Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-121515

[foreman_installer] Scrub non-alphanumeric passwords in installer logs

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • rhel-8.10.z, rhel-9.2.0.z, rhel-9.4.z, rhel-9.6.z, rhel-9.7.z, rhel-10.1.z, rhel-9.8, rhel-10.2
    • sos
    • None
    • None
    • Low
    • rhel-sst-cee-supportability
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      \w* for password detection is too strict, as passwords can have non-alphanumeric chars as well.

      Also try to prevent applying the scrubbing to strings like

      .. "md5", "password", "scram-sha-256", ..

              rhn-support-jjansky Jan Jansky
              rhn-support-jjansky Jan Jansky
              se cee-supportability se cee-supportability
              RHEL Supportability QE Bot RHEL Supportability QE Bot
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: