-
Thomas Haller authored
The logging domain VPN_PLUGIN controlls logging of the VPN plugins. Especially at verbose levels <debug> and <trace>, the plugins might reveal sensitive information in the logging. Thus, this level should not be enabled by a $ nmcli logging general level DEBUG domains ALL It should only be enabled when requested explicitly. $ nmcli logging general level DEBUG domains ALL,VPN_PLUGIN:DEBUG Previously, the special level VPN_PLUGIN was entirely excluded from ALL and DEFAULT domains and it was entirely disabled by default. That is however to strict, as it completely silences the VPN plugins by defult. Now, enable them by default up to level INFO. VPN plugins should take care that they don't reveal sensitive information at levels <info> (LOG_NOTICE) and higher (less verbose). For more verbose levels they may print passwords, but that should still be avoided as far as possible.
4143fbde