Return-Path: 
 <commits-return-19722-apmail-ambari-commits-archive=ambari.apache.org@ambari.apache.org>
X-Original-To: apmail-ambari-commits-archive@www.apache.org
Delivered-To: apmail-ambari-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 4008918BAE
	for <apmail-ambari-commits-archive@www.apache.org>;
 Tue, 25 Aug 2015 21:42:08 +0000 (UTC)
Received: (qmail 55248 invoked by uid 500); 25 Aug 2015 21:42:08 -0000
Delivered-To: apmail-ambari-commits-archive@ambari.apache.org
Received: (qmail 55219 invoked by uid 500); 25 Aug 2015 21:42:08 -0000
Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@ambari.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@ambari.apache.org>
List-Post: <mailto:commits@ambari.apache.org>
List-Id: <commits.ambari.apache.org>
Reply-To: ambari-dev@ambari.apache.org
Delivered-To: mailing list commits@ambari.apache.org
Received: (qmail 55208 invoked by uid 99); 25 Aug 2015 21:42:08 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Aug 2015 21:42:08 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id F31CCE0283; Tue, 25 Aug 2015 21:42:07 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: alejandro@apache.org
To: commits@ambari.apache.org
Message-Id: <93622be3f6bb49e9b7d8cb244255181f@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: ambari git commit: AMBARI-12864. Allow Ranger & Ranger KMS service to
 installed using custom service user (Gautam Borad via alejandro)
Date: Tue, 25 Aug 2015 21:42:07 +0000 (UTC)

Repository: ambari
Updated Branches:
  refs/heads/trunk e60dbb4e0 -> 7852bc431


AMBARI-12864. Allow Ranger & Ranger KMS service to installed using custom service user (Gautam Borad via alejandro)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7852bc43
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7852bc43
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7852bc43

Branch: refs/heads/trunk
Commit: 7852bc431565acea04a2b0df5ac43b673e4ec1a1
Parents: e60dbb4
Author: Alejandro Fernandez <afernandez@hortonworks.com>
Authored: Tue Aug 25 14:40:04 2015 -0700
Committer: Alejandro Fernandez <afernandez@hortonworks.com>
Committed: Tue Aug 25 14:40:04 2015 -0700

----------------------------------------------------------------------
 .../functions/setup_ranger_plugin_xml.py        |  8 -------
 .../0.96.0.2.0/package/scripts/params_linux.py  |  2 +-
 .../2.1.0.2.0/package/scripts/params_linux.py   |  2 +-
 .../0.12.0.2.0/package/scripts/params_linux.py  |  2 +-
 .../RANGER/0.4.0/package/scripts/params.py      | 11 ++++++++-
 .../0.4.0/package/scripts/setup_ranger_xml.py   | 22 +++++++++++++++++-
 .../RANGER_KMS/0.5.0.2.3/package/scripts/kms.py | 24 ++++++++++++++++----
 .../0.5.0.2.3/package/scripts/params.py         |  2 +-
 .../2.1.0.2.0/package/scripts/params_linux.py   |  2 +-
 9 files changed, 55 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py b/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
index 0d2a6d3..cf40a75 100644
--- a/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
+++ b/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
@@ -51,14 +51,6 @@ def setup_ranger_plugin(component_select_name, service_name,
     mode = 0644
   )
 
-  directory_path = os.path.dirname(component_driver_curl_target)
-
-  if not os.path.exists(directory_path):
-    Logger.info('Creating directory path {0}'.format(directory_path))
-    Directory(directory_path,
-      mode=0755
-    )
-
   Execute(('cp', '--remove-destination', component_downloaded_custom_connector, component_driver_curl_target),
     path=["/bin", "/usr/bin/"],
     sudo=True

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
index c9aa97f..d515dad 100644
--- a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
@@ -255,7 +255,7 @@ if has_ranger_admin:
 
   downloaded_custom_connector = format("{exec_tmp_dir}/{jdbc_jar_name}")
   driver_curl_source = format("{jdk_location}/{jdbc_symlink_name}")
-  driver_curl_target = format("{java_share_dir}/{jdbc_jar_name}")
+  driver_curl_target = format("/usr/hdp/current/{component_directory}/lib/{jdbc_jar_name}")
 
   hbase_ranger_plugin_config = {
     'username': repo_config_username,

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py
index 5f6b8fe..4d8ac0b 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py
@@ -427,7 +427,7 @@ if has_ranger_admin:
 
   downloaded_custom_connector = format("{tmp_dir}/{jdbc_jar_name}")
   driver_curl_source = format("{jdk_location}/{jdbc_symlink_name}")
-  driver_curl_target = format("{java_share_dir}/{jdbc_jar_name}")
+  driver_curl_target = format("{hadoop_lib_home}/{jdbc_jar_name}")
 
   hdfs_ranger_plugin_config = {
     'username': repo_config_username,

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
index 7f622eb..a5abcb5 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
@@ -533,7 +533,7 @@ if has_ranger_admin:
   ranger_downloaded_custom_connector = format("{tmp_dir}/{ranger_jdbc_jar_name}")
   
   ranger_driver_curl_source = format("{jdk_location}/{ranger_jdbc_symlink_name}")
-  ranger_driver_curl_target = format("{java_share_dir}/{ranger_jdbc_jar_name}")
+  ranger_driver_curl_target = format("{hive_lib}/{ranger_jdbc_jar_name}")
 
   hive_ranger_plugin_config = {
     'username': repo_config_username,

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
index 6f039b2..8e84587 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
@@ -49,6 +49,9 @@ create_db_dbuser = config['configurations']['ranger-env']['create_db_dbuser']
 stack_is_hdp22_or_further = Script.is_hdp_stack_greater_or_equal("2.2")
 stack_is_hdp23_or_further = Script.is_hdp_stack_greater_or_equal("2.3")
 
+ranger_conf    = '/etc/ranger/admin/conf'
+ranger_ugsync_conf = '/etc/ranger/usersync/conf'
+
 if stack_is_hdp22_or_further:
   ranger_home    = '/usr/hdp/current/ranger-admin'
   ranger_conf    = '/etc/ranger/admin/conf'
@@ -69,7 +72,13 @@ java_home = config['hostLevelParams']['java_home']
 unix_user  = config['configurations']['ranger-env']['ranger_user']
 unix_group = config['configurations']['ranger-env']['ranger_group']
 ranger_pid_dir = config['configurations']['ranger-env']['ranger_pid_dir']
-usersync_log_dir = config['configurations']['ranger-env']['ranger_usersync_log_dir']
+usersync_log_dir = default("/configurations/ranger-env/ranger_usersync_log_dir", "/var/log/ranger/usersync")
+admin_log_dir = default("/configurations/ranger-env/ranger_admin_log_dir", "/var/log/ranger/admin")
+ranger_admin_default_file = format('{ranger_conf}/ranger-admin-default-site.xml')
+security_app_context_file = format('{ranger_conf}/security-applicationContext.xml')
+ranger_ugsync_default_file = format('{ranger_ugsync_conf}/ranger-ugsync-default.xml')
+usgsync_log4j_file = format('{ranger_ugsync_conf}/log4j.xml')
+cred_validator_file = format('{usersync_home}/native/credValidator.uexe')
 
 ambari_server_hostname = config['clusterHostInfo']['ambari_server_host'][0]
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
index a3aa5bb..de7726a 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
@@ -47,6 +47,12 @@ def setup_ranger_admin(rolling_upgrade=False):
   ranger_home = params.ranger_home
   ranger_conf = params.ranger_conf
 
+  Directory(ranger_conf,
+    owner = params.unix_user,
+    group = params.unix_group,
+    recursive = True
+  )
+
   if rolling_upgrade:
     ranger_home = format("/usr/hdp/{version}/ranger-admin")
     ranger_conf = format("/usr/hdp/{version}/ranger-admin/conf")
@@ -82,6 +88,14 @@ def setup_ranger_admin(rolling_upgrade=False):
 
   Execute(('chown','-R',format('{unix_user}:{unix_group}'), format('{ranger_home}/')), sudo=True)
 
+  Directory(params.admin_log_dir,
+    owner = params.unix_user,
+    group = params.unix_group
+  )
+
+  File(params.ranger_admin_default_file, owner=params.unix_user, group=params.unix_group)
+  File(params.security_app_context_file, owner=params.unix_user, group=params.unix_group)
+
   Execute(('ln','-sf', format('{ranger_home}/ews/ranger-admin-services.sh'),'/usr/bin/ranger-admin'),
     not_if=format("ls /usr/bin/ranger-admin"),
     only_if=format("ls {ranger_home}/ews/ranger-admin-services.sh"),
@@ -113,7 +127,9 @@ def setup_ranger_db(rolling_upgrade=False):
   )
 
   Directory(params.java_share_dir,
-    mode=0755
+    mode=0755,
+    recursive=True,
+    cd_access="a"
   )
 
   Execute(('cp', '--remove-destination', params.downloaded_custom_connector, params.driver_curl_target),
@@ -241,6 +257,10 @@ def setup_usersync():
     group=params.unix_group,
     mode=0644)
 
+  File(params.ranger_ugsync_default_file, owner=params.unix_user, group=params.unix_group)
+  File(params.usgsync_log4j_file, owner=params.unix_user, group=params.unix_group)
+  File(params.cred_validator_file, group=params.unix_group, mode=04555)
+
   cred_lib = os.path.join(params.usersync_home,"lib","*")
   cred_setup_prefix = (format('{ranger_home}/ranger_credential_helper.py'), '-l', cred_lib)
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
index d9bb941..1ed28c4 100755
--- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
+++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
@@ -46,7 +46,9 @@ def setup_kms_db():
     )
 
     Directory(params.java_share_dir,
-      mode=0755
+      mode=0755,
+      recursive=True,
+      cd_access="a"
     )
     
     Execute(('cp', '--remove-destination', params.downloaded_custom_connector, params.driver_curl_target),
@@ -66,14 +68,15 @@ def setup_kms_db():
     File(os.path.join(params.kms_home, 'ews', 'webapp', 'lib', params.jdbc_jar_name), mode=0644)
 
     ModifyPropertiesFile(format("/usr/hdp/current/ranger-kms/install.properties"),
-      properties = params.config['configurations']['kms-properties']
+      properties = params.config['configurations']['kms-properties'],
+      owner = params.kms_user
     )
 
     dba_setup = format('python {kms_home}/dba_script.py -q')
     db_setup = format('python {kms_home}/db_setup.py')
 
-    Execute(dba_setup, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True)
-    Execute(db_setup, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True)
+    Execute(dba_setup, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True, user=params.kms_user)
+    Execute(db_setup, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True, user=params.kms_user)
 
 def setup_java_patch():
   import params
@@ -81,7 +84,7 @@ def setup_java_patch():
   if params.has_ranger_admin:
 
     setup_java_patch = format('python {kms_home}/db_setup.py -javapatch')
-    Execute(setup_java_patch, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True)
+    Execute(setup_java_patch, environment={'RANGER_KMS_HOME':params.kms_home, 'JAVA_HOME': params.java_home}, logoutput=True, user=params.kms_user)
 
     kms_lib_path = format('{kms_home}/ews/webapp/lib/')
     files = os.listdir(kms_lib_path)
@@ -121,6 +124,12 @@ def kms():
 
   if params.has_ranger_admin:
 
+    Directory(params.kms_conf_dir,
+      owner = params.kms_user,
+      group = params.kms_group,
+      recursive = True
+    )
+
     File(params.downloaded_connector_path,
       content = DownloadSource(params.driver_source),
       mode = 0644
@@ -149,6 +158,11 @@ def kms():
 
     Execute(('chown','-R',format('{kms_user}:{kms_group}'), format('{kms_home}/')), sudo=True)
 
+    Directory(params.kms_log_dir,
+      owner = params.kms_user,
+      group = params.kms_group
+    )
+
     Execute(('ln','-sf', format('{kms_home}/ranger-kms'),'/usr/bin/ranger-kms'),
       not_if=format('ls /usr/bin/ranger-kms'),
       only_if=format('ls {kms_home}/ranger-kms'),

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/params.py
index 9d895f4..1dbf3b1 100755
--- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/params.py
@@ -38,7 +38,7 @@ if stack_is_hdp23_or_further:
   kms_home = '/usr/hdp/current/ranger-kms'
   kms_conf_dir = '/usr/hdp/current/ranger-kms/conf'
   
-kms_log_dir = config['configurations']['kms-env']['kms_log_dir']
+kms_log_dir = default("/configurations/kms-env/kms_log_dir", "/var/log/ranger/kms")
 java_home = config['hostLevelParams']['java_home']
 kms_user  = default("/configurations/kms-env/kms_user", "kms")
 kms_group = default("/configurations/kms-env/kms_group", "kms")

http://git-wip-us.apache.org/repos/asf/ambari/blob/7852bc43/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py
index f3914f3..9857d03 100644
--- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py
@@ -357,7 +357,7 @@ if has_ranger_admin:
     downloaded_custom_connector = format("{tmp_dir}/{jdbc_jar_name}")
 
     driver_curl_source = format("{jdk_location}/{jdbc_symlink_name}")
-    driver_curl_target = format("{java_share_dir}/{jdbc_jar_name}")
+    driver_curl_target = format("{hadoop_yarn_home}/lib/{jdbc_jar_name}")
 
     ranger_audit_solr_urls = config['configurations']['ranger-admin-site']['ranger.audit.solr.urls']
     xa_audit_db_is_enabled = config['configurations']['ranger-yarn-audit']['xasecure.audit.destination.db'] if xml_configurations_supported else None