glusterfs icon indicating copy to clipboard operation
glusterfs copied to clipboard
verified publisher icon gluster

GlusterFS Logs Exposing Credentials at INFO Log Level

Open dipaksisodiya140 opened this issue 3 months ago • 1 comments

While working with GlusterFS, we observed that when the log level is set to INFO, sensitive information such as usernames and passwords (e.g., for volume mounts or authentication) are being written to the logs. This poses a security risk, especially in production environments where logs are collected and stored centrally for auditing or debugging.

Is it possible to either:

  1. Mask or redact sensitive fields (e.g., replace with ****)
  2. Provide a configuration option to disable logging of sensitive data entirely?

@vbellur mentions in https://github.com/gluster/glusterfs/issues/1137 the read-only nature of the logs is to mask these credentials from non root users, which i guess achieves this in some sense. My use case though required these logs to be collected and stored, and sometimes audited, and having these credentials in them is of some concern.

dipaksisodiya140 avatar Sep 05 '25 21:09 dipaksisodiya140

@sbk173 Could you take a look into this one

pranithk avatar Sep 09 '25 09:09 pranithk