[jira] [Created] (CLOUDSTACK-3208) showing xenhost username and password details in plain text in logs when we pefrom removehost from CS

Wed, 26 Jun 2013 02:54:59 -0700 

Harikrishna Patnala created CLOUDSTACK-3208:
-----------------------------------------------

             Summary:  showing xenhost username and password details in plain 
text in logs when we pefrom removehost from CS 
                 Key: CLOUDSTACK-3208
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3208
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Management Server
    Affects Versions: 4.2.0
            Reporter: Harikrishna Patnala
            Assignee: Harikrishna Patnala
             Fix For: 4.2.0


we are showing Xen username and password in plain text in management log when 
we perform remove host operation from CS


1.Install and configure Advance zone ,xen cluster with 2 host (first add 
xencluster with one host later add another host)
2.deploy few vms and make sure both hosts has some vms running on it
3.perform host maintenance on host2
4.Perform remove host on host2 and observe the logs(management log)

Actual results:
****************
When we prform removehost operation host2 was removed from cs with exception 
and log shows Xen host user name and password in plain text.

Expected result:
***************
Passwords should not be displayed in plain text.

LOG:
WARN (DirectAgent-241:null) Unable to get current status
com.cloud.utils.exception.CloudRuntimeException: 
Host(18e16e37-9fb4-43eb-967f-ce116ebf5b9c) doesn't belong to 
pool(5fce5d52-55ba-909d-4307-17cb55255b85), please execute 'xe pool-join 
master-address=10.147.40.19 master-username=root master-password=[password]
        at 
com.cloud.hypervisor.xen.resource.XenServerConnectionPool.connect(XenServerConnectionPool.java:553)
        at 
com.cloud.hypervisor.xen.resource.CitrixResourceBase.getConnection(CitrixResourceBase.java:5314)
        at 
com.cloud.hypervisor.xen.resource.CitrixResourceBase.getCurrentStatus(CitrixResourceBase.java:4202)
        at 
com.cloud.agent.manager.DirectAgentAttache$PingTask.run(DirectAgentAttache.java:138)
        at 
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
        at 
java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351)
        at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178)
        at 
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165)
        at 
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
        at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
        at java.lang.Thread.run(Thread.java:679)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to