puppetlabs-java_ks icon indicating copy to clipboard operation
puppetlabs-java_ks copied to clipboard

Published 20 hours ago verified publisher icon puppetlabs

Check, if keytool exists, before trying to execute it

Open cocker-cc opened this issue 1 year ago • 4 comments

Use Case

If keytool does not exist, sensitive Password is not “redacted” in Error-Message:

Error: /Stage[main]/Myprofilemodule/Java_ks[myRootCA]/ensure: change from 'absent' to 'latest' failed:  
Execution of 'keytool -importcert -noprompt -alias myrootca -file /etc/pki/tls/certs/myCA_root.pem -keystore /path/to/mykeystore -srcstorepass MyPassword -deststorepass MyPassword' returned 1:  
Error: Could not execute posix command: No such file or directory - keytool

Describe the Solution You Would Like

  • check, if keytool exists, before trying to execute it
  • prevent Password-Leak in other Error-Situations

cocker-cc avatar Oct 12 '23 14:10 cocker-cc