[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Kalyan Koduru commented on JENKINS-26620 Re: SWARM - swarm client should read password from file my bad. I think it's working after switching to passwordEnvVariable. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson commented on JENKINS-26620 Re: SWARM - swarm client should read password from file Kalyan Koduru , not even with the "@"-trick mentioned above? Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Kalyan Koduru commented on JENKINS-26620 Re: SWARM - swarm client should read password from file This issue is not yet resolved. I updated to swarm plugin 2.1 and could still see that password is leaked into "ps" command. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson closed an issue as Fixed Jenkins / JENKINS-26620 SWARM - swarm client should read password from file Change By: Peter Jönsson Status: Open Closed Resolution: Fixed Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Brandon Heller commented on JENKINS-26620 Re: SWARM - swarm client should read password from file Also came across this issue, where we saw the password printed in the env var printout for each job. I had changed from the -password option to -passwordEnvVariable because when upgrading from v1.16 to v2.0, the -password option interprets a leading '@' in the password as a file reference. So the bad news is that with v2.0, you can't directly pass in some passwords, but if the -password value starts with @, it's treated as a file. I couldn't find any documentation on this, but perhaps I missed it. This issue should be resolved as Fixed. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson commented on JENKINS-26620 Re: SWARM - swarm client should read password from file True, will look into this. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson assigned an issue to Peter Jönsson Jenkins / JENKINS-26620 SWARM - swarm client should read password from file Change By: Peter Jönsson Assignee: Kohsuke Kawaguchi Peter Jönsson Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson commented on JENKINS-26620 Re: SWARM - swarm client should read password from file True, will look into this. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Maxfield Stewart commented on JENKINS-26620 Re: SWARM - swarm client should read password from file The environment variable is useful, but then the password is leaked in Jenkins when someone views the System Information for a node and can see it in plain text on the Enivronment Variables list. Loading from a creds file would prevent this. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Title: Message Title Peter Jönsson commented on JENKINS-26620 Re: SWARM - swarm client should read password from file It's possible to inject the password through an environment variable. Then you could place the password in a file sourced before starting the swarm process. Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [swarm-plugin] (JENKINS-26620) SWARM - swarm client should read password from file
Jason Newblanc created JENKINS-26620 SWARM - swarm client should read password from file Issue Type: New Feature Assignee: Kohsuke Kawaguchi Components: swarm-plugin Created: 27/Jan/15 6:26 AM Description: The swarm client currently supports a -password command line arg, which works great, except that when you use it, the password is leaked in the process table (i.e. when any user on the linux machine runs "ps -AF"). Instead, the swarm client should support a -pwfile argument where the password is read from the user supplied filename (which can be secured via the filesystem). Project: Jenkins Labels: slave security swarm Priority: Major Reporter: Jason Newblanc This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
