Repository: incubator-ranger Updated Branches: refs/heads/master a0d63e751 -> 5702966e7
RANGER-859 : Allow user to define custom log directory during Ranger installation Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/5702966e Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/5702966e Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/5702966e Branch: refs/heads/master Commit: 5702966e74198ea6d1d9a78c962001d0b71b078a Parents: a0d63e7 Author: Gautam Borad <[email protected]> Authored: Wed Mar 23 13:42:50 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue Mar 29 13:06:49 2016 +0530 ---------------------------------------------------------------------- .../scripts/ranger-admin-services.sh | 8 ++-- .../ranger/server/tomcat/EmbeddedServer.java | 11 +++-- kms/scripts/install.properties | 4 +- kms/scripts/ranger-kms | 6 +-- kms/scripts/setup.sh | 20 ++++++--- security-admin/scripts/install.properties | 5 +-- security-admin/scripts/setup.sh | 21 +++++---- .../scripts/ranger-usersync-services.sh | 7 ++- unixauthservice/scripts/setup.py | 45 +++++++++++++++++++- 9 files changed, 94 insertions(+), 33 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/embeddedwebserver/scripts/ranger-admin-services.sh ---------------------------------------------------------------------- diff --git a/embeddedwebserver/scripts/ranger-admin-services.sh b/embeddedwebserver/scripts/ranger-admin-services.sh index 880ff49..92016b6 100755 --- a/embeddedwebserver/scripts/ranger-admin-services.sh +++ b/embeddedwebserver/scripts/ranger-admin-services.sh @@ -47,18 +47,18 @@ if [ "$JAVA_HOME" != "" ]; then fi cd ${XAPOLICYMGR_EWS_DIR} -if [ ! -d logs ] +if [ -z "${RANGER_ADMIN_LOG_DIR}" ] then - mkdir logs + RANGER_ADMIN_LOG_DIR=${XAPOLICYMGR_EWS_DIR}/logs fi start() { - java -Dproc_rangeradmin ${JAVA_OPTS} -Dlogdir=${XAPOLICYMGR_EWS_DIR}/logs/ -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*:$CLASSPATH" org.apache.ranger.server.tomcat.EmbeddedServer > logs/catalina.out 2>&1 & + java -Dproc_rangeradmin ${JAVA_OPTS} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*:$CLASSPATH" org.apache.ranger.server.tomcat.EmbeddedServer > ${RANGER_ADMIN_LOG_DIR}/catalina.out 2>&1 & echo "Apache Ranger Admin has started." } stop(){ - java ${JAVA_OPTS} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:$CLASSPATH" org.apache.ranger.server.tomcat.StopEmbeddedServer > logs/catalina.out 2>&1 + java ${JAVA_OPTS} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:$CLASSPATH" org.apache.ranger.server.tomcat.StopEmbeddedServer > ${RANGER_ADMIN_LOG_DIR}/catalina.out 2>&1 echo "Apache Ranger Admin has been stopped." } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java ---------------------------------------------------------------------- diff --git a/embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java b/embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java index 14e339f..d49ea61 100644 --- a/embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java +++ b/embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java @@ -69,7 +69,13 @@ public class EmbeddedServer { public void start() { Tomcat server = new Tomcat(); - + + String logDir = null; + logDir = getConfig("logdir"); + if(logDir == null) + { + logDir = getConfig("kms.log.dir"); + } String hostName = getConfig("ranger.service.host"); int serverPort = getIntConfig("ranger.service.http.port", 6181); int sslPort = getIntConfig("ranger.service.https.port", -1); @@ -120,9 +126,8 @@ public class EmbeddedServer { } updateHttpConnectorAttribConfig(server); - File baseDir = new File("."); - File logDirectory = new File(baseDir, "logs"); + File logDirectory = new File(logDir); if (!logDirectory.exists()) { logDirectory.mkdirs(); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/kms/scripts/install.properties ---------------------------------------------------------------------- diff --git a/kms/scripts/install.properties b/kms/scripts/install.properties index cf5dd92..d30b28c 100755 --- a/kms/scripts/install.properties +++ b/kms/scripts/install.properties @@ -210,12 +210,14 @@ SSL_KEYSTORE_PASSWORD=myKeyFilePassword SSL_TRUSTSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-truststore.jks SSL_TRUSTSTORE_PASSWORD=changeit +# Custom log directory path +RANGER_KMS_LOG_DIR=$PWD + # ################# DO NOT MODIFY ANY VARIABLES BELOW ######################### # # --- These deployment variables are not to be modified unless you understand the full impact of the changes # ################################################################################ - KMS_DIR=$PWD app_home=$PWD/ews/webapp TMPFILE=$PWD/.fi_tmp http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/kms/scripts/ranger-kms ---------------------------------------------------------------------- diff --git a/kms/scripts/ranger-kms b/kms/scripts/ranger-kms index dfde6d5..74ecd05 100755 --- a/kms/scripts/ranger-kms +++ b/kms/scripts/ranger-kms @@ -48,9 +48,9 @@ fi cd ${RANGER_KMS_EWS_DIR} -if [ ! -d logs ] +if [ -z "${RANGER_KMS_LOG_DIR}" ] then - mkdir logs + RANGER_KMS_LOG_DIR=${RANGER_KMS_EWS_DIR}/logs fi @@ -64,7 +64,7 @@ STOP_CLASS_NAME="org.apache.ranger.server.tomcat.StopEmbeddedServer" #KMS_CONFIG_FILENAME=kms_webserver.properties KMS_CONFIG_FILENAME=ranger-kms-site.xml -TOMCAT_LOG_DIR=/var/log/ranger/kms +TOMCAT_LOG_DIR=${RANGER_KMS_LOG_DIR} TOMCAT_LOG_FILE=${TOMCAT_LOG_DIR}/catalina.out TOMCAT_STOP_LOG_FILE=${TOMCAT_LOG_DIR}/stop_catalina.out http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/kms/scripts/setup.sh ---------------------------------------------------------------------- diff --git a/kms/scripts/setup.sh b/kms/scripts/setup.sh index 0a825c7..64abcc7 100755 --- a/kms/scripts/setup.sh +++ b/kms/scripts/setup.sh @@ -83,6 +83,7 @@ sqlserver_core_file=$(get_prop 'sqlserver_core_file' $PROPFILE) sqlanywhere_core_file=$(get_prop 'sqlanywhere_core_file' $PROPFILE) cred_keystore_filename=$(eval echo "$(get_prop 'cred_keystore_filename' $PROPFILE)") KMS_BLACKLIST_DECRYPT_EEK=$(get_prop 'KMS_BLACKLIST_DECRYPT_EEK' $PROPFILE) +RANGER_KMS_LOG_DIR=$(eval echo "$(get_prop 'RANGER_KMS_LOG_DIR' $PROPFILE)") DB_HOST="${db_host}" @@ -647,13 +648,18 @@ setup_install_files(){ fi fi - if [ ! -d ${KMS_DIR}/ews/logs ]; then - log "[I] ${KMS_DIR}/ews/logs folder" - mkdir -p ${KMS_DIR}/ews/logs - fi - if [ -d ${KMS_DIR}/ews/logs ]; then - chown -R ${unix_user} ${KMS_DIR}/ews/logs - fi + if [ -z "${RANGER_KMS_LOG_DIR}" ] || [ ${RANGER_KMS_LOG_DIR} == ${KMS_DIR} ]; then + RANGER_KMS_LOG_DIR=${KMS_DIR}/ews/logs; + fi + if [ ! -d ${RANGER_KMS_LOG_DIR} ]; then + log "[I] ${RANGER_KMS_LOG_DIR} Ranger KMS Log folder" + mkdir -p ${RANGER_KMS_LOG_DIR} + fi + if [ -d ${RANGER_KMS_LOG_DIR} ]; then + chown -R ${unix_user} ${RANGER_KMS_LOG_DIR} + fi + echo "export RANGER_KMS_LOG_DIR=${RANGER_KMS_LOG_DIR}" > ${WEBAPP_ROOT}/WEB-INF/classes/conf/ranger-kms-env-logdir.sh + chmod a+rx ${WEBAPP_ROOT}/WEB-INF/classes/conf/ranger-kms-env-logdir.sh log "[I] Setting up installation files and directory DONE"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/security-admin/scripts/install.properties ---------------------------------------------------------------------- diff --git a/security-admin/scripts/install.properties b/security-admin/scripts/install.properties index cb10769..1d9d207 100644 --- a/security-admin/scripts/install.properties +++ b/security-admin/scripts/install.properties @@ -180,15 +180,14 @@ sso_query_param_originalurl=originalUrl # #-------- SSO CONFIG - END ------------------ -# ----------------------------------------------------------- -# +# Custom log directory path +RANGER_ADMIN_LOG_DIR=$PWD # ################# DO NOT MODIFY ANY VARIABLES BELOW ######################### # # --- These deployment variables are not to be modified unless you understand the full impact of the changes # ################################################################################ - XAPOLICYMGR_DIR=$PWD app_home=$PWD/ews/webapp TMPFILE=$PWD/.fi_tmp http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/security-admin/scripts/setup.sh ---------------------------------------------------------------------- diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh index ce08686..bf29ed6 100755 --- a/security-admin/scripts/setup.sh +++ b/security-admin/scripts/setup.sh @@ -115,6 +115,7 @@ sso_providerurl=$(get_prop 'sso_providerurl' $PROPFILE) sso_publickey=$(get_prop 'sso_publickey' $PROPFILE) sso_cookiename=$(get_prop 'sso_cookiename' $PROPFILE) sso_query_param_originalurl=$(get_prop 'sso_query_param_originalurl' $PROPFILE) +RANGER_ADMIN_LOG_DIR=$(eval echo "$(get_prop 'RANGER_ADMIN_LOG_DIR' $PROPFILE)") DB_HOST="${db_host}" @@ -1012,14 +1013,18 @@ setup_install_files(){ fi fi - if [ ! -d ${XAPOLICYMGR_DIR}/ews/logs ]; then - log "[I] ${XAPOLICYMGR_DIR}/ews/logs folder" - mkdir -p ${XAPOLICYMGR_DIR}/ews/logs - fi - if [ -d ${XAPOLICYMGR_DIR}/ews/logs ]; then - chown -R ${unix_user} ${XAPOLICYMGR_DIR}/ews/logs - chown -R ${unix_user} ${XAPOLICYMGR_DIR}/ews/logs/* - fi + if [ -z "${RANGER_ADMIN_LOG_DIR}" ] || [ ${RANGER_ADMIN_LOG_DIR} == ${XAPOLICYMGR_DIR} ]; then + RANGER_ADMIN_LOG_DIR=${XAPOLICYMGR_DIR}/ews/logs; + fi + if [ ! -d ${RANGER_ADMIN_LOG_DIR} ]; then + log "[I] ${RANGER_ADMIN_LOG_DIR} Ranger Log folder" + mkdir -p ${RANGER_ADMIN_LOG_DIR} + fi + if [ -d ${RANGER_ADMIN_LOG_DIR} ]; then + chown -R ${unix_user} ${RANGER_ADMIN_LOG_DIR} + fi + echo "export RANGER_ADMIN_LOG_DIR=${RANGER_ADMIN_LOG_DIR}" > ${WEBAPP_ROOT}/WEB-INF/classes/conf/ranger-admin-env-logdir.sh + chmod a+rx ${WEBAPP_ROOT}/WEB-INF/classes/conf/ranger-admin-env-logdir.sh log "[I] Setting up installation files and directory DONE"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/unixauthservice/scripts/ranger-usersync-services.sh ---------------------------------------------------------------------- diff --git a/unixauthservice/scripts/ranger-usersync-services.sh b/unixauthservice/scripts/ranger-usersync-services.sh index 4b3d4d4..622c986 100644 --- a/unixauthservice/scripts/ranger-usersync-services.sh +++ b/unixauthservice/scripts/ranger-usersync-services.sh @@ -47,8 +47,6 @@ if [ "${action}" == "START" ]; then export PATH=$JAVA_HOME/bin:$PATH fi - logdir=/var/log/ranger/usersync - cp="${cdir}/dist/*:${cdir}/lib/*:${cdir}/conf" if [ -f $pidf ]; then @@ -64,6 +62,11 @@ if [ "${action}" == "START" ]; then cd ${cdir} umask 0077 + if [ -z "${logdir}" ] + then + logdir=${cdir}/logs + fi + nohup java -Dproc_rangerusersync -Dlog4j.configuration=file:/etc/ranger/usersync/conf/log4j.xml ${JAVA_OPTS} -Dlogdir="${logdir}" -cp "${cp}" org.apache.ranger.authentication.UnixAuthenticationService -enableUnixAuth > ${logdir}/auth.log 2>&1 & echo $! > ${pidf} chown ranger ${pidf} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5702966e/unixauthservice/scripts/setup.py ---------------------------------------------------------------------- diff --git a/unixauthservice/scripts/setup.py b/unixauthservice/scripts/setup.py index fface25..8bb3bf0 100755 --- a/unixauthservice/scripts/setup.py +++ b/unixauthservice/scripts/setup.py @@ -26,6 +26,7 @@ from time import gmtime, strftime, localtime from xml import etree import shutil import pwd, grp +globalDict = {} if (not 'JAVA_HOME' in os.environ): print "ERROR: JAVA_HOME environment variable is not defined. Please define JAVA_HOME before running this script" @@ -35,7 +36,7 @@ debugLevel = 1 generateXML = 0 installPropDirName = '.' pidFolderName = '/var/run/ranger' -logFolderName = '/var/log/ranger' +#logFolderName = '/var/log/ranger' initdDirName = '/etc/init.d' rangerBaseDirName = '/etc/ranger' @@ -58,7 +59,7 @@ PROP2ALIASMAP = { 'ranger.usersync.ldap.ldapbindpassword':'ranger.usersync.ldap. installTemplateDirName = join(installPropDirName,'templates') confDistDirName = join(installPropDirName, confDistBaseDirName) -ugsyncLogFolderName = join(logFolderName, 'usersync') +#ugsyncLogFolderName = join(logFolderName, 'usersync') nativeAuthFolderName = join(installPropDirName, 'native') nativeAuthProgramName = join(nativeAuthFolderName, 'credValidator.uexe') usersyncBaseDirFullName = join(rangerBaseDirName, usersyncBaseDirName) @@ -84,6 +85,26 @@ SYNC_SOURCE_LIST = [ SYNC_SOURCE_UNIX, SYNC_SOURCE_LDAP ] SYNC_LDAP_BIND_PASSWORD_KEY = 'ranger.usersync.ldap.ldapbindpassword' credUpdateClassName = 'org.apache.ranger.credentialapi.buildks' #credUpdateClassName = 'com.hortonworks.credentialapi.buildks' +ENV_LOGDIR_FILE = 'ranger-usersync-env-logdir.sh' + + +RANGER_USERSYNC_HOME = os.getenv("RANGER_USERSYNC_HOME") +if RANGER_USERSYNC_HOME is None: + RANGER_USERSYNC_HOME = os.getcwd() + +def populate_global_dict(): + global globalDict + read_config_file = open(os.path.join(RANGER_USERSYNC_HOME,'install.properties')) + for each_line in read_config_file.read().split('\n') : + if len(each_line) == 0 : continue + if re.search('=', each_line): + key , value = each_line.strip().split("=",1) + key = key.strip() + if 'PASSWORD' in key: + jceks_file_path = os.path.join(RANGER_USERSYNC_HOME, 'jceks','ranger_db.jceks') + value = '' + value = value.strip() + globalDict[key] = value def archiveFile(originalFileName): archiveDir = dirname(originalFileName) @@ -286,9 +307,22 @@ def createJavaKeystoreForSSL(fn,passwd): sys.exit(1) return ret +def write_env_files(log_path): + final_path = "{0}/{1}".format(confBaseDirName,ENV_LOGDIR_FILE) + if not os.path.isfile(final_path): + print "Creating %s file" % ENV_LOGDIR_FILE + f = open(final_path, "w") + f.write("export logdir={0}".format(log_path)) + f.close() def main(): + populate_global_dict() + logFolderName = globalDict['logdir'] + if logFolderName.lower() == "$pwd" or logFolderName == "" : + logFolderName = os.path.join(os.getcwd(),"logs") + ugsyncLogFolderName = logFolderName + dirList = [ rangerBaseDirName, usersyncBaseDirName, confFolderName, certFolderName ] for dir in dirList: if (not os.path.isdir(dir)): @@ -325,6 +359,8 @@ def main(): mergeProps.update(modifiedInstallProps) localLogFolderName = mergeProps['ranger.usersync.logdir'] + if localLogFolderName.lower() == "$pwd" or localLogFolderName == "" : + localLogFolderName = logFolderName if (not os.path.isdir(localLogFolderName)): if (localLogFolderName != ugsyncLogFolderName): os.symlink(ugsyncLogFolderName, localLogFolderName) @@ -386,6 +422,7 @@ def main(): os.chown(ugsyncLogFolderName,ownerId,groupId) os.chown(pidFolderName,ownerId,groupId) os.chown(rangerBaseDirName,ownerId,groupId) + os.chown(usersyncBaseDirFullName,ownerId,groupId) initializeInitD(ownerName) @@ -448,4 +485,8 @@ def main(): else: print "WARNING: Unix Authentication Program (%s) is not available for setting chmod(4550), chown(%s:%s) " % (nativeAuthProgramName, "root", groupName) + write_env_files(logFolderName); + os.chown(os.path.join(confBaseDirName, ENV_LOGDIR_FILE),ownerId,groupId) + os.chmod(os.path.join(confBaseDirName, ENV_LOGDIR_FILE),0755) + main()
