[one-users] auth - stop showing clear password on the logs
Ruben S. Montero
rsmontero at opennebula.org
Thu May 10 15:05:34 PDT 2012
Hi
You may try to change the "verbosity" of the DEBUG messages in
oned.conf. DEBUG_LEVEL=0 will only output ERROR messages (those
labeled) with [E]. Once you have deployed and tuned the infrastructure
it may be a good idea to decrease the debug messages to ERROR/WARNING
level.
Cheers
Ruben
On Thu, May 10, 2012 at 8:50 PM, João Pagaime <jpsp at fccn.pt> wrote:
> Hello all
>
> could somebody show where to change open-nebula for it to stop showing clear
> text passords?
>
> probably somewhere on the code...
>
> it is showing clear text passords for some cases of Sunstone LDAP auth
> errors (as shown bellow)
>
> --------------
> Thu May 10 19:20:02 2012 [ReM][D]: UserInfo method invoked
> Thu May 10 19:20:02 2012 [AuM][D]: Message received: LOG I 2 Command
> execution f
> ail: /var/lib/one/remotes/auth/default/authenticate 'USER' '-' PASSWORD
>
> Thu May 10 19:20:02 2012 [AuM][I]: Command execution fail:
> /var/lib/one/remotes/auth/default/authenticate 'USER' '-' PASSWORD
> Thu May 10 19:20:02 2012 [AuM][D]: Message received: LOG I 2 User USER not
> found
>
> Thu May 10 19:20:02 2012 [AuM][I]: User USER not found
> Thu May 10 19:20:02 2012 [AuM][D]: Message received: LOG I 2 ExitCode: 255
>
> Thu May 10 19:20:02 2012 [AuM][I]: ExitCode: 255
> Thu May 10 19:20:02 2012 [AuM][D]: Message received: AUTHENTICATE FAILURE 2
> -
>
> Thu May 10 19:20:02 2012 [AuM][E]: Auth Error:
> Thu May 10 19:20:02 2012 [ReM][E]: [UserInfo] User couldn't be
> authenticated, aborting call.
> ----------------------
>
> maybe it would be a good ideia to ship the production versions without this
> behavior
>
> cheers
> João
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
--
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - The Open Source Solution for Data Center Virtualization
www.OpenNebula.org | rsmontero at opennebula.org | @OpenNebula
More information about the Users
mailing list