Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-19241

fix: add no_log: true for tasks that can log secret data

XMLWordPrintable

    • rhel-system-roles-1.23.0-2.4.el9
    • sst_system_roles
    • 21
    • 26
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Red Hat Enterprise Linux
    • Bug Fix
    • Hide
      Cause: Some tasks handle secret data and log the contents.

      Consequence: The logs can show secret data if verbose logging
      is used.

      Fix: Add the `no_log: true` directive to tasks that can log
      secret data.

      Result: Secret data is not logged with verbose logging.

      Some of the tests use Ansible vault for passwords.

      Signed-off-by: Rich Megginson <rmeggins@redhat.com>
      Show
      Cause: Some tasks handle secret data and log the contents. Consequence: The logs can show secret data if verbose logging is used. Fix: Add the `no_log: true` directive to tasks that can log secret data. Result: Secret data is not logged with verbose logging. Some of the tests use Ansible vault for passwords. Signed-off-by: Rich Megginson < rmeggins@redhat.com >
    • Proposed

      Cause: Some tasks handle secret data and log the contents.

      Consequence: The logs can show secret data if verbose logging
      is used.

      Fix: Add the `no_log: true` directive to tasks that can log
      secret data.

      Result: Secret data is not logged with verbose logging.

      Some of the tests use Ansible vault for passwords.

      Signed-off-by: Rich Megginson <rmeggins@redhat.com>

            rmeggins@redhat.com Richard Megginson
            rmeggins@redhat.com Richard Megginson
            Richard Megginson Richard Megginson
            Jakub Haruda Jakub Haruda
            Gabriela Necasova Gabriela Necasova
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: