Control: tags -1 patch Attached is a patch that suppresses sensitive parameters when exporting Configuration, basically what I have used for ELTS.
This shouldn't affect import of the configuration, but obviously one needs to re-set the parameters after import. This should be considered as a stop-gap measure patch and upstream development on the issue be watched. (note: upstream claims this is fixed, however, I can see still clear- text passwords in exports.) -- tobi
--- a/ui/include/classes/export/CConfigurationExportBuilder.php +++ b/ui/include/classes/export/CConfigurationExportBuilder.php @@ -378,7 +378,7 @@ 'ipmi_authtype' => $host['ipmi_authtype'], 'ipmi_privilege' => $host['ipmi_privilege'], 'ipmi_username' => $host['ipmi_username'], - 'ipmi_password' => $host['ipmi_password'], +// 'ipmi_password' => $host['ipmi_password'], 'templates' => $this->formatTemplateLinkage($host['parentTemplates']), 'groups' => $this->formatGroups($host['hostgroups']), 'interfaces' => $this->formatHostInterfaces($host['interfaces']), @@ -489,7 +489,7 @@ 'smtp_verify_peer' => $media_type['smtp_verify_peer'], 'smtp_authentication' => $media_type['smtp_authentication'], 'username' => $media_type['username'], - 'password' => $media_type['passwd'], +// 'password' => $media_type['passwd'], 'message_format' => $media_type['message_format'], 'script_name' => $media_type['exec_path'], 'parameters' => self::formatMediaTypeParameters($media_type), @@ -669,9 +669,9 @@ 'ipmi_sensor' => $discoveryRule['ipmi_sensor'], 'authtype' => $discoveryRule['authtype'], 'username' => $discoveryRule['username'], - 'password' => $discoveryRule['password'], +// 'password' => $discoveryRule['password'], 'publickey' => $discoveryRule['publickey'], - 'privatekey' => $discoveryRule['privatekey'], +// 'privatekey' => $discoveryRule['privatekey'], 'filter' => $discoveryRule['filter'], 'lifetime_type' => $discoveryRule['lifetime_type'], 'lifetime' => $discoveryRule['lifetime'], @@ -697,8 +697,8 @@ 'request_method' => $discoveryRule['request_method'], 'allow_traps' => $discoveryRule['allow_traps'], 'ssl_cert_file' => $discoveryRule['ssl_cert_file'], - 'ssl_key_file' => $discoveryRule['ssl_key_file'], - 'ssl_key_password' => $discoveryRule['ssl_key_password'], +// 'ssl_key_file' => $discoveryRule['ssl_key_file'], +// 'ssl_key_password' => $discoveryRule['ssl_key_password'], 'verify_peer' => $discoveryRule['verify_peer'], 'verify_host' => $discoveryRule['verify_host'], 'lld_macro_paths' => self::formatLldMacroPaths($discoveryRule['lld_macro_paths']), @@ -819,12 +819,12 @@ 'status' => $httptest['status'], 'authentication' => $httptest['authentication'], 'http_user' => $httptest['http_user'], - 'http_password' => $httptest['http_password'], +// 'http_password' => $httptest['http_password'], 'verify_peer' => $httptest['verify_peer'], 'verify_host' => $httptest['verify_host'], 'ssl_cert_file' => $httptest['ssl_cert_file'], - 'ssl_key_file' => $httptest['ssl_key_file'], - 'ssl_key_password' => $httptest['ssl_key_password'], +// 'ssl_key_file' => $httptest['ssl_key_file'], +// 'ssl_key_password' => $httptest['ssl_key_password'], 'steps' => $this->formatHttpSteps($httptest['steps']), 'tags' => $this->formatTags($httptest['tags']) ]; @@ -1202,9 +1202,9 @@ 'ipmi_sensor' => $item['ipmi_sensor'], 'authtype' => $item['authtype'], 'username' => $item['username'], - 'password' => $item['password'], +// 'password' => $item['password'], 'publickey' => $item['publickey'], - 'privatekey' => $item['privatekey'], +// 'privatekey' => $item['privatekey'], 'description' => $item['description'], 'inventory_link' => $item['inventory_link'], 'valuemap' => $item['valuemap'], @@ -1226,8 +1226,8 @@ 'output_format' => $item['output_format'], 'allow_traps' => $item['allow_traps'], 'ssl_cert_file' => $item['ssl_cert_file'], - 'ssl_key_file' => $item['ssl_key_file'], - 'ssl_key_password' => $item['ssl_key_password'], +// 'ssl_key_file' => $item['ssl_key_file'], +// 'ssl_key_password' => $item['ssl_key_password'], 'tags' => $this->formatTags($item['tags']), 'verify_peer' => $item['verify_peer'], 'verify_host' => $item['verify_host']
