1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

modify user module so that password is NEVER logged before the command runs

This commit is contained in:
Seth Vidal 2012-07-10 17:13:51 -04:00
parent 238e4adba2
commit 2f11350665

View file

@ -22,6 +22,7 @@ try:
except ImportError: except ImportError:
import simplejson as json import simplejson as json
import os import os
import re
import pwd import pwd
import grp import grp
import shlex import shlex
@ -265,7 +266,8 @@ argfile = sys.argv[1]
args = open(argfile, 'r').read() args = open(argfile, 'r').read()
items = shlex.split(args) items = shlex.split(args)
syslog.openlog('ansible-%s' % os.path.basename(__file__)) syslog.openlog('ansible-%s' % os.path.basename(__file__))
syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % args) log_args = re.sub(r'password=.+ (.*)', r"password=NOT_LOGGING_PASSWORD \1", args)
syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % log_args)
if not len(items): if not len(items):
fail_json(msg='the module requires arguments -a') fail_json(msg='the module requires arguments -a')