Return-Path: X-Original-To: apmail-ambari-dev-archive@www.apache.org Delivered-To: apmail-ambari-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 68D8117938 for ; Wed, 8 Oct 2014 14:45:36 +0000 (UTC) Received: (qmail 50970 invoked by uid 500); 8 Oct 2014 14:45:35 -0000 Delivered-To: apmail-ambari-dev-archive@ambari.apache.org Received: (qmail 50937 invoked by uid 500); 8 Oct 2014 14:45:35 -0000 Mailing-List: contact dev-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ambari.apache.org Delivered-To: mailing list dev@ambari.apache.org Received: (qmail 50814 invoked by uid 99); 8 Oct 2014 14:45:35 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 Oct 2014 14:45:34 +0000 Date: Wed, 8 Oct 2014 14:45:34 +0000 (UTC) From: "Jonathan Hurley (JIRA)" To: dev@ambari.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (AMBARI-7687) Allow nologin shell to be the default shell for service users. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/AMBARI-7687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Hurley updated AMBARI-7687: ------------------------------------ Attachment: (was: AMBARI-7686_branch-1.7.0.patch) > Allow nologin shell to be the default shell for service users. > --------------------------------------------------------------- > > Key: AMBARI-7687 > URL: https://issues.apache.org/jira/browse/AMBARI-7687 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 1.6.1 > Reporter: Jonathan Hurley > Assignee: Jonathan Hurley > Priority: Critical > Fix For: 1.7.0 > > Attachments: AMBARI-7687.patch > > > In production cluster, after restart cluster, all hadoop users automatically changed shell to /bin/bash from /bin/nologin except zookeeper and sqoop. > STEPS TO REPRODUCE: > 1) change all hadoop users (Hive, oozie etc) to shell /bin/nologin > 2) restart cluster > 3) verify user shell changed to /bin/bash except zookeeper and sqoop, by below script: > {code} > # for NAME in hcat hdfs hive mapred nagios oozie zkeeper ambariqa yarn storm falcon tez zookeeper sqoop > > do > > grep $NAME /etc/passwd > > done > hcat:x:209132:6622:Sponsor - MOTS ID 19073:/home/hcat:/bin/bash > hdfs:x:208090:6622:Sponsor - MOTS ID 19073:/home/hdfs:/bin/bash > hive:x:209130:6622:Sponsor - MOTS ID 19073:/home/hive:/bin/bash > mapred:x:208111:6622:Sponsor - MOTS ID 19073:/home/mapred:/bin/bash > nagios:x:80410:32966:Sponsor - MOTS ID 19073:/home/nagios:/bin/bash > oozie:x:209136:6622:Sponsor - MOTS ID 19073:/home/oozie:/bin/bash > zkeeper:x:202510:6622:Sponsor - MOTS ID 19073:/home/zkeeper:/bin/bash > ambariqa:x:266570:6622:Sponsor - MOTS ID 19073:/home/ambariqa:/bin/bash > yarn:x:496:6622:Hadoop Yarn:/var/lib/hadoop-yarn:/bin/bash > storm:x:59761:6622::/home/storm:/bin/bash > falcon:x:494:6622:Falcon:/var/lib/falcon:/bin/bash > tez:x:59760:6622::/home/tez:/bin/bash > zookeeper:x:498:6622:ZooKeeper:/var/run/zookeeper:/bin/nologin > sqoop:x:497:6622:Sqoop:/var/lib/sqoop:/bin/nologin > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)