On a related note, we did do some redaction in the Lenovo branch: https://github.com/xcat2/xcat-core/commit/7a06672320d62644fe7e6f695c27f51151820b9f https://github.com/xcat2/xcat-core/commit/9d318cca7626451f97c691053f9965523e596640 https://github.com/xcat2/xcat-core/commit/08eeb047255655ca11c14896d1acce8787a17282
However, we don't use bmcdiscover, instead doing confluent's PXE/XCC/SMM/IMM discovery in our usual procedures, which is a lot more careful with passwords in general. I don't think it will cover bmcdiscover since we never use it, but the concept may be applicable. -----Original Message----- From: Lachlan Musicman <[email protected]> Sent: Wednesday, December 18, 2019 4:51 PM To: [email protected] Subject: [External] [xcat-user] bmcdiscover logs passwords Hi, bmcdiscover --version bmcdiscover - xCAT Version 2.15 (git commit 218c6d3acc8bdbd7f72115e48cda2b1a3613d18a, built Mon Nov 4 15:17:59 EST 2019) Yesterday I discovered that bmcdiscover logs the passwords passed with -p Looking through /var/log/messages on another mission, I noticed our root password. Someone had forgotten which pw combo they were meant to be using with bmcdiscover. The problem is that it's now in the logs. I'm not afraid of editing the logs - although I'd rather not. Is this expected behaviour? If I pass "-u name -p" without the password or just "-u name", will I be prompted for the pw? Is there anyway to not log the password if it's being sent as part of the command? Cheers L. -- ------ "The fact that you're still saying something like 'feminism gone mad' suggests that feminism hasn't gone mad ENOUGH yet." Helen Zaltzman / @HelenZaltzman https://twitter.com/HelenZaltzman/status/1065384934846545920 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
