cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #640 from sfromm/fancy

Browse source 
Sanitize possible password argument when logging invocation
This commit is contained in:
Michael DeHaan 2012-07-20 14:11:58 -07:00
commit 290e1af339
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/ansible/module_common.py
View file

@ -33,6 +33,7 @@ try:
except ImportError: except ImportError:
import simplejson as json import simplejson as json
import os import os
import re
import shlex import shlex
import subprocess import subprocess
import sys import sys
@ -118,7 +119,9 @@ class AnsibleModule(object):
def _log_invocation(self): def _log_invocation(self):
''' log that ansible ran the module ''' ''' log that ansible ran the module '''
syslog.openlog('ansible-%s' % os.path.basename(__file__)) syslog.openlog('ansible-%s' % os.path.basename(__file__))
syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % self.args) # Sanitize possible password argument when logging
log_args = re.sub(r'password=.+ (.*)', r"password=NOT_LOGGING_PASSWORD \1", self.args)
syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % log_args)
def exit_json(self, **kwargs): def exit_json(self, **kwargs):
''' return from the module, without error ''' ''' return from the module, without error '''