From 514d69111fb4d7ffe9e868f7f2577e033d3b04b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Wed, 16 Sep 2009 09:07:01 +0300
Subject: [PATCH] Changed samba domain join to not store password into debug
 logs.

---
 samba/manifests/init.pp | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/samba/manifests/init.pp b/samba/manifests/init.pp
index 9a192a1..4b2cf69 100644
--- a/samba/manifests/init.pp
+++ b/samba/manifests/init.pp
@@ -82,11 +82,12 @@ class samba::domainmember {
     include samba::server
 
     exec { "net join":
-        command => "net join -U ${samba_join_user}%'${samba_join_pass}'",
-        path    => "/bin:/usr/bin:/sbin:/usr/sbin",
-        onlyif  => "rpcclient localhost -c 'srvinfo' -U root%'' 2>&1 | grep 'NT_STATUS_CANT_ACCESS_DOMAIN_INFO'",
-        require => [ Package["samba"],
-                     File["/etc/samba/smb.conf"], ],
+        command     => "net join -U ${samba_join_user}%\"\${SECRET}\"",
+        environment => "SECRET=${samba_join_pass}",
+        path        => "/bin:/usr/bin:/sbin:/usr/sbin",
+        onlyif      => "rpcclient localhost -c 'srvinfo' -U root%'' 2>&1 | grep 'NT_STATUS_CANT_ACCESS_DOMAIN_INFO'",
+        require     => [ Package["samba"],
+                         File["/etc/samba/smb.conf"], ],
     }
 
 }