zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lionel Cons (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ZOOKEEPER-2843) auth_to_local should support reading rules from a file
Date Thu, 13 Jul 2017 07:16:00 GMT
Lionel Cons created ZOOKEEPER-2843:
--------------------------------------

             Summary: auth_to_local should support reading rules from a file
                 Key: ZOOKEEPER-2843
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843
             Project: ZooKeeper
          Issue Type: Improvement
            Reporter: Lionel Cons


The current handling of {{zookeeper.security.auth_to_local}} in {{KerberosName.java}} only
support rules given directly as the property value.

These rules must therefore be given on the command line and:
* must be escaped properly to avoid shell expansion
* are visible in the {{ps}} output

It would be much better to put these rules in a file and pass the file path as the property
value. We would then use something like {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}.

Note that using the {{file:}} prefix allows keeping backward compatibility.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message