Skip to content

Commit

Permalink
Obscure root password if present in anacond-ks.cfg
Browse files Browse the repository at this point in the history 
Resolves: bz790402
  • Loading branch information
@bmr-cymru
bmr-cymru committed Mar 19, 2012
1 parent 0a6a018 commit a4a7942
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
3 changes: 3 additions & 0 deletions sos/plugins/anaconda.py
View file
Expand Up @@ -32,3 +32,6 @@ def setup(self):
self.addCopySpec("/var/log/anaconda.xlog")
return

def postproc(self):
self.doRegexSub("/root/anaconda-ks.cfg", r"(\s*rootpw\s*).*", r"\1*** PASSWORD ELIDED ***")
return
1 change: 0 additions & 1 deletion sos/plugins/general.py
View file
Expand Up @@ -47,7 +47,6 @@ def setup(self):
self.collectExtOutput("/bin/date", symlink = "date")
self.collectExtOutput("/usr/bin/uptime", symlink = "uptime")
self.collectExtOutput("/bin/dmesg")
self.addCopySpec("/root/anaconda-ks.cfg")
self.collectExtOutput("/usr/sbin/alternatives --display java", symlink = "java")
self.collectExtOutput("/usr/bin/readlink -f /usr/bin/java")

Expand Down

5 comments on commit a4a7942

@Remmy
Copy link

@Remmy Remmy commented on a4a7942 Oct 12, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this commit not be pulled into the main line of sosreport, considering that even a CVE has been published for it?

@bmr-cymru
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes it should (tbh though I struggle to see these bugs as CVE-worthy) - not sure why it got missed but I'll try to get this dragged in (as well as a bunch of other pending changes) shortly.

@Remmy
Copy link

@Remmy Remmy commented on a4a7942 Oct 12, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do agree with you on that, but as security reports are open for this across various distros (I assume), it would be nice if the needed patch can easily be located as it took me a bit of searching :-)

Thank you!

@bmr-cymru
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, definitely agree. We will try to keep things more in-sync in future - for now though you might like to join the mailing lists if you're working on sos packages for distros (or even if just for general interest):

http://www.redhat.com/mailman/admin/sos-devel

It's a good place to ping quick questions like this as there are more people on the mailing list than watching github currently.

Cheers!

@bmr-cymru
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duh, sorry - that should've been http://www.redhat.com/mailman/listinfo/sos-devel (listinfo rather than admin link).

Please sign in to comment.