Repository: ambari Updated Branches: refs/heads/trunk ad75eeb03 -> 3105ccdbe
AMBARI-8480. Kerberos service components should indicate security state (rlevas) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3105ccdb Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3105ccdb Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3105ccdb Branch: refs/heads/trunk Commit: 3105ccdbea65e499dd371e94034d4c15280510f3 Parents: ad75eeb Author: Robert Levas <[email protected]> Authored: Wed Jan 7 10:55:55 2015 -0500 Committer: Robert Levas <[email protected]> Committed: Wed Jan 7 10:55:55 2015 -0500 ---------------------------------------------------------------------- .../package/scripts/kerberos_client.py | 22 ++++++++++++++++++++ .../stacks/2.2/KERBEROS/test_kerberos_client.py | 1 + 2 files changed, 23 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/3105ccdb/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py index a341e8d..8e171c8 100644 --- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py +++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py @@ -18,6 +18,7 @@ limitations under the License. """ from kerberos_common import * +from resource_management.libraries.functions.security_commons import cached_kinit_executor class KerberosClient(KerberosScript): def install(self, env): @@ -33,6 +34,27 @@ class KerberosClient(KerberosScript): def status(self, env): raise ClientComponentHasNoStatus() + def security_status(self, env): + import status_params + if status_params.security_enabled: + if status_params.smoke_user and status_params.smoke_user_keytab: + try: + cached_kinit_executor(status_params.kinit_path_local, + status_params.smoke_user, + status_params.smoke_user_keytab, + status_params.smoke_user, + status_params.hostname, + status_params.tmp_dir) + self.put_structured_out({"securityState": "SECURED_KERBEROS"}) + except Exception as e: + self.put_structured_out({"securityState": "ERROR"}) + self.put_structured_out({"securityStateErrorInfo": str(e)}) + else: + self.put_structured_out({"securityState": "UNKNOWN"}) + self.put_structured_out({"securityStateErrorInfo": "Missing smoke user credentials"}) + else: + self.put_structured_out({"securityState": "UNSECURED"}) + def set_keytab(self, env): KerberosScript.write_keytab_file() http://git-wip-us.apache.org/repos/asf/ambari/blob/3105ccdb/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py b/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py index 9531c33..3bda3f9 100644 --- a/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py +++ b/ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py @@ -18,6 +18,7 @@ limitations under the License. """ import json +from mock.mock import MagicMock, patch import os import sys import use_cases
