ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From v..@apache.org
Subject [2/3] incubator-ranger git commit: RANGER-1096 : Revert to jceks scheme for credential store related operations
Date Wed, 13 Jul 2016 21:50:12 GMT
RANGER-1096 : Revert to jceks scheme for credential store related operations

Signed-off-by: Velmurugan Periasamy <vel@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/35e9c10e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/35e9c10e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/35e9c10e

Branch: refs/heads/master
Commit: 35e9c10e53fd9d7fbef554a1c6fedfe84d36c736
Parents: 0798252
Author: Mehul Parikh <mehul.parikh@freestoneinfotech.com>
Authored: Tue Jul 12 19:32:33 2016 +0530
Committer: Velmurugan Periasamy <vel@apache.org>
Committed: Wed Jul 13 17:16:15 2016 -0400

----------------------------------------------------------------------
 .../apache/ranger/credentialapi/buildks.java    | 16 +++---
 .../scripts/ranger-admin-services.sh            | 54 ++++++++++++--------
 .../ranger/credentialapi/CredentialReader.java  |  7 +--
 3 files changed, 44 insertions(+), 33 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/35e9c10e/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
----------------------------------------------------------------------
diff --git a/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
b/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
index 15b5a7e..d8ffe2c 100644
--- a/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
+++ b/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
@@ -183,9 +183,9 @@ public class buildks {
 			if(providerPath!=null && !providerPath.trim().isEmpty() && !providerPath.startsWith("localjceks://file")&&!providerPath.startsWith("jceks://file"))
 			{
     			if(providerPath.startsWith("/")){
-					providerPath="localjceks://file"+providerPath;
+					providerPath="jceks://file"+providerPath;
 				}else{
-					providerPath="localjceks://file/"+providerPath;
+					providerPath="jceks://file/"+providerPath;
 				}
         	}	        	
     		command="create";
@@ -415,16 +415,16 @@ public class buildks {
 	
 	public static void displaySyntax(String command){
 		if(command!=null && command.trim().equalsIgnoreCase("create")){
-			System.out.println("Correct syntax is:create <aliasname> -value <password>
-provider <localjceks://file/filepath>");
-			System.out.println("sample command is:create myalias -value password123 -provider localjceks://file/tmp/ks/myks.jceks");
+			System.out.println("Correct syntax is:create <aliasname> -value <password>
-provider <jceks://file/filepath>");
+			System.out.println("sample command is:create myalias -value password123 -provider jceks://file/tmp/ks/myks.jceks");
 		}
 		if(command!=null && command.trim().equalsIgnoreCase("list")){
-			System.out.println("Correct syntax is:list -provider <localjceks://file/filepath>");
-			System.out.println("sample command is:list -provider localjceks://file/tmp/ks/myks.jceks");
+			System.out.println("Correct syntax is:list -provider <jceks://file/filepath>");
+			System.out.println("sample command is:list -provider jceks://file/tmp/ks/myks.jceks");
 		}
 		if(command!=null && command.trim().equalsIgnoreCase("get")){
-			System.out.println("Correct syntax is:get <aliasname> -provider <localjceks://file/filepath>");
-			System.out.println("sample command is:get myalias -provider localjceks://file/tmp/ks/myks.jceks");
+			System.out.println("Correct syntax is:get <aliasname> -provider <jceks://file/filepath>");
+			System.out.println("sample command is:get myalias -provider jceks://file/tmp/ks/myks.jceks");
 		}
 	}
 	public String getCredential(String args[]){

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/35e9c10e/embeddedwebserver/scripts/ranger-admin-services.sh
----------------------------------------------------------------------
diff --git a/embeddedwebserver/scripts/ranger-admin-services.sh b/embeddedwebserver/scripts/ranger-admin-services.sh
index 95caacd..f672236 100755
--- a/embeddedwebserver/scripts/ranger-admin-services.sh
+++ b/embeddedwebserver/scripts/ranger-admin-services.sh
@@ -76,34 +76,44 @@ stop(){
 	NR_ITER_FOR_SHUTDOWN_CHECK=15
 	if [ -f "$pidf" ] ; then
 		pid=`cat $pidf` > /dev/null 2>&1
-		echo "Found Apache Ranger Admin Service with pid $pid, Stopping it..."
-		nohup java ${JAVA_OPTS} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR}
-cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${RANGER_HADOOP_CONF_DIR}/*:$CLASSPATH"
org.apache.ranger.server.tomcat.StopEmbeddedServer > ${RANGER_ADMIN_LOG_DIR}/catalina.out
2>&1
-		for ((i=0; i<$NR_ITER_FOR_SHUTDOWN_CHECK; i++))
-                do
-                        sleep $WAIT_TIME_FOR_SHUTDOWN
-                        if ps -p $pid > /dev/null ; then
-                                echo "Shutdown in progress. Will check after $WAIT_TIME_FOR_SHUTDOWN
secs again.."
-                                continue;
-                        else
-                                break;
-                        fi
-                done
-		# if process is still around, use kill -9
-		if ps -p $pid > /dev/null ; then
-			echo "Initial kill failed, getting serious now..."
-			kill -9 $pid
+		echo "Getting pid from $pidf .."
+	else
+		pid=`ps -ef | grep java | grep -- '-Dproc_rangeradmin' | grep -v grep | awk '{ print $2
}'`
+		if [ "$pid" != "" ];then
+			echo "pid file($pidf) not present, taking pid from \'ps\' command.."
+		else
+			echo "Apache Ranger Admin Service is not running"
+			exit
 		fi
-		sleep 1 #give kill -9  sometime to "kill"
+	fi
+
+	echo "Found Apache Ranger Admin Service with pid $pid, Stopping it..."
+	nohup java ${JAVA_OPTS} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR}
-cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${RANGER_HADOOP_CONF_DIR}/*:$CLASSPATH"
org.apache.ranger.server.tomcat.StopEmbeddedServer > ${RANGER_ADMIN_LOG_DIR}/catalina.out
2>&1
+	for ((i=0; i<$NR_ITER_FOR_SHUTDOWN_CHECK; i++))
+	do
+		sleep $WAIT_TIME_FOR_SHUTDOWN
 		if ps -p $pid > /dev/null ; then
-			echo "Wow, even kill -9 failed, giving up! Sorry.."
-			exit 1
+			echo "Shutdown in progress. Will check after $WAIT_TIME_FOR_SHUTDOWN secs again.."
+			continue;
 		else
-			rm -rf $pidf
-			echo "Apache Ranger Admin Service with pid ${pid} has been stopped."
+			break;
 		fi
+	done
+	# if process is still around, use kill -9
+	if ps -p $pid > /dev/null ; then
+		echo "Initial kill failed, getting serious now..."
+		kill -9 $pid
+	fi
+	sleep 1 #give kill -9  sometime to "kill"
+	if ps -p $pid > /dev/null ; then
+		echo "Wow, even kill -9 failed, giving up! Sorry.."
+		exit 1
+
 	else
-		echo "Apache Ranger Admin Service is not running"
+		rm -rf $pidf
+		echo "Apache Ranger Admin Service with pid ${pid} has been stopped."
 	fi
+
 }
 if [ "${action}" == "START" ]; then
 	if [ -f "$pidf" ] ; then

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/35e9c10e/security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
b/security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
index 5d536ac..429be27 100644
--- a/security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
+++ b/security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
@@ -36,11 +36,12 @@ public class CredentialReader {
 			  }		  		  
 			  char[] pass = null;
 			  Configuration conf = new Configuration();
-			  String crendentialProviderPrefix=JavaKeyStoreProvider.SCHEME_NAME + "://file";
-			  crendentialProviderPrefix=crendentialProviderPrefix.toLowerCase();
+			  String crendentialProviderPrefixJceks=JavaKeyStoreProvider.SCHEME_NAME + "://file";
+			  String crendentialProviderPrefixLocalJceks="localjceks://file";
+			  crendentialProviderPrefixJceks=crendentialProviderPrefixJceks.toLowerCase();
 			  CrendentialProviderPath=CrendentialProviderPath.trim();
 			  alias=alias.trim();
-			  if(CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefix)){
+			  if(CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixJceks)
||  CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixLocalJceks)){
 				  conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
 						   //UserProvider.SCHEME_NAME + ":///," +
 				  CrendentialProviderPath);


Mime
View raw message