[Bug 1811098] Re: [SRU] ceilometer writing snmp credentials to log file
Edward Hope-Morley
edward.hope-morley at canonical.com
Wed Jan 16 14:48:25 UTC 2019
** Description changed:
+ [Impact]
+ This SRU proposal is to patch the Ubuntu ceilometer package so that the ceilometer-agent switches printing the contents of polling.yaml from INFO to DEBUG. This is mostly an interim fix to make it easy to stop the presence of sensitive data in the ceilometer logfiles when DEBUG logging is not activated. Another bug will be raised to propose sanitising the data printed.
+
+ [Test Case]
+ * deploy Openstack Q/R/S with ceilometer
+ * enable debug logging
+ * check that /var/log/ceilometer/ceilometer-agent-central.log contains a line similar to:
+
+ 2019-01-09 11:40:50.641 25495 DEBUG ceilometer.agent [-] Config file:
+ {'sources': [{'interval': 300, 'meters'...
+
+ i.e. ensure that the log is printed using DEBUG (not INFO)
+
+ [Regression Potential]
+ Users with debug mode disabled will no longer see this line.
+
+ ----
+
The ceilometer-agent-central is always writing the contents of
polling.yaml to its log file (and as INFO) [1]
This presents a security risk if e.g. resources contain sensitive
information like when specifying snmp targets with the url containing
the username, password etc.
There are a couple of ways we could solve this, namely; (1) don't log
this info at all, (2) sanitise the contents prior to logging as DEBUG
(3) switch to using config for the snmp credentials in a similar way to
how the Triple0Discoverer does it [2] - this would only support having
the same creds everywhere thought which may not be desirable.
[1] https://github.com/openstack/ceilometer/blob/stable/rocky/ceilometer/agent.py#L70
[2] https://github.com/openstack/ceilometer/blob/stable/rocky/ceilometer/hardware/discovery.py#L24
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1811098
Title:
[SRU] ceilometer writing snmp credentials to log file
Status in Ceilometer:
In Progress
Status in Ubuntu Cloud Archive:
New
Status in ceilometer package in Ubuntu:
New
Bug description:
[Impact]
This SRU proposal is to patch the Ubuntu ceilometer package so that the ceilometer-agent switches printing the contents of polling.yaml from INFO to DEBUG. This is mostly an interim fix to make it easy to stop the presence of sensitive data in the ceilometer logfiles when DEBUG logging is not activated. Another bug will be raised to propose sanitising the data printed.
[Test Case]
* deploy Openstack Q/R/S with ceilometer
* enable debug logging
* check that /var/log/ceilometer/ceilometer-agent-central.log contains a line similar to:
2019-01-09 11:40:50.641 25495 DEBUG ceilometer.agent [-] Config file:
{'sources': [{'interval': 300, 'meters'...
i.e. ensure that the log is printed using DEBUG (not INFO)
[Regression Potential]
Users with debug mode disabled will no longer see this line.
----
The ceilometer-agent-central is always writing the contents of
polling.yaml to its log file (and as INFO) [1]
This presents a security risk if e.g. resources contain sensitive
information like when specifying snmp targets with the url containing
the username, password etc.
There are a couple of ways we could solve this, namely; (1) don't log
this info at all, (2) sanitise the contents prior to logging as DEBUG
(3) switch to using config for the snmp credentials in a similar way
to how the Triple0Discoverer does it [2] - this would only support
having the same creds everywhere thought which may not be desirable.
[1] https://github.com/openstack/ceilometer/blob/stable/rocky/ceilometer/agent.py#L70
[2] https://github.com/openstack/ceilometer/blob/stable/rocky/ceilometer/hardware/discovery.py#L24
To manage notifications about this bug go to:
https://bugs.launchpad.net/ceilometer/+bug/1811098/+subscriptions
More information about the Ubuntu-sponsors
mailing list