Neutron LBaaS leaking admin_password into logs

Current code leaks the keystone admin_password in the cfg into log files. Example from DevStack q-svc.log: service_auth.admin_password = password Issue is that the cfg.StrOpt for admin_password did not set 'secret=True", which would give: service_auth.admin_password = **** Change-Id: I24410641ad48b2e86984b383b144e29478a94344 Closes-Bug: #1549547
2016-02-24 16:23:45 -08:00 · 2016-02-24 16:23:45 -08:00 · 182dd4238f
commit 182dd4238f
parent 8a72d5e92d
1 changed files with 1 additions and 0 deletions
--- a/neutron_lbaas/common/keystone.py
+++ b/neutron_lbaas/common/keystone.py
@ -43,6 +43,7 @@ OPTS = [
    ),
    cfg.StrOpt(
        'admin_password',
+        secret=True,
        default='password',
        help=_('The service admin password'),
    ),