kudu-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a...@apache.org
Subject [kudu] 02/03: KUDU-2717. Add an environment variable override for username
Date Fri, 29 Mar 2019 04:18:47 GMT
This is an automated email from the ASF dual-hosted git repository.

adar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kudu.git

commit 20a3976d7eafc038f2b118d53066c26ddd2d4903
Author: Todd Lipcon <todd@apache.org>
AuthorDate: Wed Feb 27 15:19:34 2019 -0800

    KUDU-2717. Add an environment variable override for username
    
    This adds a KUDU_USER_NAME environment variable which overrides the
    lookup of the local unix user. This is a client-side identity which is
    easy to spoof anyway (eg via LD_PRELOAD) so providing such an override
    doesn't harm any security. But, it adds a certain amount of convenience
    when trying to use kudu tools against an insecure cluster.
    
    No tests are added since this is pretty trivial code, but I tested
    manually that I was able to call 'kudu master set_flags' against a
    remote cluster after specifying KUDU_USER_NAME=kudu
    
    Change-Id: I9d42a3efbf26882f086046c276d5f9965a4068f5
    Reviewed-on: http://gerrit.cloudera.org:8080/12627
    Tested-by: Kudu Jenkins
    Reviewed-by: Grant Henke <granthenke@apache.org>
---
 src/kudu/util/user.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/kudu/util/user.cc b/src/kudu/util/user.cc
index f44e040..abea3e6 100644
--- a/src/kudu/util/user.cc
+++ b/src/kudu/util/user.cc
@@ -18,12 +18,14 @@
 #include "kudu/util/user.h"
 
 #include <pwd.h>
+#include <string.h>
 #include <unistd.h>
 
 #include <cerrno>
 #include <cstdint>
 #include <cstdlib>
 #include <mutex>
+#include <ostream>
 #include <string>
 #include <utility>
 
@@ -40,6 +42,13 @@ namespace kudu {
 namespace {
 
 Status DoGetLoggedInUser(string* user_name) {
+  const char* override_username = getenv("KUDU_USER_NAME");
+  if (override_username && strlen(override_username)) {
+    VLOG(1) << "Overriding logged-in user name to " << override_username;
+    *user_name = override_username;
+    return Status::OK();;
+  }
+
   DCHECK(user_name != nullptr);
 
   struct passwd pwd;


Mime
View raw message