URL: https://github.com/freeipa/freeipa/pull/418 Author: HonzaCholasta Title: #418: replica install: do not log host OTP Action: opened
PR body: """ Do not log the value of the --password option of ipa-client-install when it is run from ipa-replica-install before replica promotion. https://fedorahosted.org/freeipa/ticket/6633 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/418/head:pr418 git checkout pr418
From 7cfe3cdabbcd31d1a53509cc9b3c8b151fe1cc9d Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Mon, 30 Jan 2017 10:33:10 +0100 Subject: [PATCH] replica install: do not log host OTP Do not log the value of the --password option of ipa-client-install when it is run from ipa-replica-install before replica promotion. https://fedorahosted.org/freeipa/ticket/6633 --- ipaserver/install/server/replicainstall.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 18222c8..7d7a499 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -876,6 +876,7 @@ def ensure_enrolled(installer): args = [paths.IPA_CLIENT_INSTALL, "--unattended", "--no-ntp"] stdin = None + nolog = [] if installer.domain_name: args.extend(["--domain", installer.domain_name]) @@ -888,6 +889,7 @@ def ensure_enrolled(installer): if installer.password: args.extend(["--password", installer.password]) + nolog.append(installer.password) else: if installer.admin_password: # Always set principal if password was set explicitly, @@ -908,7 +910,7 @@ def ensure_enrolled(installer): if installer.mkhomedir: args.append("--mkhomedir") - ipautil.run(args, stdin=stdin, redirect_output=True) + ipautil.run(args, stdin=stdin, nolog=nolog, redirect_output=True) print() except Exception: raise ScriptError("Configuration of client side components failed!")
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code