How do I prevent logging of secure data?

33 views

Skip to first unread message

Larry Fast

unread,

Feb 24, 2014, 3:13:33 PM2/24/14

to puppet...@googlegroups.com

By default puppet will report the changes to any files it updates. If the file includes any secure data like passwords or private encryption keys, that also shows up in the logs. Is there any way to block this level of logging for individual files? Disabling it for all files is also acceptable.

Stefan Schulte

unread,

Feb 24, 2014, 4:42:42 PM2/24/14

to puppet...@googlegroups.com

You should be able to generally block it with the `show_diff`
configuration option [1]. It can also be deactivated on a per-file basis
[2] as long as you run a recent version of puppet (according to the
original feature request [3] this has been added in puppet 3.2)

[1] http://docs.puppetlabs.com/references/latest/configuration.html#showdiff
[2]
http://docs.puppetlabs.com/references/latest/type.html#file-attribute-show_diff
[3] http://projects.puppetlabs.com/issues/16412

-Stefan

Reply all

Reply to author

Forward

0 new messages