The following bug has been logged on the website:
Bug reference: 17338
Logged by: James Pang
Email address: chaolpan@cisco.com
PostgreSQL version: 13.4
Operating system: RHEL8.4
Description:
pgaudit.log_catalog='on'
pgaudit.log_level='log'
pgaudit.log_parameter=on
pgaudit.log_statement_once=off
pgaudit.log='all, -misc'
pgaudit.log='ddl,role'
when create user jamet password 'testfdwpass';
audit log looks fine ,
2021-12-16 06:09:54.728 UTC:[local]:postgres@jamet:[67011]:[3-1]:2021-12-16
06:09:35 UTC:psqlLOG: AUDIT: SESSION,1,1,ROLE,CREATE ROLE,,,create user
jamet password <REDACTED>,<none>
but when create user mapping for fdw , it show clear text password in
OPTIONS(user 'jamet', password '...')
CREATE USER MAPPING FOR jamet SERVER foreign_server OPTIONS (user 'jamet',
password 'testfdwpass');
AUDIT: SESSION,1,1,DDL,CREATE USER MAPPING,USER MAPPING,jamet on server
foreign_server,"CREATE USER MAPPING FOR jamet SERVER foreign_server OPTIONS
(user 'jamet', password 'testfdwpass');"