This is an automated email from the ASF dual-hosted git repository.
wuzhiguo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/bigtop-manager.git
The following commit(s) were added to refs/heads/main by this push:
new 89a2699 BIGTOP-4184: Remove supplementary groups for service user
(#38)
89a2699 is described below
commit 89a2699386e444f0339802359d42434692c87c30
Author: Zhiguo Wu <[email protected]>
AuthorDate: Fri Aug 9 17:54:14 2024 +0800
BIGTOP-4184: Remove supplementary groups for service user (#38)
---
.../entity/payload/CacheMessagePayload.java | 2 +-
.../message/entity/payload/CommandPayload.java | 2 -
.../apache/bigtop/manager/dao/po/ServicePO.java | 3 -
.../org/apache/bigtop/manager/dao/po/TaskPO.java | 3 -
.../command/stage/AbstractComponentStage.java | 1 -
.../server/command/stage/CacheFileUpdateStage.java | 1 -
.../server/command/stage/HostCheckStage.java | 1 -
.../server/command/task/AbstractComponentTask.java | 1 -
.../manager/server/command/task/AbstractTask.java | 1 -
.../server/command/task/CacheFileUpdateTask.java | 6 +-
.../manager/server/command/task/TaskContext.java | 2 -
.../server/model/converter/ServiceConverter.java | 13 +++-
.../manager/server/model/dto/ServiceDTO.java | 2 -
.../manager/server/stack/model/ServiceModel.java | 2 -
.../src/main/resources/ddl/MySQL-DDL-CREATE.sql | 2 -
.../services/hdfs/configuration/core-site.xml | 26 +++-----
.../services/hdfs/configuration/hadoop-policy.xml | 70 ++++++++++++++--------
.../services/hdfs/configuration/hdfs-site.xml | 6 +-
.../services/hdfs/configuration/ssl-client.xml | 1 -
.../services/hdfs/configuration/ssl-server.xml | 2 -
.../stacks/bigtop/3.3.0/services/hdfs/metainfo.xml | 1 -
.../bigtop/3.3.0/services/kafka/metainfo.xml | 1 -
.../stacks/bigtop/3.3.0/services/tez/metainfo.xml | 1 -
.../services/yarn/configuration/yarn-site.xml | 64 +++++++++-----------
.../stacks/bigtop/3.3.0/services/yarn/metainfo.xml | 1 -
.../bigtop/3.3.0/services/zookeeper/metainfo.xml | 1 -
.../stacks/nop/1.0.0/services/kafka/metainfo.xml | 1 -
.../nop/1.0.0/services/zookeeper/metainfo.xml | 1 -
.../manager/stack/common/utils/BaseParams.java | 4 +-
.../manager/stack/common/utils/LocalSettings.java | 5 +-
.../manager/stack/core/hook/AbstractHook.java | 23 +++----
31 files changed, 109 insertions(+), 141 deletions(-)
diff --git
a/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CacheMessagePayload.java
b/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CacheMessagePayload.java
index 05f96cf..aff34fa 100644
---
a/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CacheMessagePayload.java
+++
b/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CacheMessagePayload.java
@@ -41,7 +41,7 @@ public class CacheMessagePayload extends BasePayload {
private ClusterInfo clusterInfo;
- private Map<String, Set<String>> userInfo;
+ private Map<String, String> userInfo;
private List<RepoInfo> repoInfo;
diff --git
a/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CommandPayload.java
b/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CommandPayload.java
index a279e2b..a3b7a3c 100644
---
a/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CommandPayload.java
+++
b/bigtop-manager-common/src/main/java/org/apache/bigtop/manager/common/message/entity/payload/CommandPayload.java
@@ -48,8 +48,6 @@ public class CommandPayload extends BasePayload {
private String serviceUser;
- private String serviceGroup;
-
private String stackName;
private String stackVersion;
diff --git
a/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/ServicePO.java
b/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/ServicePO.java
index e0b26e9..f49a254 100644
---
a/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/ServicePO.java
+++
b/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/ServicePO.java
@@ -76,9 +76,6 @@ public class ServicePO extends BasePO {
@Column(name = "service_user")
private String serviceUser;
- @Column(name = "service_group")
- private String serviceGroup;
-
@Column(name = "required_services")
private String requiredServices;
diff --git
a/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/TaskPO.java
b/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/TaskPO.java
index a6fc092..c58e5c4 100644
---
a/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/TaskPO.java
+++
b/bigtop-manager-dao/src/main/java/org/apache/bigtop/manager/dao/po/TaskPO.java
@@ -93,9 +93,6 @@ public class TaskPO extends BasePO {
@Column(name = "service_user")
private String serviceUser;
- @Column(name = "service_group")
- private String serviceGroup;
-
@Lob
@Basic(fetch = FetchType.LAZY)
@Column(name = "content", length = 16777216)
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/AbstractComponentStage.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/AbstractComponentStage.java
index 946acf9..9e2b589 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/AbstractComponentStage.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/AbstractComponentStage.java
@@ -74,7 +74,6 @@ public abstract class AbstractComponentStage extends
AbstractStage {
taskContext.setComponentName(componentDTO.getComponentName());
taskContext.setComponentDisplayName(componentDTO.getDisplayName());
taskContext.setServiceUser(serviceDTO.getServiceUser());
- taskContext.setServiceGroup(serviceDTO.getServiceGroup());
taskContext.setRoot(clusterPO.getRoot());
Map<String, Object> properties = new HashMap<>();
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/CacheFileUpdateStage.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/CacheFileUpdateStage.java
index 960b25f..9223af7 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/CacheFileUpdateStage.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/CacheFileUpdateStage.java
@@ -72,7 +72,6 @@ public class CacheFileUpdateStage extends AbstractStage {
taskContext.setStackVersion(stageContext.getStackVersion());
taskContext.setServiceName("cluster");
taskContext.setServiceUser("root");
- taskContext.setServiceGroup("root");
taskContext.setComponentName("agent");
taskContext.setComponentDisplayName("Agent");
taskContext.setCommand(Command.CUSTOM);
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/HostCheckStage.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/HostCheckStage.java
index eea7846..8e8a5fe 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/HostCheckStage.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/stage/HostCheckStage.java
@@ -61,7 +61,6 @@ public class HostCheckStage extends AbstractStage {
taskContext.setStackVersion(stageContext.getStackVersion());
taskContext.setServiceName("cluster");
taskContext.setServiceUser("root");
- taskContext.setServiceGroup("root");
taskContext.setComponentName("agent");
taskContext.setComponentDisplayName("Agent");
taskContext.setCommand(Command.CUSTOM);
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractComponentTask.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractComponentTask.java
index 7160dd7..7ab444f 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractComponentTask.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractComponentTask.java
@@ -57,7 +57,6 @@ public abstract class AbstractComponentTask extends
AbstractTask {
commandPayload.setServiceName(taskContext.getServiceName());
commandPayload.setCommand(getCommand());
commandPayload.setServiceUser(taskContext.getServiceUser());
- commandPayload.setServiceGroup(taskContext.getServiceGroup());
commandPayload.setStackName(taskContext.getStackName());
commandPayload.setStackVersion(taskContext.getStackVersion());
commandPayload.setComponentName(taskContext.getComponentName());
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractTask.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractTask.java
index d9d0fee..c0916ee 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractTask.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/AbstractTask.java
@@ -129,7 +129,6 @@ public abstract class AbstractTask implements Task {
taskPO.setHostname(taskContext.getHostname());
taskPO.setServiceName(taskContext.getServiceName());
taskPO.setServiceUser(taskContext.getServiceUser());
- taskPO.setServiceGroup(taskContext.getServiceGroup());
taskPO.setComponentName(taskContext.getComponentName());
taskPO.setCommand(getCommand());
taskPO.setCustomCommand(getCustomCommand());
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/CacheFileUpdateTask.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/CacheFileUpdateTask.java
index 5dbe5e9..cde6536 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/CacheFileUpdateTask.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/CacheFileUpdateTask.java
@@ -83,7 +83,7 @@ public class CacheFileUpdateTask extends AbstractTask {
private Map<String, Map<String, Object>> serviceConfigMap;
private Map<String, Set<String>> hostMap;
private List<RepoInfo> repoList;
- private Map<String, Set<String>> userMap;
+ private Map<String, String> userMap;
private Map<String, Object> settingsMap;
public CacheFileUpdateTask(TaskContext taskContext) {
@@ -186,7 +186,7 @@ public class CacheFileUpdateTask extends AbstractTask {
});
userMap = new HashMap<>();
- servicePOList.forEach(x -> userMap.put(x.getServiceUser(),
Set.of(x.getServiceGroup())));
+ servicePOList.forEach(x -> userMap.put(x.getServiceName(),
x.getServiceUser()));
settingsMap = new HashMap<>();
settings.forEach(x -> settingsMap.put(x.getTypeName(),
x.getConfigData()));
@@ -234,7 +234,7 @@ public class CacheFileUpdateTask extends AbstractTask {
hostMap.put(Constants.ALL_HOST_KEY, new HashSet<>(hostnames));
for (ServiceDTO serviceDTO : serviceDTOList) {
- userMap.put(serviceDTO.getServiceUser(),
Set.of(serviceDTO.getServiceGroup()));
+ userMap.put(serviceDTO.getServiceName(),
serviceDTO.getServiceUser());
}
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/TaskContext.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/TaskContext.java
index 1447736..02a2242 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/TaskContext.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/command/task/TaskContext.java
@@ -41,8 +41,6 @@ public class TaskContext {
private String serviceUser;
- private String serviceGroup;
-
private String componentName;
private String componentDisplayName;
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/ServiceConverter.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/ServiceConverter.java
index 9055076..bee6a7f 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/ServiceConverter.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/ServiceConverter.java
@@ -22,6 +22,7 @@ import org.apache.bigtop.manager.dao.po.ClusterPO;
import org.apache.bigtop.manager.dao.po.ServicePO;
import org.apache.bigtop.manager.server.config.MapStructSharedConfig;
import org.apache.bigtop.manager.server.model.dto.ServiceDTO;
+import org.apache.bigtop.manager.server.model.dto.StackDTO;
import org.apache.bigtop.manager.server.model.vo.ServiceVO;
import org.apache.bigtop.manager.server.stack.model.ServiceModel;
@@ -31,6 +32,7 @@ import org.mapstruct.Mapping;
import org.mapstruct.factory.Mappers;
import java.util.List;
+import java.util.stream.Collectors;
@Mapper(
uses = {ComponentConverter.class, ConverterTool.class},
@@ -48,15 +50,24 @@ public interface ServiceConverter {
List<ServiceVO> fromDTO2VO(List<ServiceDTO> serviceDTOList);
+ @Mapping(target = "serviceGroup", source = "stackDTO.userGroup")
+ ServiceVO fromDTO2VO(ServiceDTO serviceDTO, StackDTO stackDTO);
+
+ default List<ServiceVO> fromDTO2VO(List<ServiceDTO> serviceDTOList,
StackDTO stackDTO) {
+ return serviceDTOList.stream()
+ .map(serviceDTO -> fromDTO2VO(serviceDTO, stackDTO))
+ .collect(Collectors.toList());
+ }
+
@Mapping(target = "serviceName", source = "name")
@Mapping(target = "serviceDesc", source = "desc")
@Mapping(target = "serviceVersion", source = "version")
@Mapping(target = "serviceUser", source = "user")
- @Mapping(target = "serviceGroup", source = "group")
ServiceDTO fromModel2DTO(ServiceModel serviceModel);
@Mapping(target = "requiredServices", source = "requiredServices",
qualifiedByName = "json2List")
@Mapping(target = "clusterName", source = "clusterPO.clusterName")
+ @Mapping(target = "serviceGroup", source = "clusterPO.userGroup")
ServiceVO fromPO2VO(ServicePO servicePO);
List<ServiceVO> fromPO2VO(List<ServicePO> servicePOList);
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ServiceDTO.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ServiceDTO.java
index 4e47007..b0c5a32 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ServiceDTO.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ServiceDTO.java
@@ -35,8 +35,6 @@ public class ServiceDTO {
private String serviceUser;
- private String serviceGroup;
-
private List<OSSpecificDTO> osSpecifics;
private List<ComponentDTO> components;
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/stack/model/ServiceModel.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/stack/model/ServiceModel.java
index b665ee0..944bb0a 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/stack/model/ServiceModel.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/stack/model/ServiceModel.java
@@ -42,8 +42,6 @@ public class ServiceModel {
private String user;
- private String group;
-
@XmlElementWrapper(name = "os-specifics")
@XmlElements(@XmlElement(name = "os-specific"))
private List<OSSpecificModel> osSpecifics;
diff --git a/bigtop-manager-server/src/main/resources/ddl/MySQL-DDL-CREATE.sql
b/bigtop-manager-server/src/main/resources/ddl/MySQL-DDL-CREATE.sql
index 3d9460b..1573200 100644
--- a/bigtop-manager-server/src/main/resources/ddl/MySQL-DDL-CREATE.sql
+++ b/bigtop-manager-server/src/main/resources/ddl/MySQL-DDL-CREATE.sql
@@ -206,7 +206,6 @@ CREATE TABLE `task`
`custom_command` VARCHAR(255),
`hostname` VARCHAR(255),
`name` VARCHAR(255),
- `service_group` VARCHAR(255),
`service_name` VARCHAR(255),
`service_user` VARCHAR(255),
`stack_name` VARCHAR(255),
@@ -260,7 +259,6 @@ CREATE TABLE `service`
`os_specifics` VARCHAR(255),
`required_services` VARCHAR(255),
`service_desc` VARCHAR(255),
- `service_group` VARCHAR(255),
`service_name` VARCHAR(255),
`service_user` VARCHAR(255),
`service_version` VARCHAR(255),
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/core-site.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/core-site.xml
index 1d072df..9f76aee 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/core-site.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/core-site.xml
@@ -53,9 +53,7 @@
<name>fs.defaultFS</name>
<!-- cluster variant -->
<value>hdfs://localhost:8020</value>
- <description>The name of the default file system. Either the
- literal string "local" or a host:port for HDFS.
- </description>
+ <description>The name of the default file system. Either the literal
string "local" or a host:port for HDFS.</description>
<final>true</final>
</property>
<property>
@@ -73,16 +71,14 @@
<property>
<name>ipc.client.idlethreshold</name>
<value>8000</value>
- <description>Defines the threshold number of connections after which
- connections will be inspected for idleness.
+ <description>
+ Defines the threshold number of connections after which
connections will be inspected for idleness.
</description>
</property>
<property>
<name>ipc.client.connection.maxidletime</name>
<value>30000</value>
- <description>The maximum time after which a client will bring down the
- connection to the server.
- </description>
+ <description>The maximum time after which a client will bring down the
connection to the server.</description>
</property>
<property>
<name>ipc.client.connect.max.retries</name>
@@ -93,18 +89,16 @@
<name>ipc.server.tcpnodelay</name>
<value>true</value>
<description>Turn on/off Nagle's algorithm for the TCP socket
- connection on
- the server. Setting to true disables the algorithm and may
- decrease latency
- with a cost of more/smaller packets.
+ connection on the server. Setting to true disables the algorithm
and may
+ decrease latency with a cost of more/smaller packets.
</description>
</property>
<property>
<name>hadoop.http.authentication.type</name>
<value>simple</value>
<description>
- Defines authentication used for Oozie HTTP endpoint. Supported
values are: simple | kerberos |
- #AUTHENTICATION_HANDLER_CLASSNAME#
+ Defines authentication used for Oozie HTTP endpoint.
+ Supported values are: simple | kerberos |
#AUTHENTICATION_HANDLER_CLASSNAME#
</description>
</property>
<property>
@@ -118,9 +112,7 @@
<property>
<name>hadoop.security.authorization</name>
<value>false</value>
- <description>
- Enable authorization for different protocols.
- </description>
+ <description>Enable authorization for different
protocols.</description>
</property>
<property>
<name>hadoop.security.auth_to_local</name>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hadoop-policy.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hadoop-policy.xml
index 812963e..ac9aae6 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hadoop-policy.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hadoop-policy.xml
@@ -35,7 +35,8 @@
for block recovery.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.datanode.protocol.acl</name>
@@ -44,7 +45,8 @@
communicate with the namenode.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.inter.datanode.protocol.acl</name>
@@ -53,7 +55,8 @@
for updating generation timestamp.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.namenode.protocol.acl</name>
@@ -62,7 +65,8 @@
namenode to communicate with the namenode.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.admin.operations.protocol.acl</name>
@@ -70,7 +74,8 @@
<description>ACL for AdminOperationsProtocol. Used for admin commands.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.refresh.user.mappings.protocol.acl</name>
@@ -79,7 +84,8 @@
users mappings. The ACL is a comma-separated list of user and
group names. The user and group list is separated by a blank. For
e.g. "alice,bob users,wheel". A special value of "*" means all
- users are allowed.</description>
+ users are allowed.
+ </description>
</property>
<property>
<name>security.refresh.policy.protocol.acl</name>
@@ -88,13 +94,15 @@
dfsadmin and mradmin commands to refresh the security policy
in-effect.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.ha.service.protocol.acl</name>
<value>*</value>
<description>ACL for HAService protocol used by HAAdmin to manage the
- active and stand-by states of namenode.</description>
+ active and stand-by states of namenode.
+ </description>
</property>
<property>
<name>security.router.admin.protocol.acl</name>
@@ -108,8 +116,7 @@
<property>
<name>security.zkfc.protocol.acl</name>
<value>*</value>
- <description>ACL for access to the ZK Failover Controller
- </description>
+ <description>ACL for access to the ZK Failover Controller</description>
</property>
<property>
<name>security.qjournal.service.protocol.acl</name>
@@ -120,9 +127,7 @@
<property>
<name>security.interqjournal.service.protocol.acl</name>
<value>*</value>
- <description>ACL for InterQJournalProtocol, used by the JN to
- communicate with other JN
- </description>
+ <description>ACL for InterQJournalProtocol, used by the JN to
communicate with other JN</description>
</property>
<property>
<name>security.mrhs.client.protocol.acl</name>
@@ -131,7 +136,8 @@
communciate with the MR History Server job status etc.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<!-- YARN Protocols -->
<property>
@@ -141,7 +147,8 @@
ResourceManager and NodeManager to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.resourcemanager-administration.protocol.acl</name>
@@ -149,7 +156,8 @@
<description>ACL for ResourceManagerAdministrationProtocol, for admin
commands.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.applicationclient.protocol.acl</name>
@@ -158,7 +166,8 @@
and applications submission clients to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.applicationmaster.protocol.acl</name>
@@ -167,7 +176,8 @@
and ApplicationMasters to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.containermanagement.protocol.acl</name>
@@ -176,7 +186,8 @@
and ApplicationMasters to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.resourcelocalizer.protocol.acl</name>
@@ -185,7 +196,8 @@
and ResourceLocalizer to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.job.task.protocol.acl</name>
@@ -194,7 +206,8 @@
tasks to communicate with the parent tasktracker.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.job.client.protocol.acl</name>
@@ -203,7 +216,8 @@
communciate with the MR ApplicationMaster to query job status etc.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.applicationhistory.protocol.acl</name>
@@ -212,7 +226,8 @@
server and the generic history service client to communicate with
each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.collector-nodemanager.protocol.acl</name>
@@ -222,7 +237,8 @@
to communicate with each other.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.applicationmaster-nodemanager.applicationmaster.protocol.acl</name>
@@ -231,7 +247,8 @@
and ApplicationMasters to communicate.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
<property>
<name>security.distributedscheduling.protocol.acl</name>
@@ -240,6 +257,7 @@
and Resourcemanager to communicate.
The ACL is a comma-separated list of user and group names. The
user and
group list is separated by a blank. For e.g. "alice,bob
users,wheel".
- A special value of "*" means all users are allowed.</description>
+ A special value of "*" means all users are allowed.
+ </description>
</property>
</configuration>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hdfs-site.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hdfs-site.xml
index 74b2354..aba8603 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hdfs-site.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/hdfs-site.xml
@@ -102,8 +102,7 @@
<name>dfs.replication</name>
<value>3</value>
<display-name>Block replication</display-name>
- <description>Default block replication.
- </description>
+ <description>Default block replication.</description>
</property>
<property>
<name>dfs.heartbeat.interval</name>
@@ -216,8 +215,7 @@
</property>
<property>
<name>dfs.permissions.superusergroup</name>
- <value>hdfs</value>
- <property-type>GROUP</property-type>
+ <value>hadoop</value>
<description>The name of the group of super-users.</description>
</property>
<property>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-client.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-client.xml
index c8954d8..b3373cc 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-client.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-client.xml
@@ -32,7 +32,6 @@
<property>
<name>ssl.client.truststore.password</name>
<value/>
- <property-type>PASSWORD</property-type>
<description>Password to open the trust store file.</description>
</property>
<property>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-server.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-server.xml
index 07db2fe..c51efea 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-server.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/configuration/ssl-server.xml
@@ -32,7 +32,6 @@
<property>
<name>ssl.server.truststore.password</name>
<value>bigdata</value>
- <property-type>PASSWORD</property-type>
<description>Password to open the trust store file.</description>
</property>
<property>
@@ -53,7 +52,6 @@
<property>
<name>ssl.server.keystore.password</name>
<value>bigdata</value>
- <property-type>PASSWORD</property-type>
<description>Password to open the keystore file.</description>
</property>
<property>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/metainfo.xml
index 26f77bd..52dd1fb 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/hdfs/metainfo.xml
@@ -25,7 +25,6 @@
<desc>Apache Hadoop Distributed File System.</desc>
<version>3.3.6-1</version>
<user>hdfs</user>
- <group>hdfs</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/kafka/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/kafka/metainfo.xml
index 844ba3e..93febf4 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/kafka/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/kafka/metainfo.xml
@@ -29,7 +29,6 @@
</desc>
<version>2.8.2-1</version>
<user>kafka</user>
- <group>kafka</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/tez/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/tez/metainfo.xml
index 42ef5e2..86c9ed8 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/tez/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/tez/metainfo.xml
@@ -25,7 +25,6 @@
<desc>Tez is the next generation Hadoop Query Processing framework
written on top of YARN.</desc>
<version>0.10.2-1</version>
<user>tez</user>
- <group>tez</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/configuration/yarn-site.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/configuration/yarn-site.xml
index a718fae..15ba17e 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/configuration/yarn-site.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/configuration/yarn-site.xml
@@ -37,9 +37,7 @@
<property>
<name>yarn.resourcemanager.address</name>
<value>0.0.0.0:8032</value>
- <description>
- The address of the applications manager interface in the RM.
- </description>
+ <description>The address of the applications manager interface in the
RM.</description>
</property>
<property>
<name>yarn.resourcemanager.admin.address</name>
@@ -122,13 +120,13 @@
<name>yarn.nodemanager.aux-services</name>
<value>mapreduce_shuffle</value>
<description>Auxilliary services of NodeManager. A valid service name
should only contain
- a-zA-Z0-9_ and can
- not start with numbers</description>
+ a-zA-Z0-9_ and can not start with numbers
+ </description>
</property>
<property>
<name>yarn.nodemanager.aux-services.mapreduce_shuffle.class</name>
<value>org.apache.hadoop.mapred.ShuffleHandler</value>
- <description>The auxiliary service class to use </description>
+ <description>The auxiliary service class to use</description>
</property>
<property>
<name>yarn.nodemanager.log-dirs</name>
@@ -162,13 +160,6 @@
waits between two cycles of monitoring its containers' memory
usage.
</description>
</property>
- <!--
- <property>
- <name>yarn.nodemanager.health-checker.script.path</name>
- <value>/etc/hadoop/conf/health_check_nodemanager</value>
- <description>The health check script to run.</description>
- </property>
- -->
<property>
<name>yarn.nodemanager.health-checker.interval-ms</name>
<value>135000</value>
@@ -183,28 +174,26 @@
<name>yarn.nodemanager.log.retain-seconds</name>
<value>604800</value>
<description>
- Time in seconds to retain user logs. Only applicable if
- log aggregation is disabled.
+ Time in seconds to retain user logs. Only applicable if log
aggregation is disabled.
</description>
</property>
<property>
<name>yarn.log-aggregation-enable</name>
<value>true</value>
- <description>Whether to enable log aggregation. </description>
+ <description>Whether to enable log aggregation.</description>
<display-name>Enable Log Aggregation</display-name>
</property>
<property>
<name>yarn.nodemanager.remote-app-log-dir</name>
<display-name>YARN NodeManager Remote App Log directory</display-name>
<value>/app-logs</value>
- <description>Location to aggregate logs to. </description>
+ <description>Location to aggregate logs to.</description>
</property>
<property>
<name>yarn.nodemanager.remote-app-log-dir-suffix</name>
<value>logs</value>
<description>
- The remote log dir will be created at
- {yarn.nodemanager.remote-app-log-dir}/${user}/{thisParam}.
+ The remote log dir will be created at
{yarn.nodemanager.remote-app-log-dir}/${user}/{thisParam}.
</description>
</property>
<property>
@@ -314,21 +303,22 @@
<name>manage.include.files</name>
<value>false</value>
<description>If true this will manage include file if
- yarn.resourcemanager.nodes.include-path is
configured.</description>
+ yarn.resourcemanager.nodes.include-path is configured.
+ </description>
</property>
<property>
<name>yarn.http.policy</name>
<value>HTTP_ONLY</value>
<description>
This configures the HTTP endpoint for Yarn Daemons.The following
values are supported: -
- HTTP_ONLY : Service is provided only on http - HTTPS_ONLY :
Service is provided only on
- https
+ HTTP_ONLY : Service is provided only on http - HTTPS_ONLY :
Service is provided only on https
</description>
</property>
<property>
<name>yarn.timeline-service.enabled</name>
<value>true</value>
- <description>Indicate to clients whether timeline service is enabled
or not.
+ <description>
+ Indicate to clients whether timeline service is enabled or not.
If enabled, clients will put entities and events to the timeline
server.
</description>
</property>
@@ -379,27 +369,26 @@
<value>2678400000</value>
</property>
<property>
- <description>Length of time to wait between deletion cycles of leveldb
timeline store in
- milliseconds.</description>
<name>yarn.timeline-service.leveldb-timeline-store.ttl-interval-ms</name>
<value>300000</value>
+ <description>Length of time to wait between deletion cycles of leveldb
timeline store in milliseconds.</description>
</property>
<property>
<name>yarn.timeline-service.recovery.enabled</name>
+ <value>true</value>
<description>
Enable timeline server to recover state after starting. If
true, then yarn.timeline-service.state-store-class must be
specified.
</description>
- <value>true</value>
</property>
<property>
<name>yarn.acl.enable</name>
<value>false</value>
- <description> Are acls enabled. </description>
+ <description>Are acls enabled.</description>
</property>
<property>
<name>yarn.authorization-provider</name>
- <description> Yarn authorization provider class.</description>
+ <description>Yarn authorization provider class.</description>
</property>
<property>
<name>yarn.admin.acl</name>
@@ -426,44 +415,45 @@
<property>
<name>yarn.timeline-service.entity-group-fs-store.group-id-plugin-classes</name>
<value />
- <description>Plugins that can translate a timeline entity read request
into a list of
- timeline cache ids, separated by commas. </description>
+ <description>
+ Plugins that can translate a timeline entity read request into a
list of timeline cache ids, separated by commas.
+ </description>
</property>
<!-- advanced ats v1.5 properties-->
<property>
<name>yarn.timeline-service.entity-group-fs-store.summary-store</name>
- <description>Summary storage for ATS v1.5</description>
<!-- Use rolling leveldb, advanced -->
<value>org.apache.hadoop.yarn.server.timeline.RollingLevelDBTimelineStore</value>
+ <description>Summary storage for ATS v1.5</description>
</property>
<property>
<name>yarn.timeline-service.entity-group-fs-store.scan-interval-seconds</name>
+ <!-- Default is 60 seconds, advanced -->
+ <value>60</value>
<description>
Scan interval for ATS v1.5 entity group file system storage
reader.This
value controls how frequent the reader will scan the HDFS active
directory
for application status.
</description>
- <!-- Default is 60 seconds, advanced -->
- <value>60</value>
</property>
<property>
<name>yarn.timeline-service.entity-group-fs-store.cleaner-interval-seconds</name>
+ <!-- 3600 is default, advanced -->
+ <value>3600</value>
<description>
Scan interval for ATS v1.5 entity group file system storage
cleaner.This
value controls how frequent the reader will scan the HDFS done
directory
for stale application data.
</description>
- <!-- 3600 is default, advanced -->
- <value>3600</value>
</property>
<property>
<name>yarn.timeline-service.entity-group-fs-store.retain-seconds</name>
+ <!-- 7 days is default, advanced -->
+ <value>604800</value>
<description>
How long the ATS v1.5 entity group file system storage will keep an
application's data in the done directory.
</description>
- <!-- 7 days is default, advanced -->
- <value>604800</value>
</property>
<property>
<name>yarn.log.server.web-service.url</name>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/metainfo.xml
index 9e0d03d..eeb5863 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/yarn/metainfo.xml
@@ -25,7 +25,6 @@
<desc>Apache Hadoop NextGen MapReduce (YARN)</desc>
<version>3.3.6-1</version>
<user>yarn</user>
- <group>yarn</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/zookeeper/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/zookeeper/metainfo.xml
index 043b67e..620bf9c 100644
---
a/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/zookeeper/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/bigtop/3.3.0/services/zookeeper/metainfo.xml
@@ -28,7 +28,6 @@
</desc>
<version>3.7.2-1</version>
<user>zookeeper</user>
- <group>zookeeper</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/kafka/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/kafka/metainfo.xml
index dd3d0c2..c2c8df6 100644
---
a/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/kafka/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/kafka/metainfo.xml
@@ -29,7 +29,6 @@
</desc>
<version>2.8.2</version>
<user>kafka</user>
- <group>kafka</group>
<components>
<component>
diff --git
a/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/zookeeper/metainfo.xml
b/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/zookeeper/metainfo.xml
index 1ebb84c..0151b68 100644
---
a/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/zookeeper/metainfo.xml
+++
b/bigtop-manager-server/src/main/resources/stacks/nop/1.0.0/services/zookeeper/metainfo.xml
@@ -28,7 +28,6 @@
</desc>
<version>3.6.4</version>
<user>zookeeper</user>
- <group>zookeeper</group>
<components>
<component>
diff --git
a/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/BaseParams.java
b/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/BaseParams.java
index 9bf2d60..6d69cb7 100644
---
a/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/BaseParams.java
+++
b/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/BaseParams.java
@@ -134,9 +134,7 @@ public abstract class BaseParams implements Params {
}
public String group() {
- return StringUtils.isNotBlank(this.commandPayload.getServiceGroup())
- ? this.commandPayload.getServiceGroup()
- : ROOT_USER;
+ return LocalSettings.cluster().getUserGroup();
}
public String serviceName() {
diff --git
a/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/LocalSettings.java
b/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/LocalSettings.java
index 5d44465..e57eb3a 100644
---
a/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/LocalSettings.java
+++
b/bigtop-manager-stack/bigtop-manager-stack-common/src/main/java/org/apache/bigtop/manager/stack/common/utils/LocalSettings.java
@@ -33,7 +33,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
-import java.util.Set;
@Slf4j
public class LocalSettings {
@@ -87,9 +86,9 @@ public class LocalSettings {
return settings;
}
- public static Map<String, Set<String>> users() {
+ public static Map<String, String> users() {
- Map<String, Set<String>> userMap = new HashMap<>();
+ Map<String, String> userMap = new HashMap<>();
File file = new File(Constants.STACK_CACHE_DIR +
CacheFiles.USERS_INFO);
if (file.exists()) {
userMap = JsonUtils.readFromFile(file, new TypeReference<>() {});
diff --git
a/bigtop-manager-stack/bigtop-manager-stack-core/src/main/java/org/apache/bigtop/manager/stack/core/hook/AbstractHook.java
b/bigtop-manager-stack/bigtop-manager-stack-core/src/main/java/org/apache/bigtop/manager/stack/core/hook/AbstractHook.java
index a6b2b67..be241eb 100644
---
a/bigtop-manager-stack/bigtop-manager-stack-core/src/main/java/org/apache/bigtop/manager/stack/core/hook/AbstractHook.java
+++
b/bigtop-manager-stack/bigtop-manager-stack-core/src/main/java/org/apache/bigtop/manager/stack/core/hook/AbstractHook.java
@@ -25,7 +25,6 @@ import
org.apache.bigtop.manager.stack.common.utils.linux.LinuxAccountUtils;
import lombok.extern.slf4j.Slf4j;
import java.util.Map;
-import java.util.Set;
@Slf4j
public abstract class AbstractHook implements Hook {
@@ -47,22 +46,16 @@ public abstract class AbstractHook implements Hook {
protected abstract void doAfter();
private void addUserAndGroup() {
- Map<String, Set<String>> users = LocalSettings.users();
- String userGroup = LocalSettings.cluster().getUserGroup();
+ Map<String, String> users = LocalSettings.users();
+ String group = LocalSettings.cluster().getUserGroup();
+ LinuxAccountUtils.groupAdd(group);
- for (Map.Entry<String, Set<String>> user : users.entrySet()) {
- Set<String> groups = user.getValue();
- for (String group : groups) {
- log.info("Adding group: {}", group);
- LinuxAccountUtils.groupAdd(group);
- }
+ for (Map.Entry<String, String> user : users.entrySet()) {
+ String service = user.getKey();
+ String username = user.getValue();
- log.info(
- "Adding user: {} to primary group: {} and supplementary
groups: [{}]",
- user.getKey(),
- userGroup,
- String.join(",", groups));
- LinuxAccountUtils.userAdd(user.getKey(), userGroup, groups);
+ log.info("Adding user: {} to group: {}", username, group);
+ LinuxAccountUtils.userAdd(username, group, null);
}
}
}
