[Bug 2085607] Re: [sru] Obfuscation issues in sosreport sos 4.7.2

Mauricio Faria de Oliveira 2085607 at bugs.launchpad.net
Mon Dec 2 21:07:03 UTC 2024 

Hi Arif,

> As there is no noble and oracular openstack to deploy effectively in the same way, 
> and we hence confirmed 2 of the supported distros that have the issue, 
> I hope that will be ok for verification

Not exactly. When reviewing for sponsorship, I assumed the Test Plan was
valid as stated.

If it is not valid for some series, please update it accordingly with a
way to verify those.

I guess an actual openstack deployment is not needed, but rather just the right packages
being installed (or something that 'checks positive' in the plugin) plus the config file,
or something along those lines.

Thanks!
Mauricio


** Tags removed: verification-done verification-done-noble verification-done-oracular
** Tags added: verification-needed verification-needed-noble verification-needed-oracular

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2085607

Title:
  [sru] Obfuscation issues in sosreport sos 4.7.2

Status in sosreport source package in Focal:
  Fix Committed
Status in sosreport source package in Jammy:
  Fix Committed
Status in sosreport source package in Noble:
  Fix Committed
Status in sosreport source package in Oracular:
  Fix Committed

Bug description:
  [ Impact ]

  When doing SRU for sos 4.7.2 we encountered obfuscation issues,
  although not a regression at the time, it was still an issue that had
  been present for a while

  So, these passwords would be fully visible to the end support
  personnel and therefore leaked passwords.

  [ Test Plan ]

  1. Deploy a sunbeam simple cloud, and run the sos report, check to see if passwords are obfuscated in configuration file
  2. Deploy heat, and ensure auth_encryption_key is obfuscated in configuration file
  3. Deploy placement, and ensure that both NOVA_API_PASS and PLACEMENT_PASS are obfuscated in configuration file
  4. Deploy mysql and ensure password field is obfuscated in configuration file

  [ Where problems could occur ]

  The corresponding files are not obfuscated, and we need to update the
  patches

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/focal/+source/sosreport/+bug/2085607/+subscriptions

More information about the Ubuntu-sponsors mailing list