GlusterFS Logs Exposing Credentials at INFO Log Level

[dipaksisodiya140]

While working with GlusterFS, we observed that when the log level is set to INFO, sensitive information such as usernames and passwords (e.g., for volume mounts or authentication) are being written to the logs. This poses a security risk, especially in production environments where logs are collected and stored centrally for auditing or debugging.

Is it possible to either:

1. Mask or redact sensitive fields (e.g., replace with ****)
2. Provide a configuration option to disable logging of sensitive data entirely?

@vbellur mentions in #1137 the read-only nature of the logs is to mask these credentials from non root users, which i guess achieves this in some sense. My use case though required these logs to be collected and stored, and sometimes audited, and having these credentials in them is of some concern.

[pranithk]

@sbk173 Could you take a look into this one