Add log level insecure warning to more places

2025-04-15 09:10:20 +00:00 · 2023-10-12 12:22:39 -06:00 · 2023-10-12 12:22:39 -06:00 · 56f0e48e27
commit 56f0e48e27
parent d6d71daedb
9 changed files with 49 additions and 10 deletions
--- a/conf/cloud
+++ b/conf/cloud
@ -29,7 +29,7 @@
 # One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'.
 #
 # The following log levels are considered INSECURE and may log sensitive data:
-# ['garbage', 'trace', 'debug']
+# ['garbage', 'trace', 'debug', 'all']
 #
 # Default: 'info'
 #
--- a/conf/master
+++ b/conf/master
@ -1198,7 +1198,7 @@
 # One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
 #
 # The following log levels are considered INSECURE and may log sensitive data:
-# ['garbage', 'trace', 'debug']
+# ['garbage', 'trace', 'debug', 'all']
 #
 #log_level: warning

--- a/conf/minion
+++ b/conf/minion
@ -809,7 +809,7 @@
 # One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'.
 #
 # The following log levels are considered INSECURE and may log sensitive data:
-# ['garbage', 'trace', 'debug']
+# ['garbage', 'trace', 'debug', 'all']
 #
 # Default: 'warning'
 #log_level: warning
--- a/conf/proxy
+++ b/conf/proxy
@ -545,7 +545,7 @@
 # One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'.
 #
 # The following log levels are considered INSECURE and may log sensitive data:
-# ['garbage', 'trace', 'debug']
+# ['garbage', 'trace', 'debug', 'all']
 #
 # Default: 'warning'
 #log_level: warning
--- a/doc/ref/configuration/logging/index.rst
+++ b/doc/ref/configuration/logging/index.rst
@ -61,6 +61,12 @@ available in salt are shown in the table below.
 | all      |             0 | Everything                                                               |
 +----------+---------------+--------------------------------------------------------------------------+

+Any log level below the `info` level is INSECURE and may log sensitive data. This currently includes:
+#. debug
+#. trace
+#. garbage
+#. all
+
 Available Configuration Settings
 ================================

--- a/doc/ref/configuration/master.rst
+++ b/doc/ref/configuration/master.rst
@ -5460,6 +5460,12 @@ The level of messages to send to the console. See also :conf_log:`log_level`.

    log_level: warning

+Any log level below the `info` level is INSECURE and may log sensitive data. This currently includes:
+#. debug
+#. trace
+#. garbage
+#. all
+
 .. conf_master:: log_level_logfile

 ``log_level_logfile``
@ -5475,6 +5481,12 @@ it will inherit the level set by :conf_log:`log_level` option.

    log_level_logfile: warning

+Any log level below the `info` level is INSECURE and may log sensitive data. This currently includes:
+#. debug
+#. trace
+#. garbage
+#. all
+
 .. conf_master:: log_datefmt

 ``log_datefmt``
--- a/doc/ref/configuration/minion.rst
+++ b/doc/ref/configuration/minion.rst
@ -3308,6 +3308,11 @@ The level of messages to send to the console. See also :conf_log:`log_level`.

    log_level: warning

+Any log level below the `info` level is INSECURE and may log sensitive data. This currently includes:
+#. debug
+#. trace
+#. garbage
+#. all

 .. conf_minion:: log_level_logfile

@ -3324,6 +3329,11 @@ it will inherit the level set by :conf_log:`log_level` option.

    log_level_logfile: warning

+Any log level below the `info` level is INSECURE and may log sensitive data. This currently includes:
+#. debug
+#. trace
+#. garbage
+#. all

 .. conf_minion:: log_datefmt

--- a/salt/utils/parsers.py
+++ b/salt/utils/parsers.py
@ -41,7 +41,7 @@ import salt.utils.yaml
 import salt.version as version
 from salt.defaults import DEFAULT_TARGET_DELIM
 from salt.utils.validate.path import is_writeable
-from salt.utils.verify import verify_log, verify_log_files
+from salt.utils.verify import insecure_log, verify_log, verify_log_files

 log = logging.getLogger(__name__)

@ -610,9 +610,10 @@ class LogLevelMixIn(metaclass=MixInMeta):
            *self._console_log_level_cli_flags,
            dest=self._loglevel_config_setting_name_,
            choices=list(salt._logging.LOG_LEVELS),
-            help="Console logging log level. One of {}. Default: '{}'.".format(
+            help="Console logging log level. One of {}. Default: '{}'. \n The following log levels are INSECURE and may log sensitive data: {}".format(
                ", ".join(["'{}'".format(n) for n in salt._logging.SORTED_LEVEL_NAMES]),
                self._default_logging_level_,
+                ", ".join(insecure_log()),
            ),
        )

@ -636,9 +637,10 @@ class LogLevelMixIn(metaclass=MixInMeta):
            "--log-file-level",
            dest=self._logfile_loglevel_config_setting_name_,
            choices=list(salt._logging.SORTED_LEVEL_NAMES),
-            help="Logfile logging log level. One of {}. Default: '{}'.".format(
+            help="Logfile logging log level. One of {}. Default: '{}'. \n The following log levels are INSECURE and may log sensitive data: {}".format(
                ", ".join(["'{}'".format(n) for n in salt._logging.SORTED_LEVEL_NAMES]),
                self._default_logging_level_,
+                ", ".join(insecure_log()),
            ),
        )
        self._mixin_after_parsed_funcs.append(self.__setup_logging_routines)
--- a/salt/utils/verify.py
+++ b/salt/utils/verify.py
@ -557,13 +557,22 @@ def safe_py_code(code):
    return True


+def insecure_log():
+    """
+    Return the insecure logs types
+    """
+    insecure = []
+    for level, value in LOG_LEVELS.items():
+        if value < LOG_LEVELS.get("info", 20):
+            insecure.append(level)
+    return insecure
+
+
 def verify_log(opts):
    """
    If an insecre logging configuration is found, show a warning
    """
-    level = LOG_LEVELS.get(str(opts.get("log_level")).lower(), logging.NOTSET)
-
-    if level < logging.INFO:
+    if str(opts.get("log_level")).lower() in insecure_log():
        log.warning(
            "Insecure logging configuration detected! Sensitive data may be logged."
        )