ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-12782) Handle file permissions for jceks file in umask 027
Date Thu, 20 Aug 2015 18:33:47 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-12782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14705517#comment-14705517
] 

Hudson commented on AMBARI-12782:
---------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #3303 (See [https://builds.apache.org/job/Ambari-trunk-Commit/3303/])
AMBARI-12782. Handle file permissions for jceks file in umask 027 (Gautam Borad via alejandro)
(afernandez: http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=ba4e1c956ed30a1cd6553af85ddd61d136061f6c)
* ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
* ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
* ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py


> Handle file permissions for jceks file in umask 027
> ---------------------------------------------------
>
>                 Key: AMBARI-12782
>                 URL: https://issues.apache.org/jira/browse/AMBARI-12782
>             Project: Ambari
>          Issue Type: Bug
>    Affects Versions: 2.1.1
>            Reporter: Gautam Borad
>            Assignee: Gautam Borad
>             Fix For: 2.1.2
>
>         Attachments: AMBARI-12782.patch
>
>
> # Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
> ** Audit to DB fails in a case if Ranger is not installed on same host as that of component
host.
> ** For example Ranger is running on Host1 and Hiveserver2 is running on Host2. Then as
/etc/ranger/<repository_name> gets created and has owner as hive user. However, due
to umask setting /etc/ranger gets 750 permission with root:root as owner:group.
> ** Due to this when hive user tries to read the jceks file to generate audits to DB -
it gets permission denied error.
> # rectifying ranger_audit_db passwd to be used while creating jceks for Ranger Audit
DB



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message