nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

mumble: Mark secret strings in privileged actions

Browse Source 
Tests:

- Run affected privileged actions through UI and notice that secret strings are
not logged.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-04 10:58:18 -07:00 committed by James Valleroy
parent fa5648cf18
commit 7dda5455d8
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plinth/modules/mumble/privileged.py
View File

@ -9,7 +9,7 @@ import subprocess
import augeas
from plinth import action_utils
from plinth.actions import privileged
from plinth.actions import privileged, secret_str
CONFIG_FILE = '/etc/mumble-server.ini'
DATA_DIR = '/var/lib/mumble-server'
@ -25,7 +25,7 @@ def setup():
@privileged
def set_super_user_password(password: str):
def set_super_user_password(password: secret_str):
"""Set the superuser password with murmurd command."""
subprocess.run(['murmurd', '-readsupw'], input=password.encode(),
stdout=subprocess.DEVNULL, check=False)
@ -50,7 +50,7 @@ def set_domain(domain_name: str | None):
@privileged
def change_join_password(join_password: str):
def change_join_password(join_password: secret_str):
"""Change to password that is required to join the server"""
aug = _load_augeas()
aug.set('.anon/serverpassword', join_password)