Aug 23 13:07:57 ubuntu nova-novncproxy[665]: DEBUG nova.objects.console_auth_token [None req-708425cd-0340-4d2f-a245-b19e8a381d6e None None] Validated token - console connection is ConsoleAuthToken(access_url_base='http://100.109.0.4:6080/vnc_lite.html',console_type='novnc',created_at=2019-08-23T13:07:03Z,host='127.0.0.1',id=1,instance_uuid=143433d6-693b-4c80-856f-ce57278a13eb,internal_access_path=None,port=5900,token='***',updated_at=None) {{(pid=8414) validate /opt/stack/nova/nova/objects/console_auth_token.py:164}}
Aug 23 13:07:57 ubuntu nova-novncproxy[665]: DEBUG oslo_concurrency.lockutils [None req-708425cd-0340-4d2f-a245-b19e8a381d6e None None] Acquired lock "compute-rpcapi-router" {{(pid=8414) lock /usr/local/lib/python3.6/dist-packages/oslo_concurrency/lockutils.py:265}}
Aug 23 13:07:57 ubuntu nova-novncproxy[665]: DEBUG oslo_concurrency.lockutils [None req-708425cd-0340-4d2f-a245-b19e8a381d6e None None] Releasing lock "compute-rpcapi-router" {{(pid=8414) lock /usr/local/lib/python3.6/dist-packages/oslo_concurrency/lockutils.py:281}}
Aug 23 13:07:57 ubuntu nova-novncproxy[665]: INFO nova.console.websocketproxy [None req-708425cd-0340-4d2f-a245-b19e8a381d6e None None] 8: connect info: {'token': ('534104fe-505e-48c7-afe8-64dc26043a7e',), 'instance_uuid': '143433d6-693b-4c80-856f-ce57278a13eb', 'console_type': 'novnc', 'host': '127.0.0.1', 'port': 5900, 'internal_access_path': None, 'access_url': 'http://100.109.0.4:6080/vnc_lite.html?path=%3Ftoken%3D534104fe-505e-48c7-afe8-64dc26043a7e'}
The first log in the above snippet hides the token with '***' but the last log line still contains the token. The token feels like sensitive information so it should not be logged.
Seen in Devstack with Nova hash 83b415041ba9ccd5b92667bfc95b6b9b003fa283
If this is marked private + security I'm not sure a public patch should have been posted for it already:
https:/ /review. opendev. org/#/c/ 678234/
Given it's related to https:/ /bugs.launchpad .net/nova/ +bug/1197459 which is public and marked as won't fix for the OSSA I'm not sure how this is different.
Also, I'm pretty sure this is a duplicate of https:/ /bugs.launchpad .net/nova/ +bug/1492140 which has had a fix up for a long time: https:/ /review. opendev. org/#/c/ 220622/
So maybe just take that over instead?