qubes-installer-qubes-os/anaconda/0039-anaconda-Remove-in-memory-kickstart-representation-f.patch

From 477f57c5661c58537e675e1d8cfa20c7430f826f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Fri, 19 Oct 2018 08:02:12 +0200
Subject: [PATCH] anaconda: Remove in-memory kickstart representation from
 traceback file (#1519895)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We have been doing this filtering already, but some paths have likely
changed and the filter was no longer effective.

So add two new filter strings:
"_intf.storage.ksdata"
"_intf.data"

After adding these two I was no longer able to find the plaintext password
anywhere in the traceback after manually triggering a crash with:

kill -USR1 `cat /var/run/anaconda.pid`

Resolves: rhbz#1519895
Signed-off-by: Frédéric Pierret <frederic.epitre@orange.fr>
---
 pyanaconda/exception.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pyanaconda/exception.py b/pyanaconda/exception.py
index c283a605a..483cd51c4 100644
--- a/pyanaconda/exception.py
+++ b/pyanaconda/exception.py
@@ -274,7 +274,9 @@ def initExceptionHandling(anaconda):
                                 "_intf._currentAction._spokes[\"UserSpoke\"]._oldweak",
                                 "_intf.storage.bootloader.password",
                                 "_intf.storage.data",
+                                "_intf.storage.ksdata",
                                 "_intf.storage.encryption_passphrase",
+                                "_intf.data",
                                 "_bootloader.encrypted_password",
                                 "_bootloader.password",
                                 "payload._groups"],
-- 
2.14.4