Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-6250

Sqlline start command with password appears in the sqlline.log

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.13.0
    • Fix Version/s: 1.14.0
    • Component/s: None
    • Labels:

      Description

      Prerequisites:
      1. Log level is set to "all" in the conf/logback.xml:

      <logger name="org.apache.drill" additivity="false">
          <level value="all" />
          <appender-ref ref="FILE" />
      </logger>
      

      2. PLAIN authentication mechanism is configured:

        security.user.auth: {
      	enabled: true,
      	packages += "org.apache.drill.exec.rpc.user.security",
      	impl: "pam",
      	pam_profiles: [ "sudo", "login" ]
        }
      

      Steps:
      1. Start the drillbits
      2. Connect by sqlline:

      /opt/mapr/drill/drill-1.13.0/bin/sqlline -u "jdbc:drill:zk=node1:5181;" -n user1 -p 1234
      

      3. Use check the sqlline logs:

      tail -F log/sqlline.log|grep 1234 -a5 -b5
      

      Expected result: Logs shouldn't contain clear-text passwords

      Actual result: The logs contain the sqlline start command with password:

      # system properties
      35333-        "java" : {
      35352-            # system properties
      35384:            "command" : "sqlline.SqlLine -d org.apache.drill.jdbc.Driver --maxWidth=10000 --color=true -u jdbc:drill:zk=node1:5181; -n user1 -p 1234",
      35535-            # system properties
      35567-            "launcher" : "SUN_STANDARD"
      35607-        }
      

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              volodymyr.tkach Volodymyr Tkach
              Reporter:
              angozhiy Anton Gozhiy
              Reviewer:
              Arina Ielchiieva

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment