Public bug reported: ENabled rabbitmq debug and restarted the process. Found sensitive data displayed in logs.
rabbitmq uses Erlang cookie concept where a cluster of nodes communicates to each other. Any node that posses this secret cookie can communicate with other nodes in the cluster. =INFO REPORT==== 31-Mar-2018::03:28:46 === stopped SSL Listener on [::]:5671 =INFO REPORT==== 31-Mar-2018::03:28:46 === Stopped RabbitMQ application =INFO REPORT==== 31-Mar-2018::03:28:46 === Halting Erlang VM =INFO REPORT==== 31-Mar-2018::03:29:54 === Starting RabbitMQ 3.6.6 on Erlang 19.1.1 Copyright (C) 2007-2016 Pivotal Software, Inc. Licensed under the MPL. See http://www.rabbitmq.com/ =INFO REPORT==== 31-Mar-2018::03:29:54 === node : rabbit@ip9-114-192-221 home dir : /var/lib/rabbitmq config file(s) : /etc/rabbitmq/rabbitmq.config cookie hash : RVLZk6qSkQ471Dqtfk14wA== log : /var/log/rabbitmq/[email protected] sasl log : /var/log/rabbitmq/[email protected] database dir : /var/lib/rabbitmq/mnesia/rabbit@ip9-114-192-221 =INFO REPORT==== 31-Mar-2018::03:29:57 === Memory limit set to 3876MB of 9690MB total. ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1761538 Title: Cookie hash value displayed in rabbitmq logs Status in OpenStack Identity (keystone): New Bug description: ENabled rabbitmq debug and restarted the process. Found sensitive data displayed in logs. rabbitmq uses Erlang cookie concept where a cluster of nodes communicates to each other. Any node that posses this secret cookie can communicate with other nodes in the cluster. =INFO REPORT==== 31-Mar-2018::03:28:46 === stopped SSL Listener on [::]:5671 =INFO REPORT==== 31-Mar-2018::03:28:46 === Stopped RabbitMQ application =INFO REPORT==== 31-Mar-2018::03:28:46 === Halting Erlang VM =INFO REPORT==== 31-Mar-2018::03:29:54 === Starting RabbitMQ 3.6.6 on Erlang 19.1.1 Copyright (C) 2007-2016 Pivotal Software, Inc. Licensed under the MPL. See http://www.rabbitmq.com/ =INFO REPORT==== 31-Mar-2018::03:29:54 === node : rabbit@ip9-114-192-221 home dir : /var/lib/rabbitmq config file(s) : /etc/rabbitmq/rabbitmq.config cookie hash : RVLZk6qSkQ471Dqtfk14wA== log : /var/log/rabbitmq/[email protected] sasl log : /var/log/rabbitmq/[email protected] database dir : /var/lib/rabbitmq/mnesia/rabbit@ip9-114-192-221 =INFO REPORT==== 31-Mar-2018::03:29:57 === Memory limit set to 3876MB of 9690MB total. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1761538/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
