ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-22950) SPNEGO service keytab is getting deleted upon deleting component from host
Date Fri, 09 Feb 2018 02:20:00 GMT
Robert Levas created AMBARI-22950:
-------------------------------------

             Summary: SPNEGO service keytab is getting deleted upon deleting component from
host
                 Key: AMBARI-22950
                 URL: https://issues.apache.org/jira/browse/AMBARI-22950
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.7.0
            Reporter: Robert Levas
            Assignee: Robert Levas
             Fix For: 2.70


spnego.service.keytab is getting deleted upon deleting components.

Steps to reproduce :
# Add additional "livy" component to some host in the cluster
# Delete added "livy" component
# Deletion of livy is deleting /etc/security/keytabs/spnego.service.keytab as well


The cause of this is due to an invalid check to determine if a Kerberos identity is a reference
or no at 
{code:title=org.apache.ambari.server.state.kerberos.AbstractKerberosDescriptorContainer#getIdentitiesSkipReferences}
  public List<KerberosIdentityDescriptor> getIdentitiesSkipReferences() {
    return nullToEmpty(getIdentities())
      .stream()
      .filter(identity -> !identity.getReferencedServiceName().isPresent() && identity.getName()
!= null && !identity.getName().startsWith("/"))
      .collect(toList());
  }
{code}

The fixed code should be

{code:title=org.apache.ambari.server.state.kerberos.AbstractKerberosDescriptorContainer#getIdentitiesSkipReferences}
  public List<KerberosIdentityDescriptor> getIdentitiesSkipReferences() {
    return nullToEmpty(getIdentities())
      .stream()
.filter(identity -> !identity.getReferencedServiceName().isPresent() && !identity.isReference())
     .collect(toList());
  }
{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message