ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Nettleton (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-9480) Ranger password properties are incorrectly included in Blueprint export
Date Thu, 05 Feb 2015 14:23:34 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-9480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14307250#comment-14307250
] 

Robert Nettleton commented on AMBARI-9480:
------------------------------------------

There is no change to the java or python src code in this patch.  This patch only modifies
the stack definition files, which do not have their own unit tests, as far as I am aware.
 

The manual testing I performed with this patch is documented in the ReviewBoard link in this
JIRA.  

> Ranger password properties are incorrectly included in Blueprint export
> -----------------------------------------------------------------------
>
>                 Key: AMBARI-9480
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9480
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Nettleton
>            Assignee: Robert Nettleton
>             Fix For: 2.0.0
>
>         Attachments: AMBARI-9480.patch
>
>
> Some new security configuration properties related to Ranger have been added to the stack
definitions.  Some of these properties are actually password configuration properties, but
are not currently marked as such in the metadata.  
> This causes exporting a Blueprint from a running cluster to include this password information
in the exported Blueprint.
> Some of the Ranger-related password properties found across the stack are:
> REPOSITORY_CONFIG_PASSWORD
> SSL_TRUSTSTORE_PASSWORD 
> SSL_KEYSTORE_PASSWORD
> The Ambari stack definitions need to be updated, such that these properties are marked
as being of propert-type "PASSWORD".  This will allow the Blueprint configuration processor
to determine that these are indeed password properties, and should not be included in an exported
Blueprint. 
> I'm working on a fix for this, and will be submitting a patch shortly.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message