[
https://issues.apache.org/jira/browse/AMBARI-9480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14307250#comment-14307250
]
Robert Nettleton commented on AMBARI-9480:
------------------------------------------
There is no change to the java or python src code in this patch. This patch
only modifies the stack definition files, which do not have their own unit
tests, as far as I am aware.
The manual testing I performed with this patch is documented in the ReviewBoard
link in this JIRA.
> Ranger password properties are incorrectly included in Blueprint export
> -----------------------------------------------------------------------
>
> Key: AMBARI-9480
> URL: https://issues.apache.org/jira/browse/AMBARI-9480
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.0.0
> Reporter: Robert Nettleton
> Assignee: Robert Nettleton
> Fix For: 2.0.0
>
> Attachments: AMBARI-9480.patch
>
>
> Some new security configuration properties related to Ranger have been added
> to the stack definitions. Some of these properties are actually password
> configuration properties, but are not currently marked as such in the
> metadata.
> This causes exporting a Blueprint from a running cluster to include this
> password information in the exported Blueprint.
> Some of the Ranger-related password properties found across the stack are:
> REPOSITORY_CONFIG_PASSWORD
> SSL_TRUSTSTORE_PASSWORD
> SSL_KEYSTORE_PASSWORD
> The Ambari stack definitions need to be updated, such that these properties
> are marked as being of propert-type "PASSWORD". This will allow the
> Blueprint configuration processor to determine that these are indeed password
> properties, and should not be included in an exported Blueprint.
> I'm working on a fix for this, and will be submitting a patch shortly.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
