accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mmil...@apache.org
Subject accumulo git commit: ACCUMULO-3626: created warning prompt and force option for --reset-security
Date Tue, 08 Nov 2016 16:29:53 GMT
Repository: accumulo
Updated Branches:
  refs/heads/master 228bfc42b -> 2bf55dce4


ACCUMULO-3626: created warning prompt and force option for --reset-security


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/2bf55dce
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/2bf55dce
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/2bf55dce

Branch: refs/heads/master
Commit: 2bf55dce4a2595654102213d906cb0967756c9a5
Parents: 228bfc4
Author: milleruntime <michaelpmiller@gmail.com>
Authored: Wed Sep 14 10:46:13 2016 -0400
Committer: Mike Miller <mmiller@apache.org>
Committed: Tue Nov 8 07:59:52 2016 -0500

----------------------------------------------------------------------
 .../apache/accumulo/server/init/Initialize.java | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/2bf55dce/server/base/src/main/java/org/apache/accumulo/server/init/Initialize.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/init/Initialize.java b/server/base/src/main/java/org/apache/accumulo/server/init/Initialize.java
index 5094918..b1b6f89 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/init/Initialize.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/init/Initialize.java
@@ -38,6 +38,7 @@ import java.util.UUID;
 import org.apache.accumulo.core.Constants;
 import org.apache.accumulo.core.cli.Help;
 import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.client.Instance;
 import org.apache.accumulo.core.client.IteratorSetting;
 import org.apache.accumulo.core.client.IteratorSetting.Column;
 import org.apache.accumulo.core.client.impl.Namespaces;
@@ -238,7 +239,7 @@ public class Initialize implements KeywordExecutable {
       c.println();
       c.println();
       c.println("You can change the instance secret in accumulo by using:");
-      c.println("   bin/accumulo " + org.apache.accumulo.server.util.ChangeSecret.class.getName()
+ " oldPassword newPassword.");
+      c.println("   bin/accumulo " + org.apache.accumulo.server.util.ChangeSecret.class.getName());
       c.println("You will also need to edit your secret in your configuration file by adding
the property instance.secret to your conf/accumulo-site.xml. "
           + "Without this accumulo will not operate correctly");
     }
@@ -728,8 +729,10 @@ public class Initialize implements KeywordExecutable {
   static class Opts extends Help {
     @Parameter(names = "--add-volumes", description = "Initialize any uninitialized volumes
listed in instance.volumes")
     boolean addVolumes = false;
-    @Parameter(names = "--reset-security", description = "just update the security information")
+    @Parameter(names = "--reset-security", description = "just update the security information,
will prompt")
     boolean resetSecurity = false;
+    @Parameter(names = {"-f", "--force"}, description = "force reset of the security information
without prompting")
+    boolean forceResetSecurity = false;
     @Parameter(names = "--clear-instance-name", description = "delete any existing instance
name without prompting")
     boolean clearInstanceName = false;
     @Parameter(names = "--instance-name", description = "the instance name, if not provided,
will prompt")
@@ -760,8 +763,19 @@ public class Initialize implements KeywordExecutable {
       VolumeManager fs = VolumeManagerImpl.get(acuConf);
 
       if (opts.resetSecurity) {
-        AccumuloServerContext context = new AccumuloServerContext(new ServerConfigurationFactory(HdfsZooInstance.getInstance()));
+        log.info("Resetting security on accumulo.");
+        Instance instance = HdfsZooInstance.getInstance();
+        AccumuloServerContext context = new AccumuloServerContext(new ServerConfigurationFactory(instance));
         if (isInitialized(fs)) {
+          if (!opts.forceResetSecurity) {
+            ConsoleReader c = getConsoleReader();
+            String userEnteredName = c.readLine("WARNING: This will remove all users from
Accumulo! If you wish to proceed enter the instance name: ");
+            if (userEnteredName != null && !instance.getInstanceName().equals(userEnteredName))
{
+              log.error("Aborted reset security: Instance name did not match current instance.");
+              return;
+            }
+          }
+
           final String rootUser = getRootUserName(opts);
           opts.rootpass = getRootPassword(opts, rootUser);
           initSecurity(context, opts, HdfsZooInstance.getInstance().getInstanceID(), rootUser);


Mime
View raw message