The change to drive provisioning from conductor now avoids the code path
that was logging user data, so the immediate concern has gone away. Not
carrying user data in the instance object would still be a useful
optimization - but that's a different task.
** Changed in: nova
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1317100
Title:
User data should be redacted when logging request spec
Status in OpenStack Compute (Nova):
Invalid
Bug description:
The filter scheduler has a Debug level log for the request spec, which
includes in the instance properties the base64 encoded user_data.
Since this may be used by the user to pass credentials into the VM
this field should be redacted in the log enrty.
User data is an opaque data blob as far as Nova is concerned (and
hence of no practical use for debugging).
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1317100/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
