ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <>
Subject [jira] [Commented] (AMBARI-7976) Ambari: Add oozie install user as an Oozie admin user
Date Sun, 26 Oct 2014 17:10:33 GMT


Hudson commented on AMBARI-7976:

SUCCESS: Integrated in Ambari-trunk-Commit #712 (See [])
AMBARI-7976. Ambari: Add oozie install user as an Oozie admin user (aonishuk) (aonishuk:
* ambari-server/src/main/resources/stacks/HDP/2.0.6/services/OOZIE/package/scripts/
* ambari-server/src/main/resources/stacks/HDP/2.2/services/OOZIE/configuration/oozie-site.xml
* ambari-server/src/main/resources/stacks/HDP/2.0.6/services/OOZIE/metainfo.xml
* ambari-server/src/main/resources/stacks/HDP/2.0.6/services/OOZIE/package/templates/adminusers.txt.j2
* ambari-server/src/main/resources/stacks/HDP/2.0.6/services/OOZIE/package/scripts/
* ambari-common/src/main/python/resource_management/libraries/functions/
* ambari-server/src/test/python/stacks/2.0.6/OOZIE/

> Ambari: Add oozie install user as an Oozie admin user
> -----------------------------------------------------
>                 Key: AMBARI-7976
>                 URL:
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Andrew Onischuk
>            Assignee: Andrew Onischuk
>             Fix For: 1.6.0
> Oozie has an authorization model for admin access to oozie facilities. Oozie
> admin users
>   * have write access to all jobs
>   * have write access to admin operations
> When authorization server security is enabled by config property  
> oozie.service.AuthorizationService.authorization.enabled (which is set to true
> in our installations - the default is false), then admin users are determined
> by either membership in a group identified by the property
> oozie.service.AuthorizationService.admin.groups.
> Since we don't set either of them, we expect users to set the admin usernames
> in the file /etc/oozie/conf/adminusers.txt
> See [Oozie User Authorization Configuration](
> .0/AG_Install.html#User_Authorization_Configuration) for more details on admin
> user configuration
> Because we want to do sharelib update operations which are write access
> operations, the user performing these should be an Oozie admin user. If not,
> the admin operation will fail.
> We should explicitly add the oozie install user as the admin user by adding
> the user to adminusers.txt
> This feature is also needed for rolling upgrade scenarios to explicitly update
> sharelib after upgrading the servers.

This message was sent by Atlassian JIRA

View raw message