ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-8480. Kerberos service components should indicate security state (rlevas)
Date Wed, 07 Jan 2015 15:56:04 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk ad75eeb03 -> 3105ccdbe


AMBARI-8480. Kerberos service components should indicate security state (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3105ccdb
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3105ccdb
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3105ccdb

Branch: refs/heads/trunk
Commit: 3105ccdbea65e499dd371e94034d4c15280510f3
Parents: ad75eeb
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Wed Jan 7 10:55:55 2015 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Wed Jan 7 10:55:55 2015 -0500

----------------------------------------------------------------------
 .../package/scripts/kerberos_client.py          | 22 ++++++++++++++++++++
 .../stacks/2.2/KERBEROS/test_kerberos_client.py |  1 +
 2 files changed, 23 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/3105ccdb/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
index a341e8d..8e171c8 100644
--- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
+++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
@@ -18,6 +18,7 @@ limitations under the License.
 """
 
 from kerberos_common import *
+from resource_management.libraries.functions.security_commons import cached_kinit_executor
 
 class KerberosClient(KerberosScript):
   def install(self, env):
@@ -33,6 +34,27 @@ class KerberosClient(KerberosScript):
   def status(self, env):
     raise ClientComponentHasNoStatus()
 
+  def security_status(self, env):
+    import status_params
+    if status_params.security_enabled:
+      if status_params.smoke_user and status_params.smoke_user_keytab:
+        try:
+          cached_kinit_executor(status_params.kinit_path_local,
+                                status_params.smoke_user,
+                                status_params.smoke_user_keytab,
+                                status_params.smoke_user,
+                                status_params.hostname,
+                                status_params.tmp_dir)
+          self.put_structured_out({"securityState": "SECURED_KERBEROS"})
+        except Exception as e:
+          self.put_structured_out({"securityState": "ERROR"})
+          self.put_structured_out({"securityStateErrorInfo": str(e)})
+      else:
+        self.put_structured_out({"securityState": "UNKNOWN"})
+        self.put_structured_out({"securityStateErrorInfo": "Missing smoke user credentials"})
+    else:
+      self.put_structured_out({"securityState": "UNSECURED"})
+
   def set_keytab(self, env):
     KerberosScript.write_keytab_file()
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/3105ccdb/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py b/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py
index 9531c33..3bda3f9 100644
--- a/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py
+++ b/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py
@@ -18,6 +18,7 @@ limitations under the License.
 """
 
 import json
+from mock.mock import MagicMock, patch
 import os
 import sys
 import use_cases


Mime
View raw message