89b86368f8
Update sos in rawhide to the upstream 3.2 release and additional patches including the fix for CVE-2015-7529.
39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
From 0aec209ec6870c6ec3cbb6e2209d35adb2b62009 Mon Sep 17 00:00:00 2001
|
|
From: Sandro Bonazzola <sbonazzo redhat com>
|
|
Date: Tue, 16 Dec 2014 12:29:57 +0000
|
|
Subject: [PATCH] [ovirt] remove ovirt-engine setup answer file password leak
|
|
|
|
Signed-off-by: Sandro Bonazzola <sbonazzo@redhat.com>
|
|
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
|
|
---
|
|
sos/plugins/ovirt.py | 15 +++++++++++++++
|
|
1 file changed, 15 insertions(+)
|
|
|
|
diff --git a/sos/plugins/ovirt.py b/sos/plugins/ovirt.py
|
|
index b169b90..407c918 100644
|
|
--- a/sos/plugins/ovirt.py
|
|
+++ b/sos/plugins/ovirt.py
|
|
@@ -171,4 +171,19 @@ class Ovirt(Plugin, RedHatPlugin):
|
|
r'{key}=********'.format(key=key)
|
|
)
|
|
|
|
+ # Answer files contain passwords
|
|
+ for key in (
|
|
+ 'OVESETUP_CONFIG/adminPassword',
|
|
+ 'OVESETUP_CONFIG/remoteEngineHostRootPassword',
|
|
+ 'OVESETUP_DWH_DB/password',
|
|
+ 'OVESETUP_DB/password',
|
|
+ 'OVESETUP_REPORTS_CONFIG/adminPassword',
|
|
+ 'OVESETUP_REPORTS_DB/password',
|
|
+ ):
|
|
+ self.do_path_regex_sub(
|
|
+ r'/var/lib/ovirt-engine/setup/answers/.*',
|
|
+ r'{key}=(.*)'.format(key=key),
|
|
+ r'{key}=********'.format(key=key)
|
|
+ )
|
|
+
|
|
# vim: expandtab tabstop=4 shiftwidth=4
|
|
--
|
|
1.8.3.1
|
|
|