ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Artem Baranchuk" <abaranc...@hortonworks.com>
Subject Re: Review Request 37679: Manual registration of non root ambari agent with two way ssl authentication failed
Date Fri, 21 Aug 2015 14:28:22 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37679/#review96044
-----------------------------------------------------------

Ship it!


Ship It!

- Artem Baranchuk


On Авг. 21, 2015, 2:27 п.п., Dmytro Sen wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/37679/
> -----------------------------------------------------------
> 
> (Updated Авг. 21, 2015, 2:27 п.п.)
> 
> 
> Review request for Ambari, Artem Baranchuk, Dmitro Lisnichenko, Myroslav Papirkovskyy,
and Vitalyi Brodetskyi.
> 
> 
> Bugs: AMBARI-12853
>     https://issues.apache.org/jira/browse/AMBARI-12853
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> Install ambari-server
> Generate necessary certificates and setup ambari two way ssl authentication.
> Install ambari-agent on hosts.
> Configure ambari-agent to run under non root user.
> Try manual host registration.
> IOError: Request to 
> https://192.168.64.101:8441/agent/v1/register/c6402.ambari.apache.org failed due to [Errno
13] Permission denied: '/var/lib/ambari-agent/keys/ca.crt'
> /var/lib/ambari-agent/keys is created when package is installed and has root owner, so
when ambari-agent is running under non-root it is not able to write to that dir.
> Should I chown that dir when configuring non root agents? Or agent itself should manage
that dir?
> 
> 
> Diffs
> -----
> 
>   ambari-agent/conf/unix/ambari-agent f665934 
> 
> Diff: https://reviews.apache.org/r/37679/diff/
> 
> 
> Testing
> -------
> 
> Unit tests passed
> 
> 
> Thanks,
> 
> Dmytro Sen
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message