From 8e60ad986a6b659a2bffd461684625a3000d3c78 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Mon, 30 Jul 2012 21:21:30 -0400 Subject: [PATCH] Do not log login_password params to DB module --- lib/ansible/module_common.py | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/ansible/module_common.py b/lib/ansible/module_common.py index 29441041af..e8d38631d5 100644 --- a/lib/ansible/module_common.py +++ b/lib/ansible/module_common.py @@ -130,6 +130,7 @@ class AnsibleModule(object): syslog.openlog('ansible-%s' % os.path.basename(__file__)) # Sanitize possible password argument when logging log_args = re.sub(r'password=.+ (.*)', r"password=NOT_LOGGING_PASSWORD \1", self.args) + log_args = re.sub(r'login_password=.+ (.*)', r"login_password=NOT_LOGGING_PASSWORD \1", log_args) syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % log_args) def boolean(self, arg):