul
Branch: master

commit a0415ae7f54293a93366d979811331489282474c
Author: wangyu <email address hidden>
Date: Tue Jan 14 10:33:38 2020 +0800

Remove password display for rabbitmq on connection log

    When start karbor-protection and karbor-operationengine service,
    Karbor will log rabbitmq password if debug is enabled. In a
    production environment, this is pretty bad. This patch will fix it.

Change-Id: I11bd6db001739869fc6cddd005c9990d2943b809
Closes-Bug: #1859540

Changed in karbor:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.