Uploaded image for project: 'Product Technical Learning'
  1. Product Technical Learning
  2. PTL-5246

RH294-133: ch04s05: Handling Task Failure needs a note with the example

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Major Major
    • RH294 - RHEL9.0-en-1-20221012
    • RH294 - RHEL 8.4 1 20210818, RH294 - RHEL 8 0
    • RH294
    • None
    • 4
    • ROLE
    • en-US (English)

      URL: https://role.rhu.redhat.com/rol-rhu/app/courses/rh294-8.4/pages/ch04s05
      Reporter RHNID: ctimko, msameer-admin
      Section: ch04s05 - Handling Task Failure
      Language: en-US (English)||||||||
      Workaround:

      Description: RH294, https://role.rhu.redhat.com/rol-rhu/app/courses/rh294-8.4/pages/ch04s05
      uses the following example:

      - name: get Kerberos credentials as "admin"
  shell: echo "{{ krb_admin_pass }}" | kinit -f admin
  changed_when: false

      While I understand the intent as an example, this echo will show up in the process listing with the password visible to all users of the system. There should be a note to the user that this is an example, and that this shouldn't be the chosen method in production as there is a serious risk that unauthorized users may be able to obtain the password and authenticate against kerberos as an admin.

      This section is covered in v8.0 as well
      https://role.rhu.redhat.com/rol-rhu/app/courses/rh294-8.0/pages/ch05s05

              rht-sbonnevi Steven Bonneville
              msameer-admin Mohammed Sameer (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: